Audi Future-Proofs Tech Vision and App Innovation with NGINX

For more than 100 years Audi has enthusiastically embraced the cutting edge. 

The German automotive giant’s longstanding slogan “Vorsprung durch Technik” (roughly, Leading through Technology) is more than just a phrase: It’s been the guiding light for a company that has always put innovation at the heart of its business. 

“If we want to stay successful, we need a constant focus on how technology can enable an exceptional customer experience,” explains Sebastian Kister, Team Lead for the Kubernetes Competence Centre at Audi. “That is exactly why, in recent years, we’ve set out to reinvent the way we create, deploy, run, and optimize our applications.” 

Business Challenge

The Kubernetes Competence Centre, along with its modern application platform, Kubika O, are very much the cornerstones of Audi’s forward-looking and futureproofing vision—not just for itself but also the entire Volkswagen (VW) Group, which owns Audi.

Kubika O was conceived in 2020 as a cloud-independent Kubernetes platform operating as a seamless application environment. It is underpinned by Red Hat OpenShift technology, a container platform for Kubernetes that automates the provisioning, management, and scaling of applications.

Before Kubika O went live, a key consideration was how to secure everything. Audi knew it needed a proven WAF solution with certified, frictionless OpenShift interoperability. And, due to the size and time limitations of the core team, it also required access to robust, 24/7 technical support.

“We needed a vendor that could quickly understand our needs, deliver them, and provide ongoing support,” says Kister. “The teams inside Audi had to be empowered to create applications that support their business objectives, all without needing to worry about the underlying infrastructure and, importantly, how everything is secured. Basically, we wanted to create a safe harbor (platform and standards) for all the containers (projects) that could be lost at sea.”

Solutions

After an initial vendor investigation process, there was only one security solution that ticked all the boxes.

F5 NGINX App Protect is an application security solution that combines the efficiency of F5 Advanced Web Application Firewall (WAF) technology with the agility and performance of NGINX. Delivering a ‘build once, adhere everywhere’ functionality for security policies, NGINX App Protect ensures that DevOps and SecOps can operate effectively and in harmony. When paired with F5 NGINX Ingress Controller, the solution seamlessly secures Kubernetes apps without compromising speed or agility.

Once the solution was agreed on, the NGINX account team worked closely and intensively with all relevant stakeholders to determine the project’s exact specifications, including the delivery of a successful proof of concept. Trusted NGINX partner ConSol was then enlisted to support the implementation process, and the deal was closed in less than two months.

“I don’t buy anything based on PowerPoint presentations,” says Kister. “I wanted to see a working solution aligned with our use cases that could be quickly implemented and maintained by the vendor and its partners.”

With NGINX App Protect in place, Audi was finally able to start harnessing Kubika O’s full potential.

Results

Security baked into the platform

“Today, application owners don’t have to worry about the infrastructure at all,” Kister enthuses. “They still need to do their app operation security assessments, but when it comes to infrastructure issues like real-time scanning and vulnerability scanning, that is all baked into the platform. This means that 80% of the security assessment is already done. Without NGINX, we wouldn’t be able to provide this assurance without relying on the functionality of the cloud providers, which would negate our cloud agnostic stance.”

Flexibility to adapt to new business needs

Kubika O currently facilitates several key apps central to VW Group’s operations, with use cases including data collection, analytics, and automation. The platform’s built-in flexibility also means it is ready to quickly adapt to emerging business needs and challenges.

Effective security administration that drives cultural and behavioral change

For Kister, however, one of the most rewarding outcomes of Kubika O’s impact to date is the way it has driven genuine transformation and behavioral change across the VW Group.

“We are a small team, but we are making a huge impact,” he says. “Every customer we work with doesn’t just get a service – they learn from us. They see how we operate, and we contribute to cultural change across the company, project by project. Ultimately, every enhancement to our driving experience is software  and data driven. That is why Kubika O is, and will remain, an essential part of our future.”

Audi logo
Benefits
  • F5 NGINX App Protect delivers a “build once, adhere everywhere” functionality for WAF security policies, ensuring that DevOps and SecOps operate effectively and in harmony
  • Paired with F5 NGINX Ingress Controller, the solution seamlessly secures Kubernetes apps without compromising speed or agility
  • Provided a comprehensive Kubernetes security platform that was quickly implemented and supported by the NGINX and its partners

Challenges
  • Audi’s cloud-independent Kubernetes platform, designed to serve as a seamless application environment, required comprehensive security
  • Needed a proven WAF solution with certified, frictionless Red Hat OpenShift interoperability 
  • Due to the size and time limitations of the core security team, it also required access to robust, 24/7 technical support

Products