IT Security at a insurance company with 501-1,000 employees
Real User
Top 20
2024-01-16T10:08:45Z
Jan 16, 2024
The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required. The main menu can be quite confusing. After you implement it, it's not so easy to understand how it works. Though in my company, we understand the basics of the product, if you want to explore the more advanced features, then the principal product doesn't explain it to us, which can be quite confusing when navigating through the main menu.
During the NGINX App Protect v1.1 upgrade, we encountered compatibility issues with our existing telecom infrastructure, specifically the load balancer and WAF. These issues manifested as difficulties with the HTTP 1.1 protocol. While attempting to solve the problem through upgrades, we ultimately opted for alternative solutions as the desired effect could not be achieved. This highlights the technical challenges of integrating NGINX App Protect with diverse network components.
Manager - Cyber Security at a financial services firm with 10,001+ employees
Real User
Top 20
2022-09-05T08:50:16Z
Sep 5, 2022
NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution. In the next release, I'd like to see some enhancements in bot protection, API security, and mobile application security.
Head Competence Center Agile & Communication at a insurance company with 1,001-5,000 employees
Real User
2021-11-07T10:14:00Z
Nov 7, 2021
The solution is working on OpenShift, but we have the feeling the product was designed not only for OpenShift or a container-based solution to operate. In addition, they have a messy license model; it's not really made for microservice architecture. It's getting expensive really, really fast. NGINX made some promises for a roadmap which they weren't able to deliver. One was about virus scanning, and the other was WebSocket inspection. I think they will provide both features in the future, but the communication was really bad. Then there was a problem in production during config reload. If you want to deploy a new API, it takes around 20 seconds. For one API it's not a lot, but if you have 300 APIs, it takes a lot of time. It's not made for deployment in a self-service model. Most important to see in a new release would be the WebSocket inspection and virus scan.
The solution does well when there's low throughput but when we go for any high throughput, it's always a challenge. I'm expecting the next version to have a better high throughput. I also find that the bug fix rate is pretty slow. I would like to see some more tools and to have some more automation capabilities in the next release, because right now the exposure of the API in NGINX is pretty limited. So I would like to see more of that as well as robustness in the scaling of the solution.
Manager - Cyber Security (SOC) at a financial services firm with 10,001+ employees
Real User
2020-02-13T07:51:01Z
Feb 13, 2020
This firewall should support more of the network layers. Profiling capability should be improved. Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time.
Chief Technology Officer at a tech services company with 201-500 employees
Real User
2020-01-26T09:26:00Z
Jan 26, 2020
The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary. This solution would benefit from having a support portal that can be opened directly from the dashboard.
The contributions I think sometimes take a toll on you like you're going to spend a lot of time on the right contributions. So as a product it is good, but from the development standpoint but if you think about somebody who's not from development background, this won't work. It's not up to speed if you really realize. So the set up process, it's good from a development standpoint. The development was easy to set up because they know that their understanding of the machine that they are going to set it up and take care of everything else.
NGINX App Protect application security solution combines the efficacy of
advanced F5 web application firewall (WAF) technology with the agility and performance of
NGINX Plus. The solution runs natively on NGINX Plus and addresses some
of the most difficult challenges facing modern DevOps environments:
Integrating security controls directly into the development automation pipeline
Applying and managing security for modern and distributed application environments such as containers and...
NGINX App Protect could provide a better user interface.
The product's user interface is an area with shortcomings as it can be quite confusing for users, making it an area where improvements are required. The main menu can be quite confusing. After you implement it, it's not so easy to understand how it works. Though in my company, we understand the basics of the product, if you want to explore the more advanced features, then the principal product doesn't explain it to us, which can be quite confusing when navigating through the main menu.
During the NGINX App Protect v1.1 upgrade, we encountered compatibility issues with our existing telecom infrastructure, specifically the load balancer and WAF. These issues manifested as difficulties with the HTTP 1.1 protocol. While attempting to solve the problem through upgrades, we ultimately opted for alternative solutions as the desired effect could not be achieved. This highlights the technical challenges of integrating NGINX App Protect with diverse network components.
The solution's technical support could be better.
NGINX App Protect would be improved with integration with Shape and F5 WAF, which would make it easy for users to manage all their web application security with a single solution. In the next release, I'd like to see some enhancements in bot protection, API security, and mobile application security.
The price of NGINX App Protect could improve.
The integration of NGINX App Protect could improve.
Areas for improvement would be if NGINX could scan for vulnerabilities and learn and update the signatures of DoS attacks.
The dashboard could provide a more comprehensive view of the status of the connections.
The solution is working on OpenShift, but we have the feeling the product was designed not only for OpenShift or a container-based solution to operate. In addition, they have a messy license model; it's not really made for microservice architecture. It's getting expensive really, really fast. NGINX made some promises for a roadmap which they weren't able to deliver. One was about virus scanning, and the other was WebSocket inspection. I think they will provide both features in the future, but the communication was really bad. Then there was a problem in production during config reload. If you want to deploy a new API, it takes around 20 seconds. For one API it's not a lot, but if you have 300 APIs, it takes a lot of time. It's not made for deployment in a self-service model. Most important to see in a new release would be the WebSocket inspection and virus scan.
The solution does well when there's low throughput but when we go for any high throughput, it's always a challenge. I'm expecting the next version to have a better high throughput. I also find that the bug fix rate is pretty slow. I would like to see some more tools and to have some more automation capabilities in the next release, because right now the exposure of the API in NGINX is pretty limited. So I would like to see more of that as well as robustness in the scaling of the solution.
This firewall should support more of the network layers. Profiling capability should be improved. Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time.
The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary. This solution would benefit from having a support portal that can be opened directly from the dashboard.
The contributions I think sometimes take a toll on you like you're going to spend a lot of time on the right contributions. So as a product it is good, but from the development standpoint but if you think about somebody who's not from development background, this won't work. It's not up to speed if you really realize. So the set up process, it's good from a development standpoint. The development was easy to set up because they know that their understanding of the machine that they are going to set it up and take care of everything else.