Positive

Positive

NGINX App Protect is easier to automate and configure, or manage from an API. This is good for securing applications. However, it's not suitable for more complex tasks.

NGINX App Protect positively impacted performance changes. There's a cache or it works like a proxy, so it can speed up applications. It can also offload some functions from servers, which NGINX can handle faster.

It has simple functions, especially for CICD pipelines and automation capabilities. The functions are not as broad as the Advanced WAF.

NGINX has signature-based detection, DOS protection, and bot protection.

It doesn't have more advanced features like no false-positive security, which you can configure in Advanced WAF.

It should be simple and easy to manage. The functions cannot be too complex because that would decrease the value of its management. So, I think it's good for now.

It's good support. In some cases, it's fast and helpful, but in others, it's slow and requires escalation. Overall, it's good compared to some other vendors.

Neutral

I have experience with F5 Advanced WAF (F5), it is a popular F5 product. 

I have also used FortiWeb. 

The complexity and time for the setup depend on the type of app. With experience, it can take a few minutes to a few hours to install and protect applications on a basic level. 

For more granular security, it takes more time to configure, but it's not very difficult with experience.

There are benefits. Implementing it improves network security posture. If you have a CICD pipeline, it's easy to integrate and manage automatically.

I don't know the prices. It's a case-by-case thing.

Compared to Advanced WAF, it is cheaper.

There are scenarios where it's very good to use and implement. I would recommend it for securing specific applications with specific requirements. It's not for everyone, but many customers find it improves security.

Overall, I would rate it an eight out of ten.

Mail Proxy Server and SMTP are quite effective features in the product. The tool's API connectivity across the hybrid network is pretty impressive, which is almost the same as the threat intelligence capabilities of NGINX.

The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good.

The product should have more documentation, especially like the ones provided by other OEMs.

I have been using NGINX App Protect for five years. I use NGINX App Protect WAF Release 5.0. My company has a partnership with F5.

My company is currently dealing with one enterprise-sized company and one financial organization.

The product's initial setup phase was a bit difficult since the articles and other documentation were not that good.

When it comes to the implementation part, at least seven days are needed for the testing phase since there may be some struggles in several places, and one may have to go directly to the OEM just to make sure that we can study the tool properly.

The product's price is high.

If NGINX App Protect does not fit the budget of our customers, then my company recommends Radware to such clients. Radware's OEM engagement is better than that of NGINX App Protect.

I don't have any problem with NGINX App Protect's OEM engagement. When I directly engage with the tool's OEM, I see that they are really helpful. When it comes to OEM, F5 has an amazing feature set and is pretty technical. Technicians from F5 can help any time with any request of a client associated with the tool, and they also help to help clients so our company's deals with them can mature further.

The product is good since NGINX is involved in a lot of research and development work. Two years ago, my company used the firewall from NGINX. In the previous year, my company entered into a deal with Radware.

Whether I would recommend the product to others depends on their requirements and the type of business they are doing, among other factors.

Speaking about how the tool has been able to handle new and emerging security threats, I would say that my company is testing the product to see if it fits our requirements. My company is testing some threats.

My company has not tested the product with any of the tool's AI-driven security initiatives, but we may do so later since we are only working on one deal associated with Radware.

The tool is not complex and is very user-friendly.

I rate the tool a ten out of ten.

We use the tool for customer platforms and portal environments like e-commerce.

The tool's most valuable feature is the OWASP certification. Additionally, the tool's ability to enforce strong passwords and OTP within minutes is impressive. With its analytics and recommendations, it is a very good solution.

The solution needs to be improved in the e-commerce portal. 

The tool's deployment is easy but can be challenging if security policies are applied together. 

I have invested about 40,000 dollars. I expect a return of 30,000 dollars in eight months. It helps to save time. 

NGINX App Protect is expensive. 

I rate the overall solution a nine out of ten. We plan to integrate the tool with some applications in two months. 

I use the solution in my company since it has the ability to offer protection from external threats, including the ones under OWASP Top 10. The tool gives you a log report, audit report, and access log report. You can also create your own profile and have the option to block or create transparent, block, and learning modes.

Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI. My company uses NGINX Management Suite, which doesn't have the option for UI. NGINX Management Suite doesn't have the proper UI to change a configuration file, which is an ability that the tool should offer.

It would be good if NGINX could provide documentation explaining how to deploy gRPC over NGINX App Protect.

I have experience with NGINX App Protect.

The stability of the product is very impressive since it handles 60,000 to 70,000 requests or transactions per second.

It is a highly scalable solution.

In my company, 1,600 users use the tool. My company uses NGINX App Protect as a WAF product that we use for our applications and put in front of the applications' users, which would be around 10,00,00,00,000 users.

The solution's technical support is fine.

I have experience with NGINX Plus.

The product's initial setup phase is very easy.

My company has taken NGINX App Protect's license from F5, so we received the necessary support for installation. The installation of the tool was very easy for our company.

My company could take care of the deployment of NGINX App Protect with some .deb files. The Debian file was available on the website of F5 that we installed on one or two machines in our environment, after which some configurations were required to be done so that we could use NGINX App Protect.

The solution is deployed on an on-premises model.

