Microsoft Network FrontDoor
Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Design Guidance:
Name | ||
Friendly Name | ||
Frontend Endpoints | ||
Frontend Endpoints-Id | ||
Frontend Endpoints-Name | ||
Frontend Endpoints-Host Name | ||
Tags |
Name |
Routing Rules-Id | ||
Routing Rules-Name | ||
Frontend Endpoints-Id | ||
Rules Engine-Id |
Name | |
Rules-Name | |
Tags |
Backend Pools-Id | ||
Backend Pools-Name | ||
Backends-Address | ||
Load Balancing Settings-Id | ||
Load Balancing Settings-Id | ||
Load Balancing Settings-Name | ||
Load Balancing Settings-Additional Latency Milliseconds | ||
Load Balancing Settings-Sample Size | ||
Load Balancing Settings-Successful Samples Required | ||
Backends-Priority | ||
Backends-Weight |
Design Guidance:
Backends-Backend Host Header |
Request Header Actions-Header Action Type | ||
Request Header Actions-Header Name | ||
Request Header Actions-Value | ||
Response Header Actions-Header Action Type | ||
Response Header Actions-Header Name | ||
Response Header Actions-Value |
Backends-Enabled State | ||
Backends-Private Link Alias |
Design Guidance:
Health Probe Settings-Id | ||
Health Probe Settings-Id | ||
Health Probe Settings-Name | ||
Health Probe Settings-Enabled State | ||
Health Probe Settings-Interval In Seconds | ||
Health Probe Settings-Path |
Backend Pools Settings-Enforce Certificate Name Check |
Frontend Endpoints-Session Affinity Enabled State |
Design Guidance:
Web Application Firewall Policy Link-Id |
Health Probe Settings-Health Probe Method |
Design Guidance:
Health Probe Settings-Protocol |
Routing Rules-Accepted Protocols | ||
Routing Rules-Enabled State | ||
Route Configuration-Forwarding Protocol | ||
Route Configuration-Redirect Protocol |
Backends-HTTP Port | ||
Backends-HTTPS Port |
Design Guidance:
Cache Configuration-Cache Duration |
Design Guidance:
Route Configuration-Redirect Type |
Match Conditions-Negate Condition | ||
Match Conditions-Rules Engine Match Value | ||
Match Conditions-Rules Engine Match Variable | ||
Match Conditions-Rules Engine Operator | ||
Match Conditions-Selector | ||
Match Conditions-Transforms | ||
Rules-Match Processing Behavior |
Custom Rules-Rules | |
Rules-Action | |
Rules-Enabled State | |
Rules-Match Conditions | |
Match Conditions-Match Value | |
Match Conditions-Match Variable | |
Match Conditions-Negate Condition | |
Match Conditions-Operator | |
Match Conditions-Selector | |
Match Conditions-Transforms | |
Rules-Priority | |
Rules-Rule Type | |
Managed Rules-Managed Rule Sets | |
Managed Rule Sets-Exclusions | |
Exclusions-Match Variable | |
Exclusions-Selector | |
Exclusions-Selector Match Operator | |
Managed Rule Sets-Rule Group Overrides | |
Rule Group Overrides-Exclusions | |
Exclusions-Match Variable | |
Exclusions-Selector | |
Exclusions-Selector Match Operator | |
Rule Group Overrides-Rule Group Name | |
Rule Group Overrides-Rules | |
Rules-Action | |
Rules-Enabled State | |
Rules-Exclusions | |
Exclusions-Match Variable | |
Exclusions-Selector | |
Exclusions-Selector Match Operator | |
Rules-Rule Id | |
Managed Rule Sets-Rule Set Type | |
Managed Rule Sets-Rule Set Version | |
Policy Settings-Custom Block Response Body | |
Policy Settings-Custom Block Response Status Code | |
Policy Settings-Enabled State | |
Policy Settings-Mode | |
Policy Settings-Redirect Url |
Design Guidance:
Rules-Rate Limit Duration In Minutes | |
Rules-Rate Limit Threshold |
Last modified 1yr ago