Load Balancers

Benefits of KEMP LoadMaster for your Azure deployments


Oftentimes, customers who are considering deploying their solutions to Azure in a cloud-only or hybrid environments, have to make a choice between Azure’s built-in load balancing functionality, and third-party solutions available in Azure Marketplace. KEMP’s LoadMaster is an advanced, integrated Application Delivery Controller which offers many ways to optimize and secure cloud based workloads with features including:

This article provides an overview of some of the basic functionality of the KEMP Virtual LoadMaster (VLM) for Azure. It then shows how VLM for Azure can complement Microsoft’s cloud platform by considering three popular use cases. The first looks at how a single IP address can be used to deliver tailored services from differently configured back ends; the second covers SSL offload; the last illustrates single sign-on to cloud based resources. Further articles in this series will address additional Azure use cases enabled by LoadMaster.

Load Balancing Overview

KEMP has worked closely with Microsoft since the inception of the Azure cloud and was one of the first to offer full-featured ADC functionality through the Azure Marketplace. The features and functionality offered by KEMP LoadMaster for Azure allows customers to successfully deploy applications that rely heavily on Layer 7 application delivery functionality.

The following table provides a quick reference to the application delivery and load balancing features available from Azure’s built-in load balancing functionality and KEMP VLM for Azure:

Azure Load Balancer KEMP Loadmaster – for Azure
Application Aware – L7 Load Balancing
Content Switching
Reverse Proxy
Web Application Firewall
Hybrid Traffic Distribution

(Using Application Gateway)

(With Advanced Traffic Distribution)

Server Persistence

(Limited options)

L4 / L7 (Cookie and More)

SSL Termination / Offload

(Using Application Gateway)

(Full termination and offload capabilities with cipher selection)

Content caching and compression
Least Connection Scheduling
VM Resource Availability Awareness
High Availability

Using Traffic Manager

Support Basic Tier VM (20% savings)
Single Sign On
SmartCard (CAC) / Certificate Auth
Radius Auth
Kerberos Constrained Delegation Support

KEMP Virtual LoadMaster for Azure Use Cases

Let’s take a look a few of the most common use cases where customers chose KEMP LoadMaster for Azure for its ease of use and effectiveness to handle given application requirements.

Simplified Access to Complex Infrastructure

The advanced content switching capabilities of the VLM for Azure leverage regular expressions (REGEX) to modify and direct traffic to the correct Azure service. Figure 2 shows how incoming requests on a single IP address can be routed to an appropriate service depending on the type and content of the request. Content matching rules along with header modification functionality within KEMP’s LoadMaster for Azure provide the flexibility to create solutions that benefit from multiple Azure Platform as a Service (PaaS) offerings (such as Azure Web Sites) as well as Azure Infrastructure as a Service (IaaS) offerings.

When leveraging Azure PaaS for web, mobile or other applications, there’s often a need to incorporate several of these services into a single web site/portal to achieve an integrated end-user experience. With the advanced content switching capabilities of KEMP LoadMaster, customers attain both the ability to move these applications to the cloud for reduced TCO as well as the flexibility to leverage multiple services for the needs of the business.

Secure Traffic Management with SSL Offload and Reencrypt

When leveraging functionality offered by different Azure offerings, or when a service provider is required to provide separation amongst multiple customers, it becomes important to understand the content being requested and route the request to appropriate destination. This traffic segmentation often requires SSL offload and re-encrypt functionality. The offload and re-encrypt functionality provided by VLM for Azure ensures that customers are able to provide end-to-end secure connection while making appropriate application request routing decisions.

Utilizing SSL offload and re-encrypt functionality, VLM for Azure customers are also able to leverage other Layer 7 functionality such as Web Application (WAF) Firewall, pre-authentication and group based request routing (using the KEMP Edge Security Pack) and content caching and compression, to name a few..

Single Sign-On and Active Directory integration

As Microsoft adds new functionality to the Azure Active Directory offering, customers can benefit from other advanced functionality offered by KEMP.


The KEMP LoadMaster Edge Security Pack (ESP) provides security features such as single sign-on, pre-authentication and the ability to assign permitted groups. In addition, ESP can be configured to allow only specific URLs and virtual directories to be published through the LoadMaster.

With the introduction of Azure Active Directory Domain Services, AD can be extended into your virtual network and the KEMP Virtual LoadMaster for Azure can authenticate users directly. This configuration can provide seamless access to applications within Azure as well as single sign-on for multiple applications that are published using KEMP LoadMaster for Azure.

KEMP Virtual LoadMaster for Azure provides familiar, on-premises application delivery functionality in the Microsoft cloud. Customers looking for advanced Layer 7 ADC functionality for their applications find KEMP LoadMaster easy to deploy while providing advanced application health checks, multi-tenant hosting, a comprehensive set of load balancing algorithms and of course, high availability. When used in conjunction with KEMP’s new advanced offerings such as KEMP360 Central and KEMP360 Vision, customers also benefit from centralized control of their LoadMaster deployments and ensure the availability of their critical applications.

Exit mobile version