NGINX App Protect offers flexible security management, reverse proxy capabilities, and integration across platforms. Users value its simple command-line interface, API connectivity, and robust automation for DevOps. Features include OWASP certification, load balancing, bot and brute force protection, flexible policies, and traffic management. The tool provides comprehensive HTTP session control and auto-learning for application profiling, streamlining backend programming while enhancing security with signature-based detection, DOS protection, and effective bot detection and IP blocking.
- "I would say that the most valuable feature is the ability to operate in a DevOps environment and to be configured through API and pipeline by the developers themselves."
- "Overall, I rate NGINX App Protect between eight and nine."
- "There's a cache, or it works like a proxy, so it can speed up applications."
Configuration lacks flexibility, requiring more automation for setting policies and managing rules. High throughput challenges persist. Limited API exposure and slow bug fixes hinder performance. Licensing becomes expensive quickly. User interface and technical support need refinement. Compatibility issues with existing infrastructure are present. Integration with more security features and a clearer roadmap are desired. Documentation is insufficient, making advanced feature exploration difficult. Pricing and understanding of hardware requirements require attention.
- "It would be better if it were easier to implement and if there was more information from F5 regarding hardware requirements and specifications to deploy the service, to avoid disruptions after implementation."
- "It doesn't have more advanced features like no false-positive security, which you can configure in Advanced WAF."
- "The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good."