NGINX App Protect Reviews

I use this solution as a web application firewall.

The most valuable feature is that NGINX uses the command-line interface, making it simple for some users.

Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks.

I've been using this solution for about three years.

App Protect has good stability. 

NGINX is very scalable, which is a great advantage of this product.

The technical support is very good. 

The initial setup was simple and took three to four days.

NGINX is not expensive.

I would rate this solution as eight out of ten.

We use this solution to protect our entire set of web applications. This includes protecting against vulnerabilities as a result of programming errors.

The most valuable feature is that there is a link in the system that will help to analyze the security of an application when something abnormal is found.

This firewall should support more of the network layers.

Profiling capability should be improved.

Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time.

I have been using the NGINX Web Application Firewall for more than a year and a half.

In terms of stability, this solution is much better than Imperva.

In terms of scalability, depending on the application, there is a limit to how many policies I can design.

The technical support for this solution has improved. Imperva used to be better, but now, NGINX is more responsive.

I have also used Imperva. The stability and interface are better in the NGINX WAF. For example, it is easier to create new policies. Technical support from NGINX is also more responsive than that of Imperva.

The initial setup was complex in terms of deployment and fine-tuning.

We have more than ten applications so it took us between four and five months to deploy.

We had to contract a third-party consultant to assist us with the deployment. We are satisfied with their work

Based on my experience, this solution is better than the other choices on the market.

I would rate this solution an eight out of ten.

We use WAF as part of our security solution, protecting applications such as internet banking.

It is used both as a web application firewall and for load balancing. 

The most valuable feature is that I can establish different services from the firewall.

Using the standard configuration, it is very easy to set up.

The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary.

This solution would benefit from having a support portal that can be opened directly from the dashboard.

We have been using the NGINX WAF for five years.

This solution is very much stable. Once it is working, it stays working. We use it on a daily basis.

This solution is not really scalable. Both the virtual appliance and the physical appliance are limited in terms of how much traffic they can handle. If you need to scale up then you need to replace the box with a bigger one.

In my company, we have about 700 users. One of my customers has about 2,500 concurrent users, and another one has about 4,000. These are all internal users. I cannot tell how many external users are connecting from the internet, but it is an enormous number.

It takes time to deal with technical support because they are pretty busy, but when you get the support it is very good. They know what they're talking about.

Prior to using this solution, we tried open-source pfSense. However, most of my customers went to F5.

The initial installation is very simple. However, there is one issue with security certificates.

Any system that you publish that is a secure system needs to have a certificate implemented, and that is always a struggle. We have plenty of customers with this solution, and every time that we get to the step involving the certificate, extra work is required. It never works smoothly. You always have to go and manipulate the certificate and the system just to set it up. I'm not sure about the latest systems, but in the old models, this could not even be done through the GUI. You had to use the command line, even though the certificate is visible in the GUI. A combination of commands is required just to make it work.

The length of time to deploy a basic system is very short. For more complex scenarios, it can be a long process.

We do have a consultant to assist us with deployment. We do the initial configuration, but when it comes to things that don't work then we speak with F5 directly. 

We have two people in place to maintain this product. One is from IT and the other takes care of the networking aspect.

The licensing fees for this solution are pretty expensive for what it does, but there is no alternative. The only alternative is Imperva, but that is even more expensive.

There is not much variety when it comes to web application firewalls that are also load-balancing solutions. Imperva is an alternative, although it is more expensive.

My advice for anybody who is implementing this solution is to plan well. You have to make sure that you plan ahead and know what it is that you want to achieve, then gather all of the relevant information. Otherwise, if you start to configure it and then find out that you don't have the right application server, or the right policy, or the proper certificate to install and configure it, then the installation will be very long. On the other hand, if the plan is very good and you have all of the details in advance, along with the right people to test it, then it should be straightforward.

I would rate this solution an eight out of ten.

We used NGINX App Protect for our externally-facing web applications to secure them using the WAF.

The integration of NGINX App Protect could improve.

I have been using NGINX App Protect for approximately two years.

NGINX App Protect is stable.

The scalability of NGINX App Protect is good.

We have two people using this solution in my company.

I have not contacted support.

The initial setup of NGINX App Protect is simple.

We have two people that are doing the support for NGINX App Protect which included the deployment.

There is a license needed to use NGINX App Protect.

The solution is very good overall.

I rate NGINX App Protect an eight out of ten.

We use this solution for protecting published services including website applications, mobile applications, and web applications.

The policies are flexible based on the technologies you use. 

The dashboard could provide a more comprehensive view of the status of the connections.

I have been using the solution for the past two years.

The solution is stable.

The solution is scalable with many licensing options according to client requirements. We have about 800 employees who use NGINX App protect.

Customer support is helpful, and they respond fast.

Initial setup was easy. For the implementation, it takes no time, but it takes some time to learn, understand the traffic, and to build the policies according to the traffic of the applications already implemented.

We have two employees for maintenance. 

We had a partner implement the solution and they were able to do so easily.

There are no additional fees.

This solution provides perfect protection for the published services against all application attacks.

I would rate this a 9 out of 10.

I'm carrying out some research work on NGINX because I am in academia. All my use cases relate to scaling from private to public cloud and vice versa. The other use case is for our perimeter security for cloud-based EDCs. We are customers of NGINX and I'm a technical product manager.

The solution has helped us greatly during this Covid period. When everything went remote, we had to scale up some applications and provide remote access to our users. It meant that we needed more security for our applications, the EDCs, and that's when we made use of the WAF module from NGINX to ensure the applications are secure.

The WAF itself was a feature that I found very useful to track mitigation, inclusion, prevention, and the parametric firewall.

The solution does well when there's low throughput but when we go for any high throughput, it's always a challenge. I'm expecting the next version to have a better high throughput. I also find that the bug fix rate is pretty slow.

I would like to see some more tools and to have some more automation capabilities in the next release, because right now the exposure of the API in NGINX is pretty limited. So I would like to see more of that as well as robustness in the scaling of the solution. 

I've been using this solution for six months. 

This is a stable solution. 

Scalability can be a bit of a challenge because there are some use cases that are not tackled. Our Dev Ops, IT staff and support service all use this solution. Let's say about 100 people at any given time. We have two staff responsible for support, they are IT support admins. We use the solution on a daily basis. 

I previously used the HAProxy. We switched to NGINX because it is more advanced. And then after the F5 networks bought them, their product portfolio increased and that was another reason for us to shift.

The initial setup was straightforward but I am well versed in this implementation. If I was a novice, it would be difficult. We have pretty much automated all our deployments, and then we schedule a downtime for our apps and deploy the patches or the new versions through automation so it'll take a lot less time.

We have seen a good ROI. Because of the Covid virus, we were able to see it immediately. When everyone went remote, we were scrambling to see how we could deploy and secure the apps and this came in at the right time.

Our licensing costs are about $40,000 a year. We pay on an annual basis. We just have our operating costs on top of that. 

I would recommend getting your deployments before you jump into buying or trying out this solution. Have a clear road map for your deployments and your future solutions. The solution has a rich feature set but on the down side is the issue with the high throughputs.

I would rate this solution an eight out of 10. 

We generally use NGINX with a combination of docker downstream so we have a container running which exposes multiple boards. And in terms on which we are running NGINX directory maps into the ports. So there is a major use case and sometimes we use it for security headers forwarding.

We use it together with AWS, to manage load balancing, topic migration and AV testing.

We use NGINX for security headers, and as a proxy. It is also a very good tool for load balancing.

The contributions I think sometimes take a toll on you like you're going to spend a lot of time on the right contributions. So as a product it is good, but from the development standpoint but if you think about somebody who's not from development background, this won't work. It's not up to speed if you really realize. So the set up process, it's good from a development standpoint. The development was easy to set up because they know that their understanding of the machine that they are going to set it up and take care of everything else.

I have never used techical support.

Yes, it was pretty easy as far as I remember. So this company, everything was previously set up and we had all the predefined user scripts so even though we had come to set it up from scratch.

The solution has the best traffic management and security management features. In addition, it has good interface and documentation features. Also, it integrates with other solutions.

The solution's technical support could be better.

I have been using the solution for six years.

It is a stable solution.

We plan to increase the solution's usage in our organization.

The solution's technical support team is good. Although, sometimes they ask us to provide the configuration file instead of addressing the current technical issue. Most of the time, the error doesn't need a configuration file to resolve it.

Positive

The solution generates a return on investment.

The solution's price is reasonable. Its license renewal costs around R200,000.

The solution requires essential training to understand the functionality. I rate it a ten out of ten.