This is the next best thing after Microsoft Azure Relay to connect or expose your on-premise resources to the cloud. In the case of MS Azure Relay it remove the reliance on opening ports in the enterprise Firewall to expose WCF endpoints to the external world.
The Azure On-Premise data gateway takes a step ahead and embeds a software into the server that has the database (that the enterprise wishes to expose) .
The good part of the Azure On-Premise data gateway connection is that there we have the option to select ‘Azure Service Bus’ connection or ‘Non-Azure Service Bus’ connection , albeit with a performance cost attached -since performance suffers with Azure Service Bus connectivity .
The advantages with the Azure Service Bus connectivity is that we have the various options within the service Bus see Service Bus queues, topics, and subscriptions and Relay.The gateway acts as a bridge between the cloud and your on-premises server. Data transfer between the cloud and the gateway is secured through Azure Service Bus. The Service Bus creates a secure channel between the cloud and your on-premises server through an outbound connection on the gateway.
It is recommended that you whitelist the IP addresses, for your data region, in your firewall. You can download the Microsoft Azure Datacenter IP list. This list is updated weekly. The gateway will communicate with Azure Service Bus using the IP address along with the fully qualified domain name (FQDN). If you are forcing the gateway to communicate using HTTPS it will strictly use FQDN only, and no communication will happen using IP addresses.
There still remains the firewall connectivity and configuration that requires to be setup.