Azure Front Door offers a service that also works at the application layer (Layer 7). It is an Application Delivery Network (ADN) as a service, and it offers various load balancing capabilities for your applications. 

Both Azure Front Door and Azure Application Gateway are Layer 7 (HTTPS/HTTPS) load balancers. The difference between the two is that Front Door is a global service, whereas Application Gateway is a regional service. This means that Front Door can load balance between different scale units across multiple regions. Application Gateway is designed to load balance between different VMs/containers that are located inside the same scale unit. 

Azure Front Door offers the following features and capabilities:

• Accelerate application performance: End users can quickly connect to the nearest Front Door Point of Presence (POP) using the split TCP-based anycast protocol. It then uses Microsoft's global network to connect the application to the backend.
• Smart health probes: Front Door increases application availability with smart health probes. These probes will monitor the backends for both availability and latency, and provide instant automatic failover when a backend goes down. This way, you can run planned maintenance operations on your applications without any downtime. Traffic is redirected to alternative backends during maintenance.
• URL Path-Based Routing: This allows you to route traffic to backend pools based on the URL paths of the request.
• Multiple-site hosting: This allows you to configure more than one web application on the same Front Door configuration. This allows a more efficient topology for deployments. Azure Front Door can be configured to route a single web application to its own backend pool or to route multiple web applications to the same backend pool.
• Session affinity: Azure Front Door offers managed cookies, which can be used to keep a user session on the same application backend. This feature is suitable in scenarios where the session state is saved locally on the backend for a user session.
• Custom domains and certificate management: If you want your own domain name to be visible in the Front Door URL, a custom domain is necessary. This can be useful for branding purposes. Also, HTTPS for custom domain names is supported and can be done by uploading your own SSL certificate or by implementing Front Door-managed certificates.
• Secure Sockets Layer (SSL) termination: Front Door offers SSL termination, which speeds up the decryption process and reduces the processing burden on backend servers. Front Door supports both HTTP and HTTPS connectivity between Front Door environments and your backends. Thus, you can also set up end-to-end SSL encryption, if this is required.

• URL redirection: To ensure that all the communication between the users and the application occurs over an encrypted path, web applications are expected to automatically redirect any HTTP traffic to HTTPS. Azure Front Door offers the functionality to redirect HTTP traffic to HTTPS. It also allows you to redirect traffic to a different hostname, redirect traffic to a different path, or redirect traffic to a new query string in the URL.
• Application layer security: The Front Door platform is protected by Azure DDoS Protection Basic. It also allows you to create rate-limiting rules to battle malicious bot traffic and configure custom web application firewall rules for access control. This can protect your HTTP/HTTPS workload from exploitation based on client IP addresses, HTTP parameters, and country code. 
• URL rewrite: You can configure an optional custom forwarding path to support URL rewrite in Front Door. This path can be used when the request is made from the frontend to the backend. You can configure host headers when forwarding this request.
• Protocol support—IPv6 and HTTP/2 traffic: Front Door natively offers end-to-end IPv6 connectivity and the HTTP/2 protocol. The HTTP/2 protocol enables full-duplex communication between application backends and a client over a long-running TCP connection. 

In this section, we covered Azure Front Door. This concludes this chapter.