The Significance of Azure Front Door and Storage Blobs

Azure Front Door has been integrated with Azure Storage blobs to improve the speed and security of static content delivery. This matters for various applications, including website hosting and file delivery.

How it works

1. A client connects securely to Azure Front Door using a custom domain and a TLS certificate provided by Front Door.
2. This connection terminates at a nearby Front Door point of presence (PoP), and the web application firewall (WAF) scans the request.
3. If the WAF deems the request's risk level too high, it blocks the request, and an HTTP 403 error is returned.
4. If the PoP's cache already contains a valid response, it is immediately returned to the client.
5. If not, the PoP sends the request to the origin storage account using Microsoft's backbone network and a separate, long-lived, TCP connection.
6. Private Link is used for a secure connection to the storage account.
7. The storage account responds to the Front Door PoP, which then stores the response in its cache for future requests and returns it to the client.
8. Direct internet requests to the storage account are blocked by the Azure Storage firewall.

If you want help optimizing Azure Front Door and Azure Storage blobs for your environment, our consultants at MADIT can walk you through the setup. Contact us to get started.