Web Server Load Balancing with NGINX Plus

Ensure Holistic Protection for
Modern Apps and APIs

Today’s application landscape has changed dramatically. Modern apps are microservices that run in containers, communicate via APIs, and deploy via automated CI/CD pipelines.

DevOps teams need to integrate security controls authorized by the security team across distributed environments without slowing release velocity or performance. NGINX App Protect is a modern app‑security solution that works seamlessly in DevOps environments as a robust WAF or app‑level DoS defense, helping you deliver secure apps from code to customer.

Diagram depicting eight types of attacks blocked by NGINX App Protect WAF and DoS

Wondering How NGINX App Protect Stacks Up Against Other WAFs?

Read the Report

Why Use NGINX App Protect?

  • Seamless NGINX Integration
  • Defense and Visibility
  • DevOps
  • Powerful, Lightweight WAF
  • Layer 7
    DoS Security
NGINX App Protect DOS and WAF topology

Save Time with Seamless NGINX Integration

Looking to quickly and easily integrate advanced app security into your NGINX Plus data‑plane instances?

NGINX App Protect:

  • Seamlessly integrates strong security controls with NGINX Plus and NGINX Ingress Controller
  • Defends against many advanced threats and evasive attacks
  • Reduces complexity and tool sprawl while delivering modern apps
NGINX App Protect WAF attack umbrella

Secure Apps with Rapid Threat Defense and Analytics

Want complete data plane security that’s lightweight, high‑performance, and designed for modern apps?

NGINX App Protect:

  • Provides agile, app‑centric security from the most advanced threats – well beyond basic signatures
  • Easily forwards security telemetry to third‑party analytics and visibility solutions
  • Leverages F5’s leading and trusted security expertise
  • Reduces false positives with high‑confidence signatures and automated behavior analysis

Align and Integrate Security with Agile DevOps Practices

Looking to automate controls and build a “Security-as-Code” practice?

NGINX App Protect:

  • Helps teams integrate security natively into CI/CD pipelines
  • Deploys as a lightweight software package, agnostic of underlying infrastructure
  • Leverages a declarative model for authoring security policies
  • Reduces time to market and lowers costs with DevOps‑aligned security controls
  • Decreases developer burden with a feedback loop for quick security remediation
NGINX App Protect WAF types of attacks

Protect Apps with a Powerful, DevOps‑Aligned WAF

Looking to secure your apps against the most sophisticated attacks?

NGINX App Protect WAF:

  • Provides robust security beyond basic signatures using trusted and proven F5 security technology
  • Secures apps anywhere NGINX Plus is deployed – on‑prem, Kubernetes environments, and everything in between
  • Shifts security closer to the application—baking it in, not bolting it on
  • Simplifies security provisioning and abstracts complexity through a tight integration with NGINX Controller

Secure Apps from Hard-to-Detect Attacks

Want to defend apps from advanced, evasive Layer 7 DoS attacks?

NGINX App Protect DoS:

  • Defends against hard-to-detect Layer 7 DoS attacks including HTTP(S) Slowloris, Slow POST, Challenge Collapsar, and more
  • Uses automated user and site behavior analysis to secure apps and improve policies
  • Leverages a no‑touch configuration model to simplify DoS security for modern applications
  • Applies consistent controls across app deployment environments
  • Integrates seamlessly with the NGINX platform

Technical Specifications


  • Docker
  • Kubernetes
  • Red Hat OpenShift Container Platform


  • x86

Operating Systems

  • Alpine Linux
  • CentOS
  • Debian
  • Red Hat Enterprise Linux
  • Ubuntu

Cloud Platforms

  • Amazon Web Services
  • Google Cloud Platform
  • Microsoft Azure

Visit NGINX Docs For Full Technical Specifications

Learn about modern app security solution that works seamlessly in DevOps environments.

NGINX App Protect documentation

Application Security with NGINX

NGINX Webinars

Application Security with NGINX

Join this webinar to learn how easy it is to leverage NGINX security solutions to protect your applications.

Can Application Security Be Pain Free?


Can Application Security Be Pain Free?

Application security is hard, but there are some best practices to help you achieve it: automate as much as possible, build security as a guardrail instead of a gate, select solutions that...

The Secret to Modern Application Security


The Secret to Modern Application Security

Learn how to keep your business agile through a microservices architecture combined with NGINX App Protect WAF, integrating early security policy automation into your DevOps process to...