Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Azure Front Door and Azure CDN are both Azure services that offer global content delivery with intelligent routing and caching capabilities at the application layer. Both services can be used to optimize and accelerate your applications by providing a globally distributed network of points of presence (POP) close to your users. Both services also offer various features to help you secure your applications from malicious attacks and to help you monitor your application's health and performance.
Note
To switch between tiers, you must recreate the Azure Front Door profile:
- From Azure Front Door Standard to Premium: use the upgrade capability.
Service comparison
The following table provides a comparison between Azure Front Door Standard and Azure Front Door Premium.
| Features and optimizations | Front Door Standard | Front Door Premium |
|---|---|---|
| Delivery and acceleration | ||
| Static file delivery | ✓ | ✓ |
| Dynamic site delivery | ✓ | ✓ |
| WebSockets | Preview | Preview |
| Domains and certs | ||
| Custom domains | ✓ (DNS TXT record based domain validation) | ✓ (DNS TXT record based domain validation) |
| Prevalidated domain integration with Azure PaaS service | ✓ | ✓ |
| HTTPS support | ✓ | ✓ |
| Custom domain HTTPS | ✓ | ✓ |
| Bring your own certificate | ✓ | ✓ |
| Supported TLS versions | TLS1.3, TLS1.2 | TLS1.3, TLS1.2 |
| Caching | ||
| Query string caching | ✓ | ✓ |
| Cache management (purge, rules, and compression) | ✓ | ✓ |
| Cache behavior settings | ✓ (using standard rules engine) | ✓ (using standard rules engine) |
| Routing | ||
| Origin load balancing | ✓ | ✓ |
| Path based routing | ✓ | ✓ |
| Rules engine | ✓ | ✓ |
| Server variable | ✓ | ✓ |
| Regular expression in rules engine | ✓ | ✓ |
| URL redirect/rewrite | ✓ | ✓ |
| IPv4/IPv6 dual-stack | ✓ | ✓ |
| HTTP/2 support | ✓ | ✓ |
| Routing preference unmetered | Not required as Data transfer from Azure origin to AFD is free and path is directly connected | Not required as Data transfer from Azure origin to AFD is free and path is directly connected |
| Origin port | All TCP ports | All TCP ports |
| Customizable, rules based content delivery engine | ✓ | ✓ |
| Mobile device rules | ✓ | ✓ |
| Security | ||
| Custom Web Application Firewall (WAF) rules | ✓ | ✓ |
| Microsoft managed rule set | ✓ | |
| Bot protection | ✓ | |
| Private Link connection to origin | ✓ | |
| Geo-filtering | ✓ | ✓ |
| DDoS protection | ✓ | ✓ |
| Domain fronting block | ✓ | ✓ |
| Ease of use | ||
| Easy integration with Azure services, such as Storage and Web Apps | ✓ | ✓ |
| Management via REST API, .NET, de.js, or PowerShell | ✓ | ✓ |
| Compression MIME types | Configurable | Configurable |
| Compression encodings | gzip, brotli | gzip, brotli |
| Azure Policy integration | ✓ | ✓ |
| Azure Advisory integration | ✓ | ✓ |
| Managed Identities with Azure Key Vault | ✓ | ✓ |
| Pricing | Azure Front Door pricing | Azure Front Door pricing |
| Simplified pricing | ✓ | ✓ |