We provide guidance on where to deploy application services in a Kubernetes environment, using WAF as an example. Depending on your needs, it can make sense to deploy your WAF at the "front door" of the environment, on the Ingress Controller, per-service, or per-Pod.
The overall solution to security can be complicated, but the most important piece of the puzzle is a web application firewall (WAF).
With NGINX App Protect, you no longer have to choose between security and performance. It combines the proven effectiveness of F5’s advanced WAF technology with the agility and performance of NGINX Plus, to address the security challenges facing modern DevOps environments.
The Signal Sciences Certified Module for NGINX Plus brings additional modern web and API security to the NGINX Plus platform. The combined solution helps enterprises replace outdated legacy WAF and load-balancing appliances, such as the F5 Advanced WAF and F5 BIG-IP.
Signal Sciences helps secure APIs, and individual services in a microservices architecture, running over HTTP/HTTPS on NGINX
Install the Wallarm web application firewall (WAF) to protect your NGINX Plus installation against many kinds of Layer 7 attacks.
Tyler Shields of Signal Sciences explains the alphabet soup of security-related terms, starting with WAF, and how they work together.
NGINX ModSecurity WAF protects you from a broad range of security threats, including DDoS attacks, SQLi, and XSS.