1500bytesAzure Application Gateway SKU
Choosing an Azure Application Gateway SKU
Application Gateway is available under a Standard_v2 SKU. Web Application Firewall (WAF) is available under a WAF_v2 SKU. The v2 SKU offers performance enhancements and adds support for critical new features like autoscaling, zone redundancy, and support for static VIPs. Existing features under the Standard and WAF SKU continue to be supported in the new v2 SKU.
Feature comparison between v1 SKU and v2 SKU
| Feature | v1 SKU | v2 SKU |
|---|---|---|
| Autoscaling | ✓ | |
| Zone redundancy | ✓ | |
| Static VIP | ✓ | |
| Azure Kubernetes Service (AKS) Ingress controller | ✓ | |
| Azure Key Vault integration | ✓ | |
| Rewrite HTTP(S) headers | ✓ | |
| Enhanced Network Control (NSG, Route Table, Private IP Frontend only) | ✓ | |
| URL-based routing | ✓ | ✓ |
| Multiple-site hosting | ✓ | ✓ |
| Mutual Authentication (mTLS) | ✓ | |
| Private Link support | ✓ | |
| Traffic redirection | ✓ | ✓ |
| Web Application Firewall (WAF) | ✓ | ✓ |
| WAF custom rules | ✓ | |
| WAF policy associations | ✓ | |
| Transport Layer Security (TLS)/Secure Sockets Layer (SSL) termination | ✓ | ✓ |
| End-to-end TLS encryption | ✓ | ✓ |
| Session affinity | ✓ | ✓ |
| Custom error pages | ✓ | ✓ |
| WebSocket support | ✓ | ✓ |
| HTTP/2 support | ✓ | ✓ |
| Connection draining | ✓ | ✓ |
| Proxy NTLM authentication | ✓ |
Choosing between Azure Application Gateway v2 and Web Application Firewall V2 SKUs
When choosing whether to deploy an Application Gateway or a Web Application Firewall, there are several factors you must consider, including the scaling strategy you want to follow.