Imperva Web Application Firewall vs NGINX App Protect comparison

Imperva Web Application Firewall vs. NGINX App Protect

Download the complete report

Helped 814,649 peers since 2012

Categories and Ranking

Imperva Web Application Fir...

Ranking in Web Application Firewall (WAF)

6th

Average Rating

8.6

Number of Reviews

Ranking in other categories

No ranking in other categories

NGINX App Protect

Ranking in Web Application Firewall (WAF)

16th

Average Rating

8.4

Number of Reviews

Ranking in other categories

Container Security (21st), API Security (4th)

Mindshare comparison

As of November 2024, in the Web Application Firewall (WAF) category, the mindshare of Imperva Web Application Firewall is 6.4%, down from 7.1% compared to the previous year. The mindshare of NGINX App Protect is 2.2%, down from 2.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Web Application Firewall (WAF)

Featured Reviews

Abdullah Jin

Principal Cyber Prevent and Defense Engineer at a comms service provider with 1,001-5,000 employees

Sep 9, 2024

Offers bot protection and DDoS Protection and protects public-facing portals

Support is one thing I wish Imperva could improve. They follow the phone model and keep rotating you from one customer service person to another. The layer one support isn't very clear about the workings of the product. My feedback is primarily about Imperva Cloud, not on-premise. On-premise is a whole new story. Support is the issue for Imperva Cloud. It's also a bit pricey. It's a premium service and very expensive. The licensing model is not very straightforward. Every feature is priced separately, and to enjoy maximum protection, you'll have to spend a lot of money. The licensing model is a bit complex, and each feature is very pricey. For example, API security and web application protection are two separate license packages.

Read full review

Tomaz Sobczak

Security System Engineer at Ascomp S.A.

Jun 25, 2024

Signature-based detection, DOS protection, and bot protection

NGINX App Protect is easier to automate and configure, or manage from an API. This is good for securing applications. However, it's not suitable for more complex tasks. NGINX App Protect positively impacted performance changes. There's a cache or it works like a proxy, so it can speed up…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Imperva is a Gartner leader, so its scalability, performance, and features are excellent."

"There are some features that are configured by default, so even without doing much, it can still provide a level of protection."

"Its inline transferring mode is the most valuable because it is 100% transparent. When you change the IP, there is no change on the network side. If you can't and want to try to reach an IP, you can reach the server IP. There are many other advanced security features in it. The smallest appliances of Imperva can handle the highest traffic at a customer site. For example, a smaller appliance from Imperva can provide you the same security as an F5 product."

"The most valuable features of Imperva Web Application Firewall are the monitoring of databases and the dashboards are easy to understand."

"There are many features. There is ease of deployment. You can deploy the Imperva Web Application Firewall in two to three minutes. After that, you have to set the policies. For setting policies, you have toggle buttons. You can turn something on or off."

"The compliance is the most valuable aspect."

"It works right out of the box once you integrate the application."

"The WAF itself has been very valuable to me because it has such a complete range of features. Another reason why I like it is because it also takes care of the total overview of the traffic over the network."

More Imperva Web Application Firewall pros

"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall."

"There's a cache, or it works like a proxy, so it can speed up applications."

"The tool's most valuable feature is the OWASP certification. Additionally, the tool's ability to enforce strong passwords and OTP within minutes is impressive. With its analytics and recommendations, it is a very good solution."

"NGINX App Protect's best features are auto-learning, which creates a profile of applications that are deployed, bot protection, and force protection, which lets you configure your brute force policy and alert for and prevent brute force attacks."

"NGINX App Protect is stable."

"The initial setup was simple and took three to four days."

"The most valuable feature is that I can establish different services from the firewall."

"It's very easy to deploy."

More NGINX App Protect pros

Cons

"The initial setup could be simplified. Every time you have to install the solution you have to get in touch with support or somebody that can to do that for you."

"It would be useful if the solution used more intelligence in attack protection. For example, firewalls are to be dependent on the configuration, but if they could have some data science around it the solution would be even better. The profiling of the traffic, and making decisions surrounding that should be intelligence-based, instead of being based on the configuration of the firewall itself."

"Support is one thing I wish Imperva could improve."

"I would like the solution to improve its support response time."

"Imperva Web Application Firewall could improve the console by making it easier to use."

"The process to upgrade from one version to another can be a lot simpler than it is currently."

"It is complicated to integrate the solution's on-cloud version with other platforms."

"In the past, I have bugs on the WAF. I've contacted Imperva about them. Future releases should be less buggy."

More Imperva Web Application Firewall cons

"It's challenging if you need to go for a high throughput."

"Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks."

"Currently, the policies have to be handled manually, and you have to create from scratch, which can be a bit time-consuming, in a large environment."

"The setup of NGINX App Protect is complex. The full process took one week to complete. Additionally, we had to change the network infrastructure platform which took one month."

"Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time."

"I encountered issues with NGINX App Protect while trying to upgrade custom rules."

