Azure Front Door vs CDN cost: caching or full app delivery?

Quick answer

Azure CDN is pure caching, billed mainly per GB egress (~$0.08-0.13/GB tiered) with no base fee. Front Door is a global app-delivery platform (load balancing + WAF + CDN) with a monthly base fee plus request and egress charges. Use CDN when you only need to cache static content cheaply; use Front Door when you need global routing, failover, or a WAF. Don't pay the Front Door base fee for a job CDN does.

These two get compared because Front Door includes CDN capabilities, so teams wonder whether to use it for everything. The cost answer is: Front Door does more and charges a base fee for it, while CDN is the cheapest way to do caching alone. Pick by which capabilities you actually need.

Two cost shapes

Azure CDN: mainly per-GB egress, tiered by volume and zone (~$0.08-0.13/GB). No meaningful base fee — at low traffic it costs almost nothing. Pure content caching and delivery.
Front Door (Standard/Premium): a monthly base fee per profile, plus outbound data transfer, inbound requests, and routing rules. Premium adds managed WAF and private-link origins. The base fee is a floor you pay even at low traffic.

What the Front Door premium buys

You're paying for application delivery, not just caching:

Global load balancing and health-probe failover across regions.
Path- and rule-based routing.
Managed WAF (Premium) at the edge.
SSL offload and private-link origins.

If you need none of those — just "serve my static assets faster and cheaper" — a CDN profile is the lower-cost choice. If you need global failover or a WAF, Front Door's base fee is buying real function you'd otherwise assemble from multiple services.

The lever that matters: cache hit ratio

For either service, the bill is driven by how much traffic reaches your origin. A high cache-hit ratio means the edge serves most requests, so you avoid origin egress and origin compute. Sensible TTLs and cacheable responses do more for the bill than the CDN-vs-Front-Door choice itself. This ties directly into broader egress cost — see how data-transfer/egress pricing works (AWS, but the caching logic is identical).

FAQ

What's the difference between Azure Front Door and Azure CDN cost?

Azure CDN is a pure content-delivery service billed mainly per GB of egress (tiered, roughly $0.08-0.13/GB depending on region and zone). Front Door is a global application-delivery platform — load balancing, WAF, and CDN — with a monthly base fee plus per-request and per-GB charges. Front Door costs more because it does more than caching.

How is Azure Front Door priced?

Standard and Premium tiers each carry a monthly base fee, plus charges for outbound data transfer, inbound requests, and routing rules. Premium adds managed WAF and private-link origins. The base fee means Front Door has a floor cost even at low traffic, unlike pure CDN.

When should I use Front Door instead of CDN?

Use Front Door when you need global load balancing across regions, a WAF, path-based routing, SSL offload, or health-probe failover — not just caching. Use Azure CDN (or Front Door's CDN capability) when all you need is to cache and serve static content closer to users at the lowest per-GB cost.

Does a CDN reduce my overall Azure bill?

Usually yes for content-heavy sites. Serving cached content from the CDN edge avoids repeated origin egress and origin compute. The CDN's per-GB egress is typically lower than (or comparable to) origin egress, and cache hits offload the origin entirely — so the more repeat traffic you serve, the more it saves.

How do I keep Front Door / CDN costs down?

Maximize cache hit ratio with sensible TTLs so fewer requests reach the origin, choose the tier that matches your need (don't pay Premium Front Door for a job CDN does), consolidate endpoints, and avoid caching tiny uncacheable responses that incur request charges without offloading bytes.

How does C3X estimate this?

Egress and requests are usage-driven, so C3X models them from c3x-usage.yml and prices the Front Door / CDN profile base fees, letting you compare the platform options against your expected traffic.

What to do next

Decide by capability, then model the traffic. C3X prices the Front Door and azurerm_cdn_frontdoor_profile base fees and takes egress/request volume from c3x-usage.yml, so you can compare a CDN profile against Front Door for your expected traffic. The quickstart runs it in minutes.