Organizations are rapidly adopting cloud‑native app delivery – 27% of organizations plan to deploy more than half of their apps in the cloud by the end of this year and by 2022, 35% of all production apps will be cloud native, according to the API management survey that NGINX commissioned from IDC for 2019. The drive to cloud migration and cloud‑native app development unlocks IT agility and exceptional digital experiences for customers. And yet cloud‑native app delivery comes with challenges of security, visibility, and control. Why do these challenges persist? We’re seeing several drivers.
Here are some of the pain points we observe in cloud‑native app delivery:
Apps hosted in the cloud are considered more difficult to manage than on‑premises apps, not because security and visibility options are worse, but because they are different. Since we can no longer rely on ring‑fenced security, we must use cloud‑friendly tooling to build security into the lifecycle of each app. However, that tooling varies from cloud to cloud, with differing levels of quality and numbers of features making visibility and control inconsistent across clouds. Although cloud architectures are critical to supporting digital business efforts, they result in a corresponding explosion in complexity due to tool sprawl.
Conventional wisdom says that public clouds are cheaper than on‑prem deployments because infrastructure management is delegated to cloud providers – goodbye servers! Yet 82% of enterprises ranked “spend” as a top challenge in the cloud. Why? Because it’s hard to know what your deployment is going to cost until after it’s been built. Often the services must be compiled in a piecemeal fashion and many products carry bloated code that increases costs. Some clouds require you to pay for both incoming and outgoing traffic. And of course, while the tooling offered by a specific cloud provider might meet your needs today, if you move an app to a different cloud you might have to scrap your technology investment and start from scratch.
Most organizations report a skill gap in security and struggle to fill security roles despite the high unemployment and economic recession caused by COVID‑19. Even with adequate staffing, SecOps teams struggle to keep up with the breakneck app release cadence that has become typical. Tool sprawl presents a steep learning curve, leading to inconsistent policies and difficulty remaining compliant with regulations. And so SecOps becomes the villain, with DevOps viewing them as a major constraint on the ability to deliver software quickly. Shadow IT and vulnerabilities become the norm. Security is sacrificed to achieve speed.
We’ve painted a rather gloomy picture of cloud‑native app delivery, but at NGINX we see a bright future. From self‑service provisioning to turnkey environments, our offerings help you migrate your apps, integrate your environments, and automate your toil. With the NGINX Application Platform, you can:
To simplify your stack and implement standard, enterprise‑grade services across a hybrid‑ or multi‑cloud environment, you need a cloud‑agnostic solution that provides the same services across all your environments. The NGINX Application Platform does just that.
NGINX Plus with NGINX App Protect – The only all-in-one load balancer, reverse proxy, and API gateway with WAF. Operate standalone or integrate with public cloud services to enable high‑performance app delivery while protecting your apps from a range of threats including the OWASP Top 10 and beyond.
NGINX Ingress Controller with NGINX App Protect – The best-in-class traffic management solution for containerized, cloud‑native environments. NGINX App Protect is embedded in NGINX Ingress Controller, moving WAF protection closer to apps and eliminating the need for a separate WAF device.
NGINX Controller – Visibility and control of your NGINX Plus instances across your cloud and on‑prem environments. The Controller App Security add‑on (currently in beta) enables SecOps to protect apps and APIs across multiple clouds.
To accurately forecast spend and save money in the cloud, it’s not enough just to simplify your stack with a cloud‑agnostic solution. You also need solutions that don’t hog CPU or slow down your apps. It’s tricky to find all-in-one solutions that meet these criteria, but NGINX does.
SecOps can turn from villain to hero in the eyes of DevOps by making security easy and pain‑free. The final step, after simplifying your stack and selecting cost‑effective solutions, is to enable automation of security. With CI/CD‑friendly tools and self‑service app management, NGINX helps you bridge the divide between SecOps and DevOps.
Today you can bring your own NGINX licenses (BYOL) to the cloud of your choice, or purchase NGINX Plus (with or without NGINX App Protect) directly from the AWS, Azure, and Google Cloud Platform marketplaces. In 2021, we plan to offer NGINX Plus, optionally with NGINX App Protect, in additional cloud marketplaces and release NGINX Ingress Controller with NGINX App Protect on several container marketplaces.
Start 30‑day trials of NGINX Plus with NGINX App Protect and NGINX Controller, check out the documentation (AWS, Azure, Google Cloud Platform), and enroll in the instructor‑led class Intro to NGINX App Protect.
Contact us to learn how we can help with your cloud strategy and see if a private offer is right for your organization.
"This blog post may reference products that are no longer available and/or no longer supported. For the most current information about available F5 NGINX products and solutions, explore our NGINX product family. NGINX is now part of F5. All previous NGINX.com links will redirect to similar NGINX content on F5.com."