OpenAI’s open‑source model: gpt‑oss on Azure AI Foundry and Windows AI Foundry
August 7, 2025Open AI’s gpt-oss models on Azure Container Apps serverless GPUs
August 7, 2025
Overview
As Azure Application Gateway evolves, many organizations are considering how their existing on-premises solutions—such as F5, NetScaler, and Radware—can transition to leverage Azure’s native services. During this shift to cloud-native architecture, a frequent question arises:
‘Can Application Gateway support my current load balancing configurations?’”
The short answer: It depends on your use case. With the right approach, the transition can be smooth, scalable, and secure. Azure Application Gateway, especially when used with Azure-native services like Web Application Firewall (WAF), Azure Front Door, and Azure Firewall, can support common use cases.
This guide provides a functional comparison, outlines what’s supported and offers a blueprint for successful migration.
Key Capabilities of Application Gateway
Azure Application Gateway v2 brings a host of enhancements that align with the needs of modern, cloud-first organizations:
- Autoscaling & Zone Redundancy
- Native WAF + Azure DDoS Protection
- Native support for Header Rewrites, URL-based routing, and SSL termination
- Integration with Azure Monitor, Log Analytics, Defender for Cloud
- Azure-native deployment: ARM/Bicep, CLI, GitOps, Terraform, CI/CD
These features make App Gateway a strong option for cloud-first and hybrid scenarios, especially for cloud-first and hybrid scenarios. customers benefit from simplified operations, improved agility, and enhanced security.
What are ADC Rules?
On-premises ADCs (Application Delivery Controllers) often include advanced traffic management features, such as iRules and Citrix policy expressions. These Layer 4–7 devices go beyond basic load balancing, enabling traffic manipulation at various stages of the connection lifecycle. ADCs are powerful, flexible, and often deeply embedded in enterprise traffic logic. If you rely on these features, migration is still possible—Azure Application Gateway supports many commonly used functionalities out of the box.
Common ADCs scenarios:
- Redirects and rewrites
- IP filtering and geo-blocking
- Custom error handling
- Event-driven logic like HTTP_REQUEST, CLIENT_ACCEPTED
Application Gateway Feature Patterns
ADCs traffic management features are powerful and flexible, often deeply embedded in enterprise traffic flows. Application Gateway does provide native support for many common scenarios. In this guide, we’ll show you how to translate advanced rules typical patterns into configurations.
[Note]: When migrating WAF rules, enable detection mode first to identify false positives before enforcing blocks
|
Citrix Features |
iRule Feature |
App Gateway v2 Equivalent |
Supported for App Gateway? |
|
Responder Policies |
Redirects (301/302) |
Native redirect rules |
✅ |
|
Rewrite Policies |
Header rewrites |
Rewrite Set rules |
✅ |
|
GSLB + Responder Policies |
Geo-based Routing |
Combining with Azure Front Door |
✅ |
|
Content Switching Policies |
URL-based routing |
Path-based routing rules |
✅ |
|
Responder/ACLs |
IP filtering |
WAF custom rules or NSGs |
✅ |
|
GSLB + Policy Expressions |
Geo-blocking |
WAF rules |
✅ |
|
Content Switching Policies |
Path-based routing |
URL path maps |
✅ |
|
Content Switching / Rewrite Policies |
Header-based Routing |
Limited with parameter-based path selection |
➗ |
|
Advanced Policy Expressions (Regex supported) |
Regex-based routing |
Limited regex support via path parameters |
➗ |
|
Priority Queues / Rate Control |
Real-time traffic shaping |
Limited with Azure Front Door |
➗ |
|
AppExpert with TCP expressions |
TCP payload inspection |
Not supported |
❌ |
|
Not supported |
Event-driven hooks (HTTP_REQUEST, etc) |
Not supported |
❌ |
|
Not Supported |
Query Pool |
Not supported |
❌ |
|
Not supported |
Per-request scripting |
Not supported |
❌ |
|
Deep packet inspection + Policies (limited) |
Payload-based routing |
Not supported |
❌ |
|
Not supported |
Full scripting (TCL) |
Not supported |
❌ |
Translating Advanced Rules
Migrating features such as iRules and Citrix policy expressions from ADCs is less about line-by-line translation and more about recognizing patterns. Think of it as translating a language—not word-for-word, but intent-for-intent.
How to get started:
- Tool-assisted translation: Use Copilot or GPT-based tools to translate common ADC rule patterns.
- Inventory & analyze: Break complex rules into modular App Gateway functions (Redirects, Rewrites)
- Document: Document everything of original goal and their translated equivalents.
Where to Configure in Azure
You can implement routing and rewrite logic via:
- Azure portal UI
- Azure CLI / PowerShell (az network application-gateway)
- ARM templates / Bicep (for infrastructure-as-code deployments)
- REST API (for automation/CI-CD pipelines)
Example: Configure header rewrite in the portal
- Open your Application Gateway in the Azure portal
- Navigate to Rewrites on the sidebar
- Click + Add Rewrite Set, then apply it to your routing rule
- Define your rewrite conditions and actions
[NOTE]: Not sure what rewrites are? Learn more here about Rewrite HTTP Headers.
- Rewrite configuration: click + Add Rewrite set to apply a new Rewrite to your routing rule:
Resources
- Application Gateway v1 to v2: Migrate from App Gateway v1 to v2
- Best Practices: Architecture Best Practices for Azure Application Gateway v2 – Microsoft Azure Well-Architected Framework | Microsoft Learn
- Rewrites: https://learn.microsoft.com/en-us/azure/application-gateway/rewrite-http-headers-url
- Header-based routing: https://learn.microsoft.com/en-us/azure/application-gateway/parameter-based-path-selection-portal
- Tuning WAF rules: Tune Azure Web Application Firewall for Azure Front Door | Microsoft Learn
Conclusion
While AI-powered assistants can help interpret and translate common ADC traffic management patterns, manual recreation and validation of rules are still necessary to ensure accuracy and alignment with your specific requirements. Nevertheless, migrating to Application Gateway v2 is not only feasible—it represents a strategic move toward a modern, cloud-native infrastructure.
With thoughtful planning and the right mindset, organizations can maintain traffic flexibility while gaining the agility, scalability, and operational efficiency of the Azure ecosystem. If you are unsure whether your current on-premises configuration can be supported in Azure Application Gateway, please consult the official Azure documentation or reach out to Microsoft support for guidance.