NGINX, Inc., the engine delivering sites and applications for the modern web, today announced the availability of NGINX Plus Release 10 (R10), the latest release of its application delivery platform, and most significant release to date. NGINX Plus extends open source NGINX with advanced features and award-winning support for an enterprise ready solution. Today’s updates to NGINX Plus offer even more capabilities that enterprises need to flawlessly deliver and secure both legacy applications, as well as modern, microservices-based applications built in the cloud.

The most notable new feature in NGINX Plus R10 is a Web Application Firewall (WAF) powered by ModSecurity and fully supported by NGINX. According to the latest State of the Internet – Security report by Akamai, the volume of attacks happening against web applications is continuously rising, with a 26% increase in attacks in the first quarter of 2016 compared with the final quarter of 2015. NGINX Plus with ModSecurity WAF helps secure applications and data from a broad range of attacks. In this current climate, a WAF is a must-have for any mission-critical web application.

“In today’s digital environment, a security breach is incredibly costly for any organization — both in lost revenue and damaged reputation. Consumers expect organizations to keep their information safe, and simply cannot allow themselves to be susceptible to major security incidents,” said Gus Robertson, CEO of NGINX, Inc. “With Web Application Firewall support and added security features in NGINX Plus we are providing additional tools to help customers keep their applications and data protected.”

Other key new features in NGINX Plus R10 include:

  • Further security capabilities: In addition to the new WAF, the security capabilities of NGINX Plus have been further enhanced with the addition of support for JSON Web Tokens (JWT) and support for dual stack ECC-RSA certificates. The inclusion of native JWT support in NGINX Plus reduces complexity for application administrators by offloading authentication operations to NGINX Plus. Support for dual stack ECC-RSA certificates enables companies to improve performance by up to 5x with ECC certificates while maintaining backwards compatibility with older devices.
  • Support for IP Transparency and DSR load balancing: In order to support a broader range of enterprise applications and deployments, NGINX Plus R10 adds in support for IP Transparency and Direct Server Return (DSR) load balancing. With IP Transparency the original client IP Address is passed to the backend service, which is mandatory for a large number of enterprise applications. With DSR load balancing, NGINX Plus will make the initial load balancing decision, after which the server will respond directly to the client. DSR is useful for latency sensitive and real time applications since having the server respond directly to the client reduces overall response time.
  • nginScript support: nginScript will form the next-generation configuration and control language for NGINX, giving users deep and fine-grained control over how their applications are delivered and secured. In this preview release, the nginScript module allows users to control HTTP, TCP, and UDP traffic, generating responses and making precise decisions to route requests to the optimal servers.

The NGINX Plus WAF, using the popular ModSecurity module, is available now to NGINX Plus customers in the NGINX dynamic modulesrepository.

To learn more about NGINX Plus R10, please visit: https://www.nginx.com/blog/nginx-plus-r10-released/

To learn more about open source NGINX and the added benefits of NGINX Plus, visit: https://www.nginx.com/products/feature-matrix/

Current and prospective NGINX users can also learn more about NGINX Plus R10 and other NGINX solutions at this year’s annual user conference, nginx.conf 2016, taking place September 7-9 in Austin, Texas. To register, visit: https://www.nginx.com/nginxconf/