Microsoft Network ApplicationGateways
Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Design Guidance:
Authentication Certificates | ||
Authentication Certificates-Data | ||
Authentication Certificates-Name | ||
Authentication Certificates-Id | ||
SSL Certificates | ||
SSL Certificates-Data |
Design Guidance:
Autoscale Configuration | ||
Autoscale Configuration-Max Capacity | ||
Autoscale Configuration-Min Capacity | ||
Probe-Id | ||
Backend HTTP Settings Collection-Probe Enabled | ||
Probes | ||
Probes-Host | ||
Probes-Interval | ||
Match-Status Codes | ||
Probes-Min Servers | ||
Probes-Name | ||
Probes-Path | ||
Probes-Timeout | ||
Probes-Unhealthy Threshold | ||
Zones |
Design Guidance:
Backend Address Pools | ||
Backend Address Pools-Backend Addresses | ||
Backend Addresses-Fqdn | ||
Backend Addresses-Ip Address | ||
Backend Address Pools-Name | ||
Backend HTTP Settings Collection | ||
Backend HTTP Settings Collection-Name | ||
Backend HTTP Settings Collection-Port |
Design Guidance:
Backend HTTP Settings Collection-Affinity Cookie Name | ||
Backend HTTP Settings Collection-Cookie Based Affinity |
Design Guidance:
Backend HTTP Settings Collection-Protocol | ||
Probes-Protocol | ||
SSL Policy-Disabled SSL Protocols | ||
SSL Policy-Min Protocol Version | ||
Enable Fips | ||
SSL Policy-Cipher Suites | ||
SSL Policy-Policy Name | ||
SSL Policy-Policy Type | ||
SSL Policy |
HTTP Listeners-Host Name | ||
HTTP Listeners-Protocol | ||
HTTP Listeners-Require Server Name Indication |
Backend HTTP Settings Collection-Request Timeout |
Design Guidance:
Trusted Root Certificates-Id | ||
Trusted Root Certificates | ||
Trusted Root Certificates-Data | ||
Trusted Root Certificates-Key Vault Secret Id | ||
Trusted Root Certificates-Name |
SSL Certificate-Id |
Design Guidance:
Frontend Ipconfigurations | ||
Frontend Ipconfigurations-Name | ||
Frontend Ipconfigurations-Private Ipallocation Method | ||
Public Ipaddress-Id |
Design Guidance:
Frontend Ports-Port |
Design Guidance:
Redirect Configurations | ||
Redirect Configurations-Include Path | ||
Redirect Configurations-Include Query String | ||
Redirect Configurations-Redirect Type | ||
Target Listener-Id | ||
Redirect Configurations-Target Url |
Design Guidance:
SSL Certificates-Key Vault Secret Id | ||
SSL Certificates-Name | ||
SSL Certificates-Password |
Design Guidance:
Tags |
Tags |
Design Guidance:
Connection Draining-Drain Timeout In Sec | ||
Connection Draining-Enabled |
Design Guidance:
Firewall Policy-Id |
Firewall Policy-Id |
Web Application Firewall Configuration | ||
Web Application Firewall Configuration-Enabled | ||
Web Application Firewall Configuration-Firewall Mode | ||
Web Application Firewall Configuration-Rule Set Type | ||
Web Application Firewall Configuration-Rule Set Version |
Design Guidance:
Web Application Firewall Configuration-File Upload Limit In Mb | ||
Web Application Firewall Configuration-Max Request Body Size In Kb | ||
Web Application Firewall Configuration-Request Body Check |
HTTP Listeners | ||
Frontend Ipconfiguration-Id | ||
Frontend Port-Id |
Last modified 7mo ago