"They could provide a better user interface."

"The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required."

More NGINX App Protect cons

Pricing and Cost Advice

"Everybody complains about the price of this solution."

"The pricing is somewhat expensive. It is actually a huge investment when compared to other countries."

"There is a license for this solution and we purchase the license annually with no additional fees."

"It's an excellent product, but it can be very costly."

"Licensing can range from one to twenty thousand dollars annually. Additionally, some features, including software support, require an annual subscription as well."

"The price is high compared to other solutions like FortiWeb."

"There are a couple of different licensing models."

"Imperva’s pricing is a bit higher in the market since it offers a full-blown WAF."

More Imperva Web Application Firewall pricing and cost advice

"NGINX is not expensive."

"There are not any additional costs we had to pay to use NGINX App Protect."

"The price of NGINX App Protect is approximately $3,000 annually. All of our licenses are observed by a managed service partner."

"Our licensing costs are about $40,000 a year."

"The price of NGINX App Protect is not much different from the products that fall under the leader category of Gartner Magic Quadrant."

"The pricing is reasonable because NGINX operates on an instance basis."

"There is a license needed to use NGINX App Protect."

"The licensing fees for this solution are pretty expensive for what it does, but there is no alternative."

More NGINX App Protect pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.

See recommendations

814,649 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

17%

Computer Software Company

14%

Manufacturing Company

Insurance Company

Computer Software Company

20%

Financial Services Firm

13%

Manufacturing Company

Energy/Utilities Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?

My recommendation is Imperva.

Is Citrix ADC (formerly Netscaler) the best ADC to use and if not why?

For ADC, any ADC can do a good job. But in case if you want to add WAF functionality to the same ADC hardware you have to look for other ADC's like F5, Imperva, Radware, Fortinet, etc.

DDoS solutions: Any other solutions to consider aside from Radware DefensePro and F5 Silverline DDoS Protection?

You can have a look to Imperva Cloud WAF, the anti-DDoS mitigation is under 1s and works very well. I observed a lot of DDoS attacks that were well managed (even not seen by the customer) by Imperv...

What do you like most about NGINX App Protect?

It's very easy to deploy.

What is your experience regarding pricing and costs for NGINX App Protect?

The product's price is high.

What needs improvement with NGINX App Protect?

The product's price is high, making it an area of concern where improvements are required. The tool's licensing model is also not good. The product should have more documentation, especially like t...

F5 Advanced WAF vs Imperva Web Application Firewall

Comparisons

Compared 18% of the time

Microsoft Azure Application Gateway vs Imperva Web Application Firewall

Compared 17% of the time

AWS WAF vs Imperva Web Application Firewall

Compared 15% of the time

Azure Front Door vs Imperva Web Application Firewall

Compared 11% of the time

Fortinet FortiWeb vs Imperva Web Application Firewall

Compared 9% of the time

More Imperva Web Application Firewall Competitors

Microsoft Azure Application Gateway vs NGINX App Protect

Compared 22% of the time

Fortinet FortiWeb vs NGINX App Protect

Compared 16% of the time

AWS WAF vs NGINX App Protect

Compared 11% of the time

F5 Advanced WAF vs NGINX App Protect

Compared 11% of the time

open-appsec vs NGINX App Protect

Compared 8% of the time

More NGINX App Protect Competitors

Product Reports

Imperva Web Application Firewall

Download Imperva Web Application Firewall product report

NGINX App Protect

Download NGINX App Protect product report

Also Known As

No data available

NGINX WAF, NGINX Web Application Firewall

Learn More

Imperva

Overview

Imperva Web Application Firewall is a versatile solution that protects web applications and databases from various attacks, including DDoS, cross-site scripting, and SQL injection attacks. It offers data security, availability, and access control and can be deployed on-premises or on the cloud.

The solution has good security against web attacks and offers advanced bot protection, API security, and mitigation features. Imperva WAF is easy to configure and deploy; it has good customer service and an excellent user interface.

NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

Integrating security controls directly into the development automation pipeline
Applying and managing security for modern and distributed application environments such as containers and microservices
Providing the right level of security controls without impacting release and go-to-market velocity
Complying with security and regulatory requirements

NGINX App Protect offers:

Expanded security beyond basic signatures to ensure adequate controls
F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
Confidently run in “blocking” mode in production with proven F5 expertise
High‑confidence signatures for extremely low false positives
Increases visibility, integrating with third‑party analytics solutions
Integrates security and WAF natively into the CI/CD pipeline
Deploys as a lightweight software package that is agnostic of underlying infrastructure
Facilitates declarative policies for “security as code” and integration with DevOps tools
Decreases developer burden and provides feedback loop for quick security remediation
Accelerates time to market and reduces costs with DevSecOps‑automated security

Sample Customers

BlueCross BlueShield, eHarmony, EMF Broadcasting, GE Healthcare, Metro Bank, The Motley Fool, Siemens

Information Not Available

Imperva Web Application Firewall vs. NGINX App Protect