NGINX.COM
Web Server Load Balancing with NGINX Plus

Comprehensive Security for
Modern Apps and APIs

NGINX App Protect is a lightweight software security solution that seamlessly integrates into DevOps environments as a robust web application firewall (WAF) and Layer 7 denial-of-service (DoS) defense. It is platform-agnostic and runs across distributed architectures and hybrid environments to deliver consistent protection.

Diagram depicting eight types of attacks blocked by NGINX App Protect WAF and DoS

Why Use NGINX App Protect?

  • Platform-Agnostic
  • Scalable Protection
  • DevSecOps
  • WAF Security
  • DoS Mitigation
NGINX App Protect can be deployed in multiple locations in modern app environment

Platform-Agnostic Security Deployment

Use the same WAF and DoS defense solution across distributed architectures and environments including on premises, hybrid, and multi-cloud. With NGINX App Protect you can:

  • Reduce complexity and tool sprawl using the NGINX portfolio for single-vendor app and API protection and attack mitigation
  • Deploy this uniquely flexible software form factor across all modern app topologies – from load balancers at the edge to API gateways and Kubernetes Ingress controllers to per-service or per-pod proxies inside the Kubernetes cluster
  • Build consistent security controls for web apps, microservices, containers, and APIs
  • Scale your Kubernetes apps in the cloud with a lightweight, high-performance, low-latency, and low-compute security solution
  • Integrate into CI/CD pipelines for easy security automation

Scalable, High-Performance App and API Protection

Leverage F5’s proven and trusted advanced WAF technology combined with the lightweight, high performance of NGINX for a fast, scalable, Layer 7 defense. With NGINX App Protect WAF and DoS you can:

  • Exceed basic OWASP Top 10 protection with over 7,500 advanced signatures, bot signatures, and threat campaign protection
  • Protect your organization’s HTTP/S and HTTP/2 applications, as well as protocols such as GraphQL (WAF), gRPC (WAF and DoS) and WebSocket (DoS)
  • Significantly reduce false positives by deploying in blocking mode with trusted high-confidence signatures
  • Enable cost-effective distributed DoS (DDoS) protection at scale with continuous measurement of mitigation effectiveness and adaptive learning for no-touch policy configuration
  • Easily gain centralized visibility and configuration management over your WAF fleet with built-in NGINX tools or by forwarding telemetry to third-party solutions
How to shift left using Security as Code with NGINX App Protect WAF and DoS for DevSecOps

Shift Left for DevSecOps

Enable a shift-left strategy where security is incorporated at every stage of the software development lifecycle (SDLC). With NGINX App Protect you can:

  • Reduce the cost of breaches by up to 80% via security automation
  • Implement DevSecOps with declarative security policies created by IT Security teams that enable developers to integrate security as code into CI/CD pipelines
  • Save time and money by finding and fixing vulnerabilities before an app is released into production
  • Maintain developer agility and innovation while building more reliable and secure apps
  • Accelerate time to market and reduce costs, staying ahead of the competition and keeping up with customer demand
NGINX App Protect WAF Blocks Layer 7 App and API Attacks at scale

Robust WAF Security

Improve security, accelerate DevOps, and simplify management of your apps and APIs for DevOps environments. With NGINX App Protect WAF you can:

  • Surpass basic OWASP Top 10 protection with over 7,500 advanced signatures, bot signatures, and threat campaign protection
  • Release apps faster with security automation that integrates seamlessly into CI/CD pipelines
  • Achieve high performance and throughput with 10x lower latency than AWS WAF for lower compute costs
  • Gain centralized visibility and easy security policy management for total control of your WAF fleet using NGINX Management Suite
  • Deploy as an embedded solution on NGINX Plus or NGINX Ingress Controller across all topologies from edge load balancer to inside a Kubernetes cluster as a per-pod proxy
NGINX App Protect DoS defends apps and APIs from Layer 7 DoS attacks

Denial of Service Mitigation for Layer 7 Attacks

Enhance security, automate defense, and accelerate protection of your apps and APIs from Layer 7 DoS attacks. With NGINX App Protect DoS you can:

  • Mitigate attacks faster with a multi-layered defense strategy leveraging eBPF technology
  • Use machine learning to greatly reduce false positives and adaptive learning for no-touch policy configuration
  • Get superior attack detection by going beyond tracking client traffic patterns with combined service health checks
  • Deploy natively on NGINX Plus or NGINX Ingress Controller as embedded DoS protection on the load balancer, API gateway, Ingress Controller, or inside the Kubernetes cluster as per-pod or per-service proxies
  • Automate security-as-code seamlessly into CI/CD pipelines for DevSecOps

Technical Specifications

Distributions

  • Docker
  • Kubernetes
  • Red Hat OpenShift Container Platform

Architectures

  • x86

Operating Systems

  • Alpine Linux
  • Amazon Linux
  • CentOS
  • Debian
  • Oracle Linux
  • Red Hat Enterprise Linux
  • Ubuntu

Cloud Platforms

  • Amazon Web Services
  • Google Cloud
  • Microsoft Azure
  • VMware
Docs

Visit NGINX Docs For Full Technical Specifications

Learn about modern app security solution that works seamlessly in DevOps environments.

NGINX App Protect documentation

Why Managing WAFs at Scale Requires Centralized Visibility and Configuration Management

Blog

Why Managing WAFs at Scale Requires Centralized Visibility and Configuration Management

NGINX Management Suite makes security easier and more reliable with centralized visibility and configuration management of NGINX App Protect WAF.

 
Shift Left for More Secure Apps with F5 NGINX

NGINX Webinars

Shift Left for More Secure Apps with F5 NGINX

Learn how to automate application security into your CI/CD pipeline with NGINX App Protect WAF and DoS and protect your apps from attacks.

 
Add Security to Your Amazon EKS with F5 NGINX

Ebook

Add Security to Your Amazon EKS with F5 NGINX

In this eBook, discover how you can prevent security breaches and protect your Kubernetes apps at scale using the NGINX Ingress Controller and NGINX App Protect WAF on AWS EKS.