Akamai Akamai App & API Protector offers protection for websites, web applications and APIs. An evolution of Kona Site Defender, a web application security platform designed to protect web and mobile assets from targeted web application attacks and DDoS attacks while improving performance.
N/A
F5 Distributed Cloud API Security
Score 9.1 out of 10
N/A
F5's Distributed Cloud API Security provides discovery and deep insights from use of AI/ML. It can be used to block API attacks in real time and eliminate vulnerabilities at their source. The SaaS-based portal enables users to manage and go deep for threat analytics, forensics, and troubleshooting of modern applications.
N/A
NGINX
Score 9.1 out of 10
Mid-Size Companies (51-1,000 employees)
NGINX, a business unit of F5 Networks, powers over 65% of the world's busiest websites and web applications. NGINX started out as an open source web server and reverse proxy, built to be faster and more efficient than Apache. Over the years, NGINX has built a suite of infrastructure software products o tackle some of the biggest challenges in managing high-transaction applications. NGINX offers a suite of products to form the core of what organizations need to create…
For F5, there is no company that can compete for security protection. So far, F5 has the strongest security session level provided to the market. Also F5 Distributed Cloud API Security is inter connect to all different environment, which make thing way easier to operate and …
Akamai Kona Site Defender KSD, works fine for any website or mobile application (Native/JDK), it can be used as a WAF, a rate limiting tool, or a bot management tool all in one, plus you will get all the benefits of the Akamai CDN (Content distribution network) as well
I believe it covers everything related to the applications' security aspects, but there are a lot of improvements that need to be made. For example, better granular controls like bot categories listed on the distributed console and a granular URL-based control for the rate-limiting option are needed.
Nginx is well-suited for any web server scenarios, such as web applications, backend or reverse proxy for both application and HTTP requests, and distribution. It is less appropriate for Windows-based applications that run directly on a Windows Server host. In any case, it is very easy to manage, through separate conf files for each application or site you want to host with it.
Customer support can be strangely condescending, perhaps it's a language issue?
I find it a little weird how the release versions used for Nginx+ aren't the same as for open source version. It can be very confusing to determine the cross-compatibility of modules, etc., because of this.
It seems like some (most?) modules on their own site are ancient and no longer supported, so their documentation in this area needs work.
It's difficult to navigate between nginx.com commercial site and customer support. They need to be integrated together.
I'd love to see more work done on nginx+ monitoring without requiring logging every request. I understand that many statistics can only be derived from logs, but plenty should work without that. Logging is not an option in many environments.
F5 Distributed Cloud API Security provides robust API protection with solid threat detection, excellent visibility, and seamless integration into our architecture
Great product. Working with F5 for many years, we found the products F5 provided are all cutting edge technology. Although in F5 Distributed Cloud API Security we still have a lot to find out, but we believe this experience will be very good. Especially on the security side. Trust in F5.
This tool is really easy to use and configure. Consumes very less system resources. It is highly modular and configurable. You can easily use it with other tools like certbot for SSLs. You can configure basic security with configuration and headers
Community support is great, and they've also had a presence at conferences. Overall, there is no shortage of documentation and community support. We're currently using it to serve up some WordPress sites, and configuring NGINX for this purpose is well documented.
F5 Distributed Cloud API Security is our company looking forward product. With more and more API is using in both on prem, private cloud, public cloud and multi cloud environment, we as a financial institution, we are keep into the security settings to protect the information. That's the main reason we want to use this product.
We ran a short POC with Salt. Its data classification and attack replay features were impressive. What held us back was the limited support for hybrid deployments and poor integration into our CI/CD pipelines, as F5 did.
I have found that [NGINX] seems to perform better throughout the years with less issues although I've used Apache more. I would definitely recommend [NGINX] for any high volume site and I've seen this to usually be the case from most provided web hosts who will pick [NGINX] over alternatives
F5 Distributed Cloud API Security mitigates many API-related security threats, including bot attacks, DDoS, data breaches, and unauthorized access attempts.
F5 Distributed Cloud API Security uses robust threat detection, machine learning, and real-time monitoring for speedier identification.
Reductions in security events result in fewer breaches, reduced downtime, and lower attack remediation costs.
By using Nginx, we can host multiple web services on a single server, keeping our infrastructure costs lower.
Nginx maintains our HTTPS connections, allowing us to keep our promise to our customers that their data is safe in transit.
Due to Nginx's extremely low failure rate, our web addresses always return something meaningful, even when individual services go down. In sense, this means we are "always online" and allows us to maintain brand and support our customers even in the face of catastrophe.
