F5 Advanced WAF vs NGINX App Protect comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between F5 Advanced WAF and NGINX App Protect based on real PeerSpot user reviews.

Find out in this report how the two Web Application Firewall (WAF) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed F5 Advanced WAF vs. NGINX App Protect Report (Updated: November 2022).
655,113 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"There are a lot of good features.""My favorite feature of F5 is the ability to play around with the ciphers. I also like the ability to have an immediate display of the support IDs when a real blockage occurs. The protection offered is great.""Very easy to implement and works well.""The most valuable features of the F5 Advanced WAF are the enhanced ASM and the performance. Additionally, the usability and effectiveness are very good.""We can monitor IP locations, but we have constraints from each country. It has a replication feature. Licenses can be shared, taking turns with each license.""One of the most valuable features is the Local Traffic Manager.""The web application firewall itself is most valuable. It provides positive security and negative security. In negative security, it blocks a task such as cross-site scripting, code injection, etc. In positive security, it lets you specify and enforce things, such as the parameters allowed in username and password fields and the number of characters allowed in a field.""The most valuable features of this solution are the WAF protection, Data Safe, and the seven-layer DDoS."

More F5 Advanced WAF Pros →

"The most valuable feature of NGINX App Protect is its open source.""We were looking for a product that is capable of complete automation and a container based solution. It's working.""The most valuable feature of NGINX App Protect is the reverse proxy.""The initial setup was simple and took three to four days.""NGINX App Protect has complete control over the HTTP session.""The most valuable feature of NGINX App Protect is its flexibility.""NGINX App Protect is stable.""The policies are flexible based on the technologies you use."

More NGINX App Protect Pros →

Cons
"The reporting could be clearer and embedded to include our movement data.""I would like to see the API Protection improved.""The BNS module needs improvement.""The Sandbox integration feature could be improved.""The pricing could be more flexible.""F5 Advanced WAF could improve resource usage, it is CPU intensive. Additionally, adding automated remediation would be a benefit. For example, an easy button alerts us of the events that are occurring, and what we want to do at the time. An automated approach where somebody could be alerted very quickly. Instead of going and reconfiguring everything, an automated approach is what I'm looking at.""The solution should include protection against web page attacks like what is available in FortiWeb.""Its price should be better. It is expensive."

More F5 Advanced WAF Cons →

"The dashboard could provide a more comprehensive view of the status of the connections.""Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks.""NGINX App Protect could improve security.""The price of NGINX App Protect could improve.""Currently, the policies have to be handled manually, and you have to create from scratch, which can be a bit time-consuming, in a large environment.""The integration of NGINX App Protect could improve.""NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution.""As far as scalability, it takes a long time for deployment."

More NGINX App Protect Cons →

Pricing and Cost Advice
  • "There are various plans available for Fortinet FortiWeb Cloud WAF as a Service, including a trial version."
  • "It is expensive. Its price should be better. Its licensing is on a yearly basis. Its licensing is also based on the model. There are no additional costs."
  • "I don't have any issue with the pricing of this solution."
  • "There is an annual subscription for this solution."
  • "The price of the solution is reasonable when compared with other products, such as FortiWeb. I am very satisfied with the price."
  • "Pricing for this solution is higher than average."
  • "There is a perpetual license that comes with your hardware. There is also an additional fee for support."
  • "F5 Advanced WAF pricing structure should be adjusted to meet the need of small to medium-sized companies."
  • More F5 Advanced WAF Pricing and Cost Advice →

  • "Really understand the licensing model, because we underestimated that."
  • "There are no additional fees."
  • "NGINX is not expensive."
  • "The pricing is reasonable because NGINX operates on an instance basis."
  • "There is a license needed to use NGINX App Protect."
  • "There are not any additional costs we had to pay to use NGINX App Protect."
  • "There is a monthly or annual subscription to use NGINX App Protect. There are not any additional costs to the subscription."
  • "The price of NGINX App Protect is approximately $3,000 annually. All of our licenses are observed by a managed service partner."
  • More NGINX App Protect Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    655,113 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:F5 technical support is excellent. They are experts who always provide the right solution, and they understand the problem. Their response and resolution times are good.
    Top Answer:F5's hardware product line is called BIG-IP, and they have many software licenses for IP DNS, Advanced WAF, APM, anti-spam, etc. We have around 10 licenses.
    Top Answer:F5 should consider adding network detection and response.
    Top Answer:WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall.
    Top Answer:Our licensing costs are about $40,000 a year. We pay on an annual basis. We just have our operating costs on top of that.
    Top Answer:The solution does well when there's low throughput but when we go for any high throughput, it's always a challenge. I'm expecting the next version to have a better high throughput. I also find that… more »
    Ranking
    Views
    11,416
    Comparisons
    9,034
    Reviews
    23
    Average Words per Review
    426
    Rating
    8.4
    Views
    5,263
    Comparisons
    4,223
    Reviews
    8
    Average Words per Review
    356
    Rating
    8.0
    Comparisons
    Also Known As
    NGINX WAF, NGINX Web Application Firewall
    Learn More
    Overview

