We changed our name from IT Central Station: Here's why

F5 Advanced WAF vs NGINX App Protect comparison

Cancel
You must select at least 2 products to compare!
F5 Advanced WAF Logo
7,226 views|5,434 comparisons
NGINX App Protect Logo
3,671 views|3,049 comparisons
Featured Review
Find out what your peers are saying about F5 Advanced WAF vs. NGINX App Protect and other solutions. Updated: January 2022.
563,780 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The most valuable feature is that it is secure.""It's scalable and very easy to manage.""The valuable features vary from customers to customers. Some customers are okay with the basic features of the WAF, and some customers use advanced WAF with a few other features.""In terms of F5 Advanced WAF's most valuable features, I would definitely say its stability. F5 is one the most stable products. Either as the load balancer or the web application firewall, it is very stable.""It is also quite intuitive and user-friendly. They have several webinars that are actually like labs. You can use these webinars to learn about how to use all features of the product.""The most valuable features of F5 Advanced WAF are SSL uploading, signature, and anomaly detection. It is overall a high-quality solution.""The most valuable features of this solution are the WAF protection, Data Safe, and the seven-layer DDoS.""Feature-wise, they are always cutting edge and up-to-date. Many features aren't available via competitors. There's always a lot of enhanced critical features that just aren't available through anyone else, or, if they are, are too lightweight."

More F5 Advanced WAF Pros →

"WAF is useful to track mitigation, inclusion, prevention, and the parametric firewall.""We were looking for a product that is capable of complete automation and a container based solution. It's working.""The most valuable feature is that there is a link in the system that will help to analyze the security of an application when something abnormal is found.""The most valuable feature is that I can establish different services from the firewall."

More NGINX App Protect Pros →

Cons
"I would like to see a better interface and better documentation compatibility with other products. It's more complicated with OWASP.""It should be a little bit easy to deploy in terms of the overall deployment session. One of our customers is a bit unhappy about the reporting options. Currently, it automatically deletes event logs after some limit if a customer doesn't have any external Syslog server. It is a problem for those customers who want to review event logs after a week or so because they won't get proper reports or event logs. They should increase the duration to at least a month or two for storing the data on the device. F5 is not a leader in Gartner Quadrant, which affects us when we go and pitch this solution. Customers normally go and take a look at such annual reports, and because F5 is currently not there as a leader, the customers ask about it even though we are saying it is good in all things. F5 is not known for something totally different or unique. They were a major player in ADP, and they are just rebranding themselves into security. They should improve or increase their marketing as a security company now. They have already started to do that, but they should do it more so that when it comes to security, customers can easily remember F5. At the moment, if we say F5, load balancing comes to mind. With rebranding and marketing, all customers should get the idea that F5 is now mainly focusing on the security part of it, and it is a security company instead of load balancing. This is the first solution that should come to a customer's mind for a web application firewall.""Scalability could be improved.""Its price should be better. It is expensive.""We usually use a third-party tool for logging and reporting. It would be nice if we could do that right on this solution. They have one, but it's not very stable. Logging and reporting effectively would be a big enhancement.""The interface is old-looking, it's not modern, which is why it's not always comfortable to use.""The BIG-IQ is supposed to centralize the management for all of the boxes but it's not very effective.""There is a gap in report management."

More F5 Advanced WAF Cons →

"Setting policies and parameters through the UI should be more automated because the process is manual, where we can only edit one rule at a time.""It's challenging if you need to go for a high throughput.""The configuration needs to be more flexible because it is difficult to do things that are outside of the ordinary.""As far as scalability, it takes a long time for deployment."

More NGINX App Protect Cons →

Pricing and Cost Advice
  • "It's more expensive than other solutions and depending on the modules, there can be additional fees."
  • "F5 bundles up services and the bundle is what you pay for rather than individual components."
  • "Its price is fair. We have done a couple of deals where they were able to give some kind of discount to the customers. The price was initially high for the customers, but after a couple of negotiations, it came within their budget. They were happy with that."
  • "There are various plans available for Fortinet FortiWeb Cloud WAF as a Service, including a trial version."
  • "It is expensive. Its price should be better. Its licensing is on a yearly basis. Its licensing is also based on the model. There are no additional costs."
  • "I don't have any issue with the pricing of this solution."
  • "There is an annual subscription for this solution."
  • "The price of the solution is reasonable when compared with other products, such as FortiWeb. I am very satisfied with the price."
  • More F5 Advanced WAF Pricing and Cost Advice →

