# Overview Type of document: How-to guide Product: F5 WAF for NGINX --- [F5 WAF for NGINX](https://www.f5.com/products/nginx/nginx-app-protect) (formerly NGINX App Protect WAF) is an advanced, lightweight and high-performance web application firewall (WAF) for applications and APIs. It provides protection for the OWASP Top 10, with additional functionality: - HTTP response inspection and protocol compliance - Data schema validation (JSON & XML) - Meta character checking - Disallowing file types For more details, see the [Supported security policy features](/waf/policies/configuration.md#supported-security-policy-features). It is platform-agnostic and supports a range of deployment options: 1. [Virtual machine or bare metal](/waf/install/virtual-environment.md) - NGINX and WAF components operate on the host system - Ideal for existing NGINX virtual environments 1. [Docker](/waf/install/docker.md) - NGINX and WAF components are deployed as containers - Ideal for environments with multiple deployment stages 1. [Kubernetes](/waf/install/kubernetes.md) - Integrates NGINX and WAF components in a single pod - Ideal for scalable, cloud-native environments For more details, see the [Technical specifications](/waf/fundamentals/technical-specifications.md). F5 WAF for NGINX is part of the [NGINX One](https://www.f5.com/products/nginx/one) premium packages and runs natively on [NGINX Plus](https://www.f5.com/products/nginx/nginx-plus) and [NGINX Ingress Controller](https://www.f5.com/products/nginx/nginx-ingress-controller).