Cookie preferences
Accept cookies for analytics, social media, and advertising, or learn more and adjust your preferences. These cookies are on by default for visitors outside the UK and EEA. Privacy Notice.
Improve Security, Accelerate DevOps, and Simplify Management
Protecting your applications and APIs from Layer 7 attacks is easy using NGINX App Protect WAF, a lightweight, high-performance web application firewall for DevOps environments. Running natively on NGINX Plus and NGINX Ingress Controller, it is platform-agnostic and supports deployment options ranging from edge load balancers to individual pods in Kubernetes clusters.
Why Use NGINX App Protect WAF
Enforce Robust App & API Security
Protect against and mitigate common vulnerabilities, advanced threats, and zero-day attacks. With NGINX App Protect WAF you can:
- Exceed basic OWASP Top 10 protection with over 7,500 advanced signatures, bot signatures and threat campaign protection
- Protect your organization’s HTTP/S and HTTP/2 applications, as well as protocols such as gRPC bi-directional streaming
- Mask personal identifiable information (PII), including credit card and social security numbers, with built-in Data Guard feature
- Exceed PCI DSS requirements and avoid regulatory non-compliance
- Deploy in blocking mode with trusted high-confidence signatures for extremely low false positives
Resources
Deploy Platform-Agnostic Security
Secure your organization’s apps and APIs with a single security solution across distributed architectures and environments including on-premises, hybrid, and multi-cloud. With NGINX App Protect WAF you can:
- Build consistent security controls for web apps, microservices, containers, and APIs
- Achieve seamless single-vendor technology integration within the NGINX platform for reduced complexity, friction, and tool sprawl
- Deploy the uniquely flexible software form factor across all modern app topologies – from load balancers at the edge to API gateways and Kubernetes Ingress controllers to per-service or per-pod proxies inside the Kubernetes cluster
- Scale your Kubernetes apps in the cloud with a lightweight, high-performance, low-latency, and low-compute security solution
Resources
Integrate Security at Scale
Take control by scaling your security policy deployments to all NGINX App Protect WAF instances using NGINX Management Suite. With the NGINX Management Suite, you can:
- Gain centralized visibility of protection insights to guide WAF policy tuning using the NGINX Management Suite Security Monitoring
- Manage configuration for your entire NGINX App Protect WAF fleet using the NGINX Management Suite Instance Manager module
- Integrate WAF security into your CI/CD pipeline for easy DevSecOps
- Control WAFs at scale using either the GUI or REST API
- Give SecOps, Platform Ops, and DevOps teams centralized visibility and fine-grained control of app policies based on workflow needs
Resources
Support for Shift Left, DevSecOps, and Security Automation
Enable a shift-left strategy where security is incorporated into every stage of the software development lifecycle (SDLC). With NGINX App Protect WAF you can:
- Use declarative policies created by SecOps to enable DevOps to integrate security as code into CI/CD pipelines
- Implement security automation to reduce the cost of breaches by up to 80%
- Save time and money by finding and fixing vulnerabilities before an app is released into production
- Maintain developer agility and innovation while building more reliable and secure apps
- Accelerate time to market and reduce costs with DevSecOps automated security
Resources
Technical Specifications
Distributions
- Docker
- Kubernetes
- Red Hat OpenShift Container Platform
Architectures
- x86
Operating Systems
- Alpine Linux
- CentOS
- Debian
- Oracle Linux
- Red Hat Enterprise Linux
- Ubuntu
Cloud Platforms
- Amazon Web Services (AWS)
- Google Cloud Platform (GCP)
- Microsoft Azure
Visit NGINX Docs For Full Technical Specifications
Modern app security solution that works seamlessly in DevOps environments.
NGINX App Protect WAF DocumentationLearn More About NGINX App Protect WAF
Datasheet
NGINX App Protect WAF
Easily scale app and API security and mitigate Layer 7 attacks with advanced protection for DevOps teams from F5 NGINX.
Blog
Why Managing WAFs at Scale Requires Centralized Visibility and Configuration Management
NGINX Management Suite makes security easier and more reliable with centralized visibility and configuration management of NGINX App Protect WAF.
Ebook
Security as Code
In this eBook from O'Reilly Media, compliments of NGINX, learn how to implement a DevSecOps strategy by integrating security early into your development process through cloud infrastructure...
