# Start With Linux

## Overview

open-appsec can be deployed as an add-on for NGINX, Kong Gateway or APISIX Gateway to provide protection to any applications and APIs served by NGINX Reverse Proxy, NGINX Webserver, Kong API Gateway or APISIX API Gateway. 

{% tabs %}
{% tab title="NGINX" %}

<figure><img src="https://1225393248-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNcZmX14M2KdTBrq9EOnI%2Fuploads%2FlJi0283RrbDT28JyFZcN%2Fimage.png?alt=media&#x26;token=f875e657-a6f3-47d8-a8e6-7bc87998bf7a" alt=""><figcaption></figcaption></figure>
{% endtab %}

{% tab title="Kong Gateway" %}

<figure><img src="https://1225393248-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNcZmX14M2KdTBrq9EOnI%2Fuploads%2F66QM77ykpkuzfYu4z6Vn%2Farchitecture-kong-linux.png?alt=media&#x26;token=081140bd-757a-4e3a-88cc-fd31774b2c1b" alt=""><figcaption></figcaption></figure>
{% endtab %}

{% tab title="APISIX Gateway" %}

<figure><img src="https://1225393248-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNcZmX14M2KdTBrq9EