Microsoft Azure Application Gateway exposes your backend health API server
Firewall Weakness in Microsoft Azure’s Backplane Health Check I decided to do this write up because Microsoft doesn’t really give the full story on their website when describing why ports 65503-65534 need to be open to everything on the internet. Azure customers should be aware of this risk when deploying onto the Azure Cloud.
TLDR: Cloud providers need a way to connect to your instances in order to do health check monitoring for Service Level Agreements (SLA).
Read more ...