F5 WAF for NGINX and F5 DoS for NGINX (Formerly known as NGINX App Protect)
A lightweight, high-performance web application firewall and a DoS defender designed to protect APIs and modern apps.
Platform Agnostic Security for Modern Apps and APIs
Secure, automate, and scale modern apps and APIs with a platform-agnostic WAF
Defend your applications and APIs with a software security solution that seamlessly integrates into DevOps environments as a lightweight web application firewall (WAF), layer 7 denial-of-service (DoS) protection, bot protection, API security, and threat intelligence services. F5 WAF for NGINX and F5 DoS for NGINX deliver consistent protection across distributed architectures and hybrid environments.
- Secure App Development for DevOps: Release apps faster with security automation that integrates seamlessly into the application development process.
- No Touch Policy Configuration: Use machine learning to reduce operating costs and adaptive learning for no-touch policy configuration.
- Simplify Management: Gain centralized visibility with easy security policy management for total control of your WAF fleet.
Secure your Gateway API deployment with an enterprise-grade WAF
Protecting Kubernetes Gateway API requires a greater level of security automation and scalability to prevent increasingly automated attacks. F5 WAF for NGINX delivers an enterprise-grade solution that integrates with NGINX Gateway Fabric providing robust WAF protections.
- Enterprise-grade WAF: Integrating with NGINX Gateway Fabric, gain security measures without relying on plugins or external filters.
- Policy Orchestration: Seamlessly manage, validate and modify security policy (e.g. JSON, YAML, Bundle formats) directly within Kubernetes.
- Critical Layer 7 Protections: Secure against critical OWASP Top 10 threats and increasing advanced attacks targeted at AI applications.
- WAF Orchestration within Kubernetes clusters: achieve greater security agility, compliance and scalability with WAF workflows in Kubernetes.
- Centralized policy management across the hybrid-app landscape: An intuitive, centralized management GUI simplifies the policy lifecycle and provides a single dashboard for managing configurations on-prem, in the cloud and in containers.
Defend against attacks
Leverage a single, powerful, low-latency security solution across clouds and distributed architectures. Scale your app security in Kubernetes clusters and the cloud while significantly reducing compute costs.
- Secure APIs: Support for gRPC, GraphQL, REST, OWASP Top 10 APIs.
- Prevent App-Layer Attacks: Get superior attack detection by going beyond tracking client traffic patterns, with combined service health checks.
- Multi-Layer Defense: Mitigate attacks faster with a multi-layered defense strategy leveraging eBPF technology and managed by app teams.
Protect digital assets and systems
Keep pace with evolving threats and attack techniques to defend your organization from a wide range of security risks and vulnerabilities.
- Stop Targeted Attack Campaigns: Mitigate against active cyberattack campaigns.
- Prevent Automated Attacks and Bots: Comprehensive protection against automated attacks and bots.
- Defend Against Known and Unknown Threats: Surpass basic OWASP Top 10 protection with over 7,500 advanced signatures.
Product Overview
F5 WAF for NGINX
Enforce, automate, and scale your app and API security across distributed architectures and hybrid environments
Protecting your applications and APIs from attacks is easy using F5 WAF for NGINX, an advanced, lightweight, and high-performance web application firewall (WAF) for modern apps and APIs in DevOps environments. F5 WAF for NGINX is part of the NGINX One premium package and runs natively on F5 NGINX Plus and F5 NGINX Ingress Controller. It is platform-agnostic and supports deployment options ranging from edge load balancers to individual pods in Kubernetes clusters.
F5 DoS for NGINX
Mitigate layer 7 denial-of-service (DoS) attacks on your apps and APIs
Achieve comprehensive protection against application layer DoS and DDoS attacks for your apps and APIs with a multi-layered, adaptive, and automated mitigation strategy for DevOps environments. F5 DoS for NGINX is part of the NGINX One premium package and runs natively on F5 NGINX Plus and F5 NGINX Ingress Controller. It is platform-agnostic and supports deployment options ranging from edge load balancers to individual pods in Kubernetes clusters.
Core Capabilities
High-performance, automated, and lightweight WAF and DoS protection across distributed architectures and environments with F5 WAF for NGINX and F5 DoS for NGINX.
Platform agnostic
App-centric security designed to protect and provide security controls for the application.
Extensible API security
Deploys tools to secure REST, GraphQL, gRPC, and APIs.
Security as code
Declarative API-based deployment and configuration enables delivering security as “code.”
DoS mitigation
Behavioral analytics and machine learning provide accurate L7 DoS detection and mitigation.
Proactive bot defense
Protects apps from automated attacks by bots and other malicious automated tools.
Defense for the OWASP Top 10
Defends critical apps from today’s biggest security concerns, including those listed in the OWASP Top 10.
Detect and mitigate cyberattacks
Correlate singular attack incidents as part of extensible and sophisticated attacks with threat intelligence and SOC team expertise.
Scalable protection
Integrate WAF and DoS security with NGINX data and management planes across multicloud environments.
Resources
Featured
Introducing F5 WAF for NGINX and F5 DoS for NGINX
F5 WAF for NGINX and F5 DoS for NGINX are modern app security solutions that work seamlessly in DevOps environments to help deliver apps from code to customer.
Datasheets and eBooks
Secure, Automate, and Scale Modern Apps and APIs ›
Defend, Adapt, and Mitigate Against Layer 7 DoS Attacks ›
The Secret to Modern Application Security ›
Reduce the Complexity and Cost of Running Kubernetes at Scale ›
Webinars
Unlocking WAF and API Security with NGINX App Protect ›
Protecting Apps from Hacks in Kubernetes with NGINX ›
Shift Left for More Secure Apps with F5 NGINX ›
Blogs
AI Zero Days Are Here: What CISOs Need to Know ›
A Containerized WAF to Secure Apps and APIs ›
Why Managing WAFs at Scale Requires Centralized Visibility and Configuration Management ›
Secure Your API Gateway with NGINX App Protect WAF ›
NGINX App Protect Denial of Service Blocks Application-Level DoS Attacks ›