NGINX App Protect Reviews

We use WAF as part of our security solution, protecting applications such as internet banking.

It is used both as a web application firewall and for load balancing. 

The most valuable feature is that I can establish different services from the firewall.

Using the standard configuration, it is very easy to set up.

The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary.

This solution would benefit from having a support portal that can be opened directly from the dashboard.

We have been using the NGINX WAF for five years.

This solution is very much stable. Once it is working, it stays working. We use it on a daily basis.

This solution is not really scalable. Both the virtual appliance and the physical appliance are limited in terms of how much traffic they can handle. If you need to scale up then you need to replace the box with a bigger one.

In my company, we have about 700 users. One of my customers has about 2,500 concurrent users, and another one has about 4,000. These are all internal users. I cannot tell how many external users are connecting from the internet, but it is an enormous number.

It takes time to deal with technical support because they are pretty busy, but when you get the support it is very good. They know what they're talking about.

Prior to using this solution, we tried open-source pfSense. However, most of my customers went to F5.

The initial installation is very simple. However, there is one issue with security certificates.

Any system that you publish that is a secure system needs to have a certificate implemented, and that is always a struggle. We have plenty of customers with this solution, and every time that we get to the step involving the certificate, extra work is required. It never works smoothly. You always have to go and manipulate the certificate and the system just to set it up. I'm not sure about the latest systems, but in the old models, this could not even be done through the GUI. You had to use the command line, even though the certificate is visible in the GUI. A combination of commands is required just to make it work.

The length of time to deploy a basic system is very short. For more complex scenarios, it can be a long process.

We do have a consultant to assist us with deployment. We do the initial configuration, but when it comes to things that don't work then we speak with F5 directly. 

We have two people in place to maintain this product. One is from IT and the other takes care of the networking aspect.

The licensing fees for this solution are pretty expensive for what it does, but there is no alternative. The only alternative is Imperva, but that is even more expensive.

There is not much variety when it comes to web application firewalls that are also load-balancing solutions. Imperva is an alternative, although it is more expensive.

My advice for anybody who is implementing this solution is to plan well. You have to make sure that you plan ahead and know what it is that you want to achieve, then gather all of the relevant information. Otherwise, if you start to configure it and then find out that you don't have the right application server, or the right policy, or the proper certificate to install and configure it, then the installation will be very long. On the other hand, if the plan is very good and you have all of the details in advance, along with the right people to test it, then it should be straightforward.

I would rate this solution an eight out of ten.

NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks.

NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution. In the next release, I'd like to see some enhancements in bot protection, API security, and mobile application security.

I've been using NGINX App Protect for four years.

NGINX App Protect is stable but has some areas for improvement, including HTML5 availability. I would rate its stability eight out of ten.

NGINX's technical support is good, but sometimes their response time is delayed, or they don't have the technical skills to resolve issues. We're seeing these issues despite having premium support.

Positive

I previously used Imperva WAF.

I would give NGINX App Protect a rating of eight out of ten.

NGINX App Protect has improved the flexibility of services in our company and distributed new escalation applications. The downtime in our network has decreased substantially. In a short time, we can republish and resolve issues in our network.

The most valuable feature of NGINX App Protect is its flexibility.

I have been using NGINX App Protect for approximately three years.

NGINX App Protect is stable.

The scalability of NGINX App Protect is decent.

We have approximately 500 people using the solution in my organization. We have IT specialists that work with the core mobile network.

We do not have technical support in Iran, we only use our own knowledge about the solution.

I did not use a similar solution previous to NGINX App Protect.

The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month.

I rate the setup difficulty of NGINX App Protect a four out of five.

We used an IT expert for the implementation of NGINX App Protect. We have three people who provide support for NGINX App Protect.

We have received a return on investment, NGINX App Protect was a good investment.

I rate the price of NGINX App Protect a three out of five.

There are not any additional costs we had to pay to use NGINX App Protect.

We have a complex project and we found some of our applications did not work as intended. However, moving forward we do not find we will experience this level of complexity.

I rate NGINX App Protect a nine out of ten.

We use this solution to protect our entire set of web applications. This includes protecting against vulnerabilities as a result of programming errors.

The most valuable feature is that there is a link in the system that will help to analyze the security of an application when something abnormal is found.

This firewall should support more of the network layers.

Profiling capability should be improved.

Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time.

I have been using the NGINX Web Application Firewall for more than a year and a half.

In terms of stability, this solution is much better than Imperva.

In terms of scalability, depending on the application, there is a limit to how many policies I can design.

The technical support for this solution has improved. Imperva used to be better, but now, NGINX is more responsive.

I have also used Imperva. The stability and interface are better in the NGINX WAF. For example, it is easier to create new policies. Technical support from NGINX is also more responsive than that of Imperva.

The initial setup was complex in terms of deployment and fine-tuning.

We have more than ten applications so it took us between four and five months to deploy.

We had to contract a third-party consultant to assist us with the deployment. We are satisfied with their work

Based on my experience, this solution is better than the other choices on the market.

I would rate this solution an eight out of ten.

Mail Proxy Server and SMTP are quite effective features in the product. The tool's API connectivity across the hybrid network is pretty impressive, which is almost the same as the threat intelligence capabilities of NGINX.

The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good.

