NGINX App Protect Reviews

I'm carrying out some research work on NGINX because I am in academia. All my use cases relate to scaling from private to public cloud and vice versa. The other use case is for our perimeter security for cloud-based EDCs. We are customers of NGINX and I'm a technical product manager.

The solution has helped us greatly during this Covid period. When everything went remote, we had to scale up some applications and provide remote access to our users. It meant that we needed more security for our applications, the EDCs, and that's when we made use of the WAF module from NGINX to ensure the applications are secure.

The WAF itself was a feature that I found very useful to track mitigation, inclusion, prevention, and the parametric firewall.

The solution does well when there's low throughput but when we go for any high throughput, it's always a challenge. I'm expecting the next version to have a better high throughput. I also find that the bug fix rate is pretty slow.

I would like to see some more tools and to have some more automation capabilities in the next release, because right now the exposure of the API in NGINX is pretty limited. So I would like to see more of that as well as robustness in the scaling of the solution. 

I've been using this solution for six months. 

This is a stable solution. 

Scalability can be a bit of a challenge because there are some use cases that are not tackled. Our Dev Ops, IT staff and support service all use this solution. Let's say about 100 people at any given time. We have two staff responsible for support, they are IT support admins. We use the solution on a daily basis. 

I previously used the HAProxy. We switched to NGINX because it is more advanced. And then after the F5 networks bought them, their product portfolio increased and that was another reason for us to shift.

The initial setup was straightforward but I am well versed in this implementation. If I was a novice, it would be difficult. We have pretty much automated all our deployments, and then we schedule a downtime for our apps and deploy the patches or the new versions through automation so it'll take a lot less time.

We have seen a good ROI. Because of the Covid virus, we were able to see it immediately. When everyone went remote, we were scrambling to see how we could deploy and secure the apps and this came in at the right time.

Our licensing costs are about $40,000 a year. We pay on an annual basis. We just have our operating costs on top of that. 

I would recommend getting your deployments before you jump into buying or trying out this solution. Have a clear road map for your deployments and your future solutions. The solution has a rich feature set but on the down side is the issue with the high throughputs.

I would rate this solution an eight out of 10. 

We used NGINX App Protect for our externally-facing web applications to secure them using the WAF.

The integration of NGINX App Protect could improve.

I have been using NGINX App Protect for approximately two years.

NGINX App Protect is stable.

The scalability of NGINX App Protect is good.

We have two people using this solution in my company.

I have not contacted support.

The initial setup of NGINX App Protect is simple.

We have two people that are doing the support for NGINX App Protect which included the deployment.

There is a license needed to use NGINX App Protect.

The solution is very good overall.

I rate NGINX App Protect an eight out of ten.

We generally use NGINX with a combination of docker downstream so we have a container running which exposes multiple boards. And in terms on which we are running NGINX directory maps into the ports. So there is a major use case and sometimes we use it for security headers forwarding.

We use it together with AWS, to manage load balancing, topic migration and AV testing.

We use NGINX for security headers, and as a proxy. It is also a very good tool for load balancing.

The contributions I think sometimes take a toll on you like you're going to spend a lot of time on the right contributions. So as a product it is good, but from the development standpoint but if you think about somebody who's not from development background, this won't work. It's not up to speed if you really realize. So the set up process, it's good from a development standpoint. The development was easy to set up because they know that their understanding of the machine that they are going to set it up and take care of everything else.

I have never used techical support.

Yes, it was pretty easy as far as I remember. So this company, everything was previously set up and we had all the predefined user scripts so even though we had come to set it up from scratch.