Application Gateway is Microsoft Azure PaaS service. It uses for Layer 7 level load balancing. It routes the request based on URL, Path, etc. It also comes with WAF SKU that I will not be going to discuss in this post. It mostly will be a focus on http/https request routing. Azure resources like VM, VMSS, App Service and any other public IP and FQDN can be put behind the Application Gateway and request can be routed to those resources.
Let’s consider when we need Application Gateway. Suppose you have requirements as below.
Example: https://internalsite.azurewebsites.net has multiple microservices, such as student, teacher, exam, registration, etc. When the user hit https://internalsite.azurewebsites.net then it should land to the main page. If the user hits to https://internalsite.azurewebsites.net/student then the user should land to student page and the request should be redirected to student microservices. In this case, you need a gateway service which can direct the request based on the path. One of that gateway is Azure Application Gateway.
On the other hand, Azure Load Balancer works at layer 4 and does load balancing based on IP address and port numbers. If your requirement is to do load balancing at layer 7, based on URL and path then you need to use Application Gateway.
Suppose, you have below application architecture. Multiple Microservices are running separably.
To make the application highly available, you can put in the multi region behind the Traffic Manager.
Application Gateway has also the capability of Web Application Firewall (WAF). Here you have two option, either go with Azure native WAF or go with your favorite WAF from a market place such as Barracuda, F5, SonicWall, Incapsula, etc.