  • "The licensing fees for this solution are pretty expensive for what it does, but there is no alternative."
  • "Our licensing costs are about $40,000 a year."
  • "Really understand the licensing model, because we underestimated that."
  • More NGINX App Protect Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    563,780 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    One of the most valuable features is the Local Traffic Manager.
    Top Answer: 
    The Sandbox integration feature could be improved.
    Top Answer: 
    We were looking for a product that is capable of complete automation and a container based solution. It's working.
    Top Answer: 
    The licensing is yearly, and we have two teams using NGINX App Protect. Just our team has a yearly fee of maybe $25,000. It's not a lot, but it's because we made decisions on the architecture style to… more »
    Top Answer: 
    The solution is working on OpenShift, but we have the feeling the product was designed not only for OpenShift or a container-based solution to operate. In addition, they have a messy license model… more »
    Ranking
    Views
    7,226
    Comparisons
    5,434
    Reviews
    13
    Average Words per Review
    587
    Rating
    8.4
    Views
    3,671
    Comparisons
    3,049
    Reviews
    4
    Average Words per Review
    615
    Rating
    7.5
    Comparisons
    Also Known As
    NGINX WAF, NGINX Web Application Firewall
    Learn More
    Overview

    F5's Advanced WAF is built on proven F5 technology and goes beyond reactive security such as static signatures and reputation to proactively detect and mitigate bots, secure credentials and sensitive data, and defend against application denial-of-service (DoS). Advanced WAF redefines application security to address the most prevalent threats organizations face today.

    Advanced WAF is offered as an appliance, virtual edition, and as a managed service—providing automated WAF services that meet complex deployment and management requirements while protecting your apps with great precision. It is the most effective solution for guarding modern applications and data from existing and emerging threats while maintaining compliance with key regulatory mandates.

    Advanced WAF redefines application security to address the most prevalent threats organizations face today:

    •Web attacks that steal credentials and gain unauthorized access across user accounts.
    •Application layer attacks that evade static security based on reputation and manual signatures.
    •New attack surfaces and threats due to the rapid adoption of APIs.
    •OWASP Top 10 vulnerabilities

    NGINX App Protect application security solution combines the efficacy of advanced F5 web application firewall (WAF) technology with the agility and performance of NGINX Plus. The solution runs natively on NGINX Plus and addresses some of the most difficult challenges facing modern DevOps environments:

    • Integrating security controls directly into the development automation pipeline
    • Applying and managing security for modern and distributed application environments such as containers and microservices
    • Providing the right level of security controls without impacting release and go-to-market velocity
    • Complying with security and regulatory requirements

    NGINX App Protect offers:

    • Expanded security beyond basic signatures to ensure adequate controls
    • F5 app‑security technology for efficacy superior to ModSecurity and other WAFs
    • Confidently run in “blocking” mode in production with proven F5 expertise
    • High‑confidence signatures for extremely low false positives
    • Increases visibility, integrating with third‑party analytics solutions
    • Integrates security and WAF natively into the CI/CD pipeline
    • Deploys as a lightweight software package that is agnostic of underlying infrastructure
    • Facilitates declarative policies for “security as code” and integration with DevOps tools
    • Decreases developer burden and provides feedback loop for quick security remediation
    • Accelerates time to market and reduces costs with DevSecOps‑automated security
    Offer
    Learn more about F5 Advanced WAF
    Learn more about NGINX App Protect
    Sample Customers
    MAXIMUS, Vivo, American Systems, Bangladesh Post Office, City Bank
    Information Not Available
    Top Industries
    REVIEWERS
    Financial Services Firm46%
    Non Tech Company15%
    Energy/Utilities Company8%
    Printing Company8%
    VISITORS READING REVIEWS
    Computer Software Company27%
    Comms Service Provider26%
    Financial Services Firm8%
    Government6%
    VISITORS READING REVIEWS
    Computer Software Company28%
    Comms Service Provider25%
    Government6%
    Financial Services Firm6%
    Company Size
    REVIEWERS
    Small Business25%
    Midsize Enterprise33%
    Large Enterprise42%
    No Data Available
    Find out what your peers are saying about F5 Advanced WAF vs. NGINX App Protect and other solutions. Updated: January 2022.
    563,780 professionals have used our research since 2012.

    F5 Advanced WAF is ranked 4th in Web Application Firewall (WAF) with 14 reviews while NGINX App Protect is ranked 12th in Web Application Firewall (WAF) with 4 reviews. F5 Advanced WAF is rated 8.4, while NGINX App Protect is rated 7.6. The top reviewer of F5 Advanced WAF writes "It is very stable as as a load balancer or a web application firewall". On the other hand, the top reviewer of NGINX App Protect writes "A stable system with good security and load balancing". F5 Advanced WAF is most compared with Microsoft Azure Application Gateway, Fortinet FortiWeb, Imperva Web Application Firewall, Azure Front Door and F5 BIG-IP Local Traffic Manager (LTM), whereas NGINX App Protect is most compared with AWS WAF, Microsoft Azure Application Gateway, Azure Front Door, Fortinet FortiWeb and Cloudflare. See our F5 Advanced WAF vs. NGINX App Protect report.

    See our list of best Web Application Firewall (WAF) vendors.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.