Applications today have different performance, privacy, and security considerations. Many likely have distinct optimal routing needs. Most are hosted in different environments. Organizations today need a unified solution that can be applied for applications deployed nearly anywhere—in public clouds, private clouds, and on premises. NGINX App Protect WAF delivers that unified solution.
In addition to its robust web application firewall (WAF) capabilities, significant improvements have been made to the architecture of NGINX App Protect WAF. Prior releases of NGINX App Protect (through 4.x) have been delivered as packaged software and this will continue with the NGINX App Protect WAF 4.x release.
But a new version of NGINX App Protect WAF, version 5.0, is designed for public cloud, private cloud, and on-premises deployments in a containerized form factor, which reduces the attack surface. NGINX App Protect WAF 5.0 introduces innovations that enable businesses to protect modern apps and APIs in containerized environments with a smaller footprint. NGINX App Protect WAF 5.0 not only supports both NGINX OSS and NGINX Plus, but also separates the control and data planes, enhancing agile development methodologies. NGINX App Protect 5.0 supports a standalone policy management container and brings the following value to customers:
- Prevents impact of heavy lift policy modifications to affect data traffic or data plane compute resources
- Accelerates deploy and reload durations, making it faster to operate and scale
Because it's designed for cloud and hybrid deployments, the containerized form factor approach of NGINX App Protect WAF 5.0 is optimized for DevOps teams using agile pipelines and CI/CD frameworks to build and maintain their applications.
NGINX App Protect 5.0 can address the desire for a unified, consistent app and API security solution, as it can be leveraged in public clouds, private clouds, and on premises. NGINX App Protect 5.0 also simplifies updates and upgrades. With its new architecture, NGINX App Protect 5.0 requires only the compiler to be rebuilt with updated signatures. And NGINX App Protect 5.0 supports NGINX in any form factor, including virtual machines and containers.
To be clear, though, NGINX App Protect 5.0 is not replacing NGINX App Protect 4.x. Both will be offered to customers to address their specific deployment needs, with NGINX App Protect 4.x continuing to be updated and offered as a packaged product and NGINX App Protect 5.0 and later being provided as a container supporting Docker or Kubernetes.
So, what does this mean for you?
For one, migrating to NGINX Plus is no longer a requirement, and there's no need to re-customize your security solutions, which can save precious time and decrease total cost of ownership (TCO). Using containers, the native form factor for integration with modern applications, less of an attack surface is exposed with NGINX App Protect 5.0, enhancing security. You will also have the ability to protect applications running on NGINX OSS proxies if you choose to do so. This approach also offers better operability, allowing SecOps and DevOps teams to more effectively maintain overall security posture management and implementation.
Enabling agile development and reducing the need to support new operating systems and version increments has been sought after, as it helps accelerate the pace of development. This approach also simplifies consumption by utilizing a container-ready form factor instead of self-creating containerized images and deploying per every instance for every release and signature update.
NGINX App Protect is a modern WAF designed to sit close to your applications, providing additional protection beyond a perimeter WAF. It can be fully integrated into DevOps and CI/CD frameworks to:
- Enable strong security controls to be integrated seamlessly
- Outperform other WAFs for improved user experience
- Reduce complexity and tool sprawl while delivering modern apps
Let NGINX App Protect v5.0 shield your applications so that you can focus on the lifecycle and innovation of your products and solutions.
If you’re ready to try out NGINX App Protect v5.x, get started with this 30-day free trial or contact F5 sales today for more information.
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...