    F5's Advanced WAF is built on proven F5 technology and goes beyond reactive security such as static signatures and reputation to proactively detect and mitigate bots, secure credentials and sensitive data, and defend against application denial-of-service (DoS). Advanced WAF redefines application security to address the most prevalent threats organizations face today.

    Advanced WAF is offered as an appliance, virtual edition, and as a managed service—providing automated WAF services that meet complex deployment and management requirements while protecting your apps with great precision. It is the most effective solution for guarding modern applications and data from existing and emerging threats while maintaining compliance with key regulatory mandates.

    Advanced WAF redefines application security to address the most prevalent threats organizations face today:

    •Web attacks that steal credentials and gain unauthorized access across user accounts.
    •Application layer attacks that evade static security based on reputation and manual signatures.
    •New attack surfaces and threats due to the rapid adoption of APIs.
    •OWASP Top 10 vulnerabilities

    NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

    • Integrating security controls directly into the development automation pipeline
    • Applying and managing security for modern and distributed application environments such as containers and microservices
    • Providing the right level of security controls without impacting release and go-to-market velocity
    • Complying with security and regulatory requirements

    NGINX App Protect offers:

    • Expanded security beyond basic signatures to ensure adequate controls
    • F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
    • Confidently run in “blocking” mode in production with proven F5 expertise
    • High‑confidence signatures for extremely low false positives
    • Increases visibility, integrating with third‑party analytics solutions
    • Integrates security and WAF natively into the CI/CD pipeline
    • Deploys as a lightweight software package that is agnostic of underlying infrastructure
    • Facilitates declarative policies for “security as code” and integration with DevOps tools
    • Decreases developer burden and provides feedback loop for quick security remediation
    • Accelerates time to market and reduces costs with DevSecOps‑automated security
    Offer
    Learn more about F5 Advanced WAF
    Learn more about NGINX App Protect
    Sample Customers
    MAXIMUS, Vivo, American Systems, Bangladesh Post Office, City Bank
    Information Not Available
    Top Industries
    REVIEWERS
    Financial Services Firm39%
    Computer Software Company22%
    Non Tech Company9%
    Media Company9%
    VISITORS READING REVIEWS
    Computer Software Company20%
    Comms Service Provider15%
    Financial Services Firm13%
    Government7%
    REVIEWERS
    Financial Services Firm38%
    Comms Service Provider38%
    Insurance Company13%
    Computer Software Company13%
    VISITORS READING REVIEWS
    Computer Software Company22%
    Comms Service Provider16%
    Financial Services Firm9%
    Government7%
    Company Size
    REVIEWERS
    Small Business29%
    Midsize Enterprise24%
    Large Enterprise48%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise18%
    Large Enterprise63%
    REVIEWERS
    Small Business31%
    Midsize Enterprise15%
    Large Enterprise54%
    VISITORS READING REVIEWS
    Small Business24%
    Midsize Enterprise14%
    Large Enterprise62%
    Buyer's Guide
    F5 Advanced WAF vs. NGINX App Protect
    November 2022
    Find out what your peers are saying about F5 Advanced WAF vs. NGINX App Protect and other solutions. Updated: November 2022.
    655,113 professionals have used our research since 2012.

    F5 Advanced WAF is ranked 3rd in Web Application Firewall (WAF) with 28 reviews while NGINX App Protect is ranked 11th in Web Application Firewall (WAF) with 9 reviews. F5 Advanced WAF is rated 8.4, while NGINX App Protect is rated 8.0. The top reviewer of F5 Advanced WAF writes "Extremely stable hardware with great plug-ins and excellent features". On the other hand, the top reviewer of NGINX App Protect writes "Capable of complete automation but is costly ". F5 Advanced WAF is most compared with Fortinet FortiWeb, Microsoft Azure Application Gateway, Imperva Web Application Firewall, AWS WAF and Azure Front Door, whereas NGINX App Protect is most compared with Mirantis Container Cloud, AWS WAF, Microsoft Azure Application Gateway, Azure Front Door and Fortinet FortiWeb. See our F5 Advanced WAF vs. NGINX App Protect report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.