Microsoft Network FrontDoor
Best practices and references below are based on published guidance from the cloud service provider and may reference native capabilities the cloud service provider offers. If you are not using the native security capabilities, the same security requirement can be met using other security capabilities your organization utilizes
Design Guidance:
Name | ||
Friendly Name | ||
Frontend Endpoints | ||
Frontend Endpoints-Id | ||
Frontend Endpoints-Name | ||
Frontend Endpoints-Host Name | ||
Tags |
Name |
Routing Rules-Id | ||
Routing Rules-Name | ||
Frontend Endpoints-Id | ||
Rules Engine-Id |
Name | |
Rules-Name | |
Tags |
Backend Pools-Id | ||
Backend Pools-Name | ||
Backends-Address | ||
Load Balancing Settings-Id | ||
Load Balancing Settings-Id | ||
Load Balancing Settings-Name | ||
Load Balancing Settings-Additional Latency Milliseconds | ||
Load Balancing Settings-Sample Size | ||
Load Balancing Settings-Successful Samples Required | ||
Backends-Priority | ||
Backends-Weight |
Design Guidance:
Backends-Backend Host Header |
Request Header Actions-Header Action Type | ||
Request Header Actions-Header Name | ||
Request Header Actions-Value | ||
Response Header Actions-Header Action Type | ||
Response Header Actions-Header Name | ||
Response Header Actions-Value |
Backends-Enabled State | ||
Backends-Private Link Alias |
Design Guidance:
Health Probe Settings-Id | ||
Health Probe Settings-Id | ||
Health Probe Settings-Name | ||
Health Probe Settings-Enabled State | ||
Health Probe Settings-Interval In Seconds | ||
Health Probe Settings-Path |
Backend Pools Settings-Enforce Certificate Name Check |
Frontend Endpoints-Session Affinity Enabled State |
Design Guidance:
Web Application Firewall Policy Link-Id |
Health Probe Settings-Health Probe Method |
Design Guidance:
Health Probe Settings-Protocol |
Routing Rules-Accepted Protocols | ||
Routing Rules-Enabled State | ||
Route Configuration-Forwarding Protocol | ||
Route Configuration-Redirect Protocol |
Backends-HTTP Port | ||
Backends-HTTPS Port |
Design Guidance:
Cache Configuration-Cache Duration |
Design Guidance:
Route Configuration-Redirect Type |
Match Conditions-Negate Condition | ||
Match Conditions-Rules Engine Match Value | ||
Match Conditions-Rules Engine Match Variable | ||
Match Conditions-Rules Engine Operator | ||
Match Conditions-Selector | ||
Match Conditions-Transforms | ||
Rules-Match Processing Behavior |
Custom Rules-Rules | |
Rules-Action | |
Rules-Enabled State | |
Rules-Match Conditions | |
Match Conditions-Match Value | |
Match Conditions-Match Variable | |
Match Conditions-Negate Condition | |
Match Conditions-Operator | |
Match Conditions-Selector | |
Match Conditions-Transforms | |
Rules-Priority | |
Rules-Rule Type | |
Managed Rules-Managed Rule Sets | |
Managed Rule Sets-Exclusions |