NGINX App Protect Reviews

I use the solution in my company since it has the ability to offer protection from external threats, including the ones under OWASP Top 10. The tool gives you a log report, audit report, and access log report. You can also create your own profile and have the option to block or create transparent, block, and learning modes.

Right now, the tool doesn't provide an option revolving around update feeds, specifically the signature update option in the UI. My company uses NGINX Management Suite, which doesn't have the option for UI. NGINX Management Suite doesn't have the proper UI to change a configuration file, which is an ability that the tool should offer.

It would be good if NGINX could provide documentation explaining how to deploy gRPC over NGINX App Protect.

NGINX App Protect is easier to automate and configure, or manage from an API. This is good for securing applications. However, it's not suitable for more complex tasks.

NGINX App Protect positively impacted performance changes. There's a cache or it works like a proxy, so it can speed up applications. It can also offload some functions from servers, which NGINX can handle faster.

It has simple functions, especially for CICD pipelines and automation capabilities. The functions are not as broad as the Advanced WAF.

NGINX has signature-based detection, DOS protection, and bot protection.

We tried to secure our public exposed APIs with NGINX App Protect. The cases must be all completely automated, because we want to build a self-service engine so that a decentralized approach is possible in the organization.

We were looking for two main valuable features. We were looking for a product that is capable of complete automation and a container based solution. It's working.

We use the tool for customer platforms and portal environments like e-commerce.

The tool's most valuable feature is the OWASP certification. Additionally, the tool's ability to enforce strong passwords and OTP within minutes is impressive. With its analytics and recommendations, it is a very good solution.

The solution is useful to protect applications. Another use case is integrating NGINX into your deployment pipelines, allowing you to protect your workflows directly from your deployment pipelines.

The product is very robust. It's very easy to deploy. You need to take into consideration that it's a security solution that requires knowledge of backend programming. The security team needs to communicate effectively with the developer team for successful integration. If you align communication between the security and developer teams, you'll have the best deployment possible. The way it works is that developers have their way of doing things, and there's a security-centric approach.

Mail Proxy Server and SMTP are quite effective features in the product. The tool's API connectivity across the hybrid network is pretty impressive, which is almost the same as the threat intelligence capabilities of NGINX.

The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good.

The product should have more documentation, especially like the ones provided by other OEMs.