NGINX App Protect secures our company's application, and it has helped me a lot, considering that we have critical infrastructure in India where we see how lots of attacks come onto our organization's servers. The tool offers protection against multiple threats present in India's IT ecosystem. The tool helps our company to make our payments secure, meaning it has the ability to provide a secure payment environment in India.

Speaking about the improvements in our company's application performance since implementing NGINX App Protect, the gRPC support for the solution is very low. My company is not getting any proper documentation on how to deploy gRPC over NGINX App Protect.

I recommend the product to those who plan to use it. People can use the product as their company's base server, WAF, or for its proxy manager, depending on the business requirements.

My company follows PCI DSS compliance because we operate in a payment-related industry. Right now, my company follows all the standards, so we comply with all the requirements and policies.

I rate the tool an eight out of ten.

The solution is useful to protect applications. Another use case is integrating NGINX into your deployment pipelines, allowing you to protect your workflows directly from your deployment pipelines.

The product is very robust. It's very easy to deploy. You need to take into consideration that it's a security solution that requires knowledge of backend programming. The security team needs to communicate effectively with the developer team for successful integration. If you align communication between the security and developer teams, you'll have the best deployment possible. The way it works is that developers have their way of doing things, and there's a security-centric approach.

NGINX App Protect could provide a better user interface.

The product is stable.

The solution is scalable. We have more than ten customers using NGINX.

Customer support is very responsive.

The solution is easy to deploy. Its scalability and integration capabilities depend on its performance and the extent to which you want to integrate it into your development process. It doesn't necessarily cost more money beyond the initial setup.

You need to identify the placement. You must understand your application. Lastly, you should assess which NGINX features are suitable for the functionality you wish to implement. This initial phase involves analysis.

Following the analysis, you proceed to the test deployment stage. Subsequently, you enter alert mode and finally enable NGINX App Protect. It's a simple deployment. A single engineer can do the job.

The product is cheap and performs its job perfectly. If there is no protection in India, you have to compromise. You cannot ignore the importance of having reliable security measures.

The solution has yearly, three-year, and five-year subscriptions.

You need to have a good analysis before implementing the product. The analysis phase is the most important.

Overall, I rate the solution an eight out of ten.

I tested specific features and evaluated the solution against the Web Application Firewall. I conducted research to test different detection percentages. I did not use it directly for protection but for evaluation purposes.

I encountered issues with NGINX App Protect while trying to upgrade custom rules. 

I have been using the product for six months. 

I haven't contacted the technical support team. 

I rate NGINX App Protect an eight out of ten. 

The most valuable feature of the solution is that IVF and ICSI are covered under the firewall option offered by the tool. I don't have a specific feature I like the most since I look at features through comparisons of different firewall products and the features of such tools.

The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required. The main menu can be quite confusing.

After you implement it, it's not so easy to understand how it works. Though in my company, we understand the basics of the product, if you want to explore the more advanced features, then the principal product doesn't explain it to us, which can be quite confusing when navigating through the main menu.

I have been using NGINX App Protect for five years. I use the solution in my company.

It is a stable solution.

In our company, we never tried to use the scalability options provided by the tool.

The solution's technical support is good. I rate the technical support an eight to nine out of ten.

Positive

Previously, our company was using Fortinet. I don't know why my company switched from Fortinet to NGINX App Protect because it happened before I joined the organization.

The product's initial setup phase was easy.

The price of NGINX App Protect is not much different from the products that fall under the leader category of Gartner Magic Quadrant.

My company needs to expand its options to see if some other brand apart from NGINX App Protect is faster.

As the license for NGINX App Protect in our company will expire in a few months, my company wants to make a decision on whether to extend the services of the tool or not based on the research we do on other platforms in the market.

My company is satisfied with the product.

For the user interface, I rate the product an eight out of ten.

For the functionalities of the product, I rate the tool a ten out of ten.

We use the solution for application firewall purposes. We use both mobile and web applications.

During the NGINX App Protect v1.1 upgrade, we encountered compatibility issues with our existing telecom infrastructure, specifically the load balancer and WAF. These issues manifested as difficulties with the HTTP 1.1 protocol. While attempting to solve the problem through upgrades, we ultimately opted for alternative solutions as the desired effect could not be achieved. This highlights the technical challenges of integrating NGINX App Protect with diverse network components.

I have been using NGINX App Protect for more than five years.

The product is stable.

I rate the solution’s stability an eight-point five out of ten.

The solution is scalable.

The customer service’s response should be faster.

The initial setup is straightforward. For deployment, we configured basic configuration, and after mounting, We observed our application for almost four months. After that, we proceed to enforcement blocking mode. Typically, all our applications are live, so we can't block it on day one. We observed it for a long time, like six months, and then we went into step-by-step blocking mode.

Three people are required for the solution's deployment.

The product is expensive and has a subscription-based licence.

NGINX App Protect's high price and limited support options can be a drawback. While troubleshooting basic issues is manageable, resolving advanced problems through paid support channels can be expensive and experience delays.

I recommend the solution if the client has no financial issues regarding their WAF or LTM solutions. Still, if they are budget constraints, one should think of other options like Fortinet.

Overall, I rate the solution an eight out of ten.