Slide 1

Slide 1 text

Code Strong, Hack-Proof: Elevate DevOps Security with API, Container, Traffic! Minh Nguyen APCJ Modern Apps Specialist @ F5

Slide 2

Slide 2 text

©2024 F5 2 Meet Jane, the IT Manager Jane faces challenges managing a mix of old and new applications

Slide 3

Slide 3 text

©2024 F5 3 Jane heard about NGINX PLUS. The consultant said NGINX Plus can help to simplify her workload and enhance security.

Slide 4

Slide 4 text

©2024 F5 4 But first, what is NGINX? Open-Source Project Lightweight From monolithic to microservices North-South, East-West traffic

Slide 5

Slide 5 text

©2024 F5 5 What is NGINX Plus? A licensed version of NGINX Enhanced capabilities

Slide 6

Slide 6 text

Kubernetes Ingress Controller Application Delivery Controller Reverse Proxy / Load Balancing WebServer / Content Cache

Slide 7

Slide 7 text

Kubernetes Ingress Controller Application Delivery Controller Reverse Proxy / Load Balancing WebServer / Content Cache

Slide 8

Slide 8 text

API Operation API GW Management API Security API Gateway

Slide 9

Slide 9 text

API Operation API GW Management API Security API Gateway

Slide 10

Slide 10 text

App Protect WAF (F5 WAF Engine) Encryption traffic management (mTLS) Authentication Proxy Application Security App Protect DoS (F5 L7 DoS Protection)

Slide 11

Slide 11 text

App Protect WAF (F5 WAF Engine) Encryption traffic management (mTLS) Authentication Proxy Application Security App Protect DoS (F5 L7 DoS Protection)

Slide 12

Slide 12 text

Monitoring Self-Service Monitoring Analytics NGINX Instance Manager Config Management API for NGINX

Slide 13

Slide 13 text

Monitoring Self-Service Monitoring Analytics NGINX Instance Manager Config Management API for NGINX

Slide 14

Slide 14 text

Universal Application Server Multiple languages Proxy to back-end Serve Static Content Reduce Resource Consumption

Slide 15

Slide 15 text

Universal Application Server Multiple languages Proxy to back-end Serve Static Content Reduce Resource Consumption

Slide 16

Slide 16 text

App Protect WAF (F5 WAF Engine) Monitoring Encryption traffic management (mTLS) Authentication Proxy Kubernetes Ingress Controller Application Security API Operation Self-Service Application Delivery Controller Reverse Proxy / Load Balancing WebServer / Content Cache API GW Management API Security API Gateway Monitoring Analytics NGINX Instance Manager Config Management API for NGINX App Protect DoS (F5 L7 DoS Protection) Universal Application Server Multiple languages Proxy to back-end Serve Static Content Reduce Resource Consumption

Slide 17

Slide 17 text

©2024 F5 17 Sample Use Cases 17 WAAP / Web App Firewall NGINX One NGINX Instance Manager

Slide 18

Slide 18 text

©2024 F5 18 | ©2024 F5 18 High-performance, automated, lightweight NGINX App Protect Platform-agnostic security Simplifies security’s “shift left” Industry-proven WAF and L7 DoS Protection Flexible deployment Extensible API security

Slide 19

Slide 19 text

©2024 F5 19 Which NGINX Ingress Controller are you using? COULD IT BE MORE CONFUSING? kubernetes.io https://docs.nginx.com/nginx-ingress-controller/intro/nginx-ingress-controllers

Slide 20

Slide 20 text

©2024 F5 20 How NGINX PLUS (N+) drives DevOps Success? "N+ is a multi-function tool equipped with Security.” Streamline, Simplify, Succeed! One tool for Load Balancer, API Gateway, and Kubernetes Ingress Controller.