The product should have more documentation, especially like the ones provided by other OEMs.

I have been using NGINX App Protect for five years. I use NGINX App Protect WAF Release 5.0. My company has a partnership with F5.

My company is currently dealing with one enterprise-sized company and one financial organization.

The product's initial setup phase was a bit difficult since the articles and other documentation were not that good.

When it comes to the implementation part, at least seven days are needed for the testing phase since there may be some struggles in several places, and one may have to go directly to the OEM just to make sure that we can study the tool properly.

The product's price is high.

If NGINX App Protect does not fit the budget of our customers, then my company recommends Radware to such clients. Radware's OEM engagement is better than that of NGINX App Protect.

I don't have any problem with NGINX App Protect's OEM engagement. When I directly engage with the tool's OEM, I see that they are really helpful. When it comes to OEM, F5 has an amazing feature set and is pretty technical. Technicians from F5 can help any time with any request of a client associated with the tool, and they also help to help clients so our company's deals with them can mature further.

The product is good since NGINX is involved in a lot of research and development work. Two years ago, my company used the firewall from NGINX. In the previous year, my company entered into a deal with Radware.

Whether I would recommend the product to others depends on their requirements and the type of business they are doing, among other factors.

Speaking about how the tool has been able to handle new and emerging security threats, I would say that my company is testing the product to see if it fits our requirements. My company is testing some threats.

My company has not tested the product with any of the tool's AI-driven security initiatives, but we may do so later since we are only working on one deal associated with Radware.

The tool is not complex and is very user-friendly.

I rate the tool a ten out of ten.

We use the solution for application firewall purposes. We use both mobile and web applications.

During the NGINX App Protect v1.1 upgrade, we encountered compatibility issues with our existing telecom infrastructure, specifically the load balancer and WAF. These issues manifested as difficulties with the HTTP 1.1 protocol. While attempting to solve the problem through upgrades, we ultimately opted for alternative solutions as the desired effect could not be achieved. This highlights the technical challenges of integrating NGINX App Protect with diverse network components.

I have been using NGINX App Protect for more than five years.

The product is stable.

I rate the solution’s stability an eight-point five out of ten.

The solution is scalable.

The customer service’s response should be faster.

The initial setup is straightforward. For deployment, we configured basic configuration, and after mounting, We observed our application for almost four months. After that, we proceed to enforcement blocking mode. Typically, all our applications are live, so we can't block it on day one. We observed it for a long time, like six months, and then we went into step-by-step blocking mode.

Three people are required for the solution's deployment.

The product is expensive and has a subscription-based licence.

NGINX App Protect's high price and limited support options can be a drawback. While troubleshooting basic issues is manageable, resolving advanced problems through paid support channels can be expensive and experience delays.

I recommend the solution if the client has no financial issues regarding their WAF or LTM solutions. Still, if they are budget constraints, one should think of other options like Fortinet.

Overall, I rate the solution an eight out of ten.

The most valuable feature of the solution is that IVF and ICSI are covered under the firewall option offered by the tool. I don't have a specific feature I like the most since I look at features through comparisons of different firewall products and the features of such tools.

The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required. The main menu can be quite confusing.

After you implement it, it's not so easy to understand how it works. Though in my company, we understand the basics of the product, if you want to explore the more advanced features, then the principal product doesn't explain it to us, which can be quite confusing when navigating through the main menu.

I have been using NGINX App Protect for five years. I use the solution in my company.

It is a stable solution.

In our company, we never tried to use the scalability options provided by the tool.

The solution's technical support is good. I rate the technical support an eight to nine out of ten.

Positive

Previously, our company was using Fortinet. I don't know why my company switched from Fortinet to NGINX App Protect because it happened before I joined the organization.

The product's initial setup phase was easy.

The price of NGINX App Protect is not much different from the products that fall under the leader category of Gartner Magic Quadrant.

My company needs to expand its options to see if some other brand apart from NGINX App Protect is faster.

As the license for NGINX App Protect in our company will expire in a few months, my company wants to make a decision on whether to extend the services of the tool or not based on the research we do on other platforms in the market.

My company is satisfied with the product.

For the user interface, I rate the product an eight out of ten.

For the functionalities of the product, I rate the tool a ten out of ten.

NGINX App Protect can be used as a reverse proxy, internet controller, and for caching.

NGINX App Protect has improved our organization by using the load balancer feature.

The most valuable feature of NGINX App Protect is the reverse proxy.

The price of NGINX App Protect could improve.

I have been using NGINX App Protect for approximately two years.

NGINX App Protect is stable. It is lightweight and fast.

The scalability of NGINX App Protect is good and it is easy to do.

The experience I had with the technical support was good.

We used another solution previously to NGINX App Protect. We switch to testing other solutions.

The initial setup of NGINX App Protect is basic. The full deployment took approximately one day.

We followed the documentation to do the implementation of NGINX App Protect in-house. We have one person that does the deployment and maintenance of the solution.

I have not seen a return on investment, it is too soon. We are only in the testing phase.

There is a monthly or annual subscription to use NGINX App Protect. There are not any additional costs to the subscription.

I rate the price of NGINX App Protect a three out of five.

I would recommend this solution to others because it performs well.

I rate NGINX App Protect a ten out of ten.