In this installment of our "Ask NGINX" series, we discuss how NGINX and NGINX Plus work with Diffie-Hellman, support for Datagram Transport Layer Security, how to control the lifetime of content in the cache, and how to add NGINX ModSecurity WAF to an NGINX Plus subscription.

With NGINX App Protect, you no longer have to choose between security and performance. It combines the proven effectiveness of F5’s advanced WAF technology with the agility and performance of NGINX Plus, to address the security challenges facing modern DevOps environments.

NGINX Plus R17 introduces support for two-stage rate limiting and TLS 1.3, the latest version of the Transport Layer Security protocol. Configuration of OpenID Connect is simpler and NGINX ModSecurity WAF is 2x faster than before. The NGINX JavaScript module has also been updated.

It's easy to implement PCI DSS best practices, such as using new versions of TLS rather than the older SSL, encrypting upstream as well as downstream communications, and adding a WAF, with NGINX Plus. Taking these steps will help you pass PCI DSS audits. Here's how to implement them.

NGINX Plus R15 introduces native gRPC proxying (used by Istio and other service mesh architectures), HTTP/2 server push, state sharing in a cluster, API gateway enhancements, OpenID Connect integration, NGINX JavaScript (njs) module enhancements, a new ALPN variable, dynamic module updates, and more.

Top 5 2017 blog posts: NGINX Plus Release 12, microservices, load balancing, security, and the NGINX Application Platform.

Owen Garrett presents a webinar about new features in NGINX Plus Release 10: NGINX ModSecurity WAF, JSON Web Tokens, transparent proxy, nginScript, and more.