Cloudflare’s connectivity cloud is a unified platform of cloud-native services designed to help enterprises regain control over their IT environments. Powered by an intelligent, programmable global cloud network, it is built to offer security, performance, visibility, and reliability.
$20
per month
NGINX
Score 9.1 out of 10
Mid-Size Companies (51-1,000 employees)
NGINX, a business unit of F5 Networks, powers over 65% of the world's busiest websites and web applications. NGINX started out as an open source web server and reverse proxy, built to be faster and more efficient than Apache. Over the years, NGINX has built a suite of infrastructure software products o tackle some of the biggest challenges in managing high-transaction applications. NGINX offers a suite of products to form the core of what organizations need to create…
N/A
Tenable Nessus
Score 8.8 out of 10
N/A
Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.
Akamai and Edgecast/Verizon are way over-priced, and also require hassling sales people to negotiate prices, and cloudflare just has their prices posted, and don't require a multi-year contract, etc. StackPath is a regular CDN provider, and is probably cheaper than Cloudflare …
Cloudflare works well as security measure that gives peace of mind without needing to work too hard to get it functioning well. It provides great tools to customize the security experience as well. This is all the same for the caching tools as well. They have a lot of built in tools that make using the caching easy right out of the box, but they provide the customization options to get things just right for your site.
Nginx is well-suited for any web server scenarios, such as web applications, backend or reverse proxy for both application and HTTP requests, and distribution. It is less appropriate for Windows-based applications that run directly on a Windows Server host. In any case, it is very easy to manage, through separate conf files for each application or site you want to host with it.
It is an excellent tool for scanning servers, workstations, and network devices to identify missing patches and misconfiguration; we regularly use it to confirm patch effectiveness after the update; it also helps us for preparing audits such as iso 27001, and regulatory requirements, it also helps us to identify open ports and services that violate security.
The best part is the content delivery network. Cloudflare has a large network of data centres around the world that helps cache and delivers content quickly to our customers.
Cloudflare offers us with a fast and reliable DNS service and with the world class features such as Cloudflare workers, SSL verification, certificate management and web application firewall. When all of these are combined together, it provides very strict security for our organization.
One of the most important feature that we use is the analytics and threat detection. It provides us with the real time insights of all the threats originating from multiple locations and landing on our websites.
Nessus is best at performing vulnerability scans, in fact, it gives findings and moreover accurate findings of the assessments. It does not do penetration testing or exploit the vulnerabilities because it is concerned about scanning the systems/applications.
In fact, Nessus has multiple profiles/policies to perform different types of scans such as, scans oriented for PCI-DSS, malware scans, web application scans, bad shell shock detection scan to name a few.
Nessus has the ability to classify the vulnerabilities into risk-based categories from critical to even informational which I think is one of the things that separates Nessus from other vulnerability scanners.
In some cases, using Cloudflare can actually lead to slower website speeds if the network is congested or if the website's traffic is particularly heavy.
Some website owners may find that the level of customization offered by Cloudflare is limited, especially in comparison to other solutions.
While Cloudflare is easy to set up and manage, it may be too complex for users who are not familiar with web technologies.
Customer support can be strangely condescending, perhaps it's a language issue?
I find it a little weird how the release versions used for Nginx+ aren't the same as for open source version. It can be very confusing to determine the cross-compatibility of modules, etc., because of this.
It seems like some (most?) modules on their own site are ancient and no longer supported, so their documentation in this area needs work.
It's difficult to navigate between nginx.com commercial site and customer support. They need to be integrated together.
I'd love to see more work done on nginx+ monitoring without requiring logging every request. I understand that many statistics can only be derived from logs, but plenty should work without that. Logging is not an option in many environments.
The tool has lots of options for setting up before scanning any device, this methodology could be simplified further with default configuration for various devices predefined, anyhow we can use this technique by making use of policies.
For advanced users we cannot disable the plugins inside the plugin groups, we can enable the whole set of plugins at a time, for few hundreds its ok, but thousands of plugins are of waste of resource and time.
Nessus is best and easy to use application for Vulnerabilities finding and reporting, it has multiple platforms and wide scope covering almost all devices for security improvement so far, thus we are very likely to continue its services.
Everything is extremely concise and all settings apply immediately and take effect globally. There is no reason to explicitly plan/think in terms of individual regions as one would have to traditional cloud offerings (AWS, OCI, Azure). All Cloudflare products integrate seamless as part of a single pipeline that executes from request to response.
This tool is really easy to use and configure. Consumes very less system resources. It is highly modular and configurable. You can easily use it with other tools like certbot for SSLs. You can configure basic security with configuration and headers
Tenable Nessus is a great product and provides a lot of value, but it is difficult to set up and use and the amount of data it generates can be overwhelming. It does help us prioritize based on the severity of the detection, however there are sometimes mitigating factors that we have implemented that Nessus does not account for, which causes lots of noise in the reports.
Excellent product, Cloudflare is a true pioneer of the modern Internet, providing tools, services, and expertise that vastly improve the performance and security of web services. Any issues are resolved quickly with detailed RCA and follow-ups published publicly. I'm thankful to Cloudflare and use their services both at work and at home.
Community support is great, and they've also had a presence at conferences. Overall, there is no shortage of documentation and community support. We're currently using it to serve up some WordPress sites, and configuring NGINX for this purpose is well documented.
I haven't needed to contact support yet. But issues are easily solved with a quick internet search which means support and by extension, the larger community are involved and knowledgeable.
I have found that [NGINX] seems to perform better throughout the years with less issues although I've used Apache more. I would definitely recommend [NGINX] for any high volume site and I've seen this to usually be the case from most provided web hosts who will pick [NGINX] over alternatives
Sometimes when we identify a vulnerability with Nessus that has an exploit, we made a proof of concept with Metasploit in order to show to the IT managers the importance of the software/hardware hardening.
Immediate ROI on Registrar and DNS hosting while giving a single plane of glass to managing both with domain registrations at cost, and no cost DNS hosting
WAF helped us move at risk servers/applications into a protected state allowing us to perform remediations at a measured pace and get them done right instead of band aide solutions.
CDN proxying increase the speed of our website while simultaneously reducing server load.
DMARC management and report interpretation allow use to identify weak points in our email systems, remediate and move to stricter policies without significantly increasing staff time spent managing it.
By using Nginx, we can host multiple web services on a single server, keeping our infrastructure costs lower.
Nginx maintains our HTTPS connections, allowing us to keep our promise to our customers that their data is safe in transit.
Due to Nginx's extremely low failure rate, our web addresses always return something meaningful, even when individual services go down. In sense, this means we are "always online" and allows us to maintain brand and support our customers even in the face of catastrophe.
Nessus certainly has a positive impact while me while performing my job, either as security research, or performing vulnerability assessments for clients. It gives a lot of information about the system/application after performing scans. The number of false positives is also less compared to other vulnerability scanners.
The professional edition is very useful as policy templates available in this edition are very handy and useful even to perform compliance scan like PCI DSS scan.
Also, the ability to export the scan results into reports in formats like HTML, PDF is very useful which could be for performing system/application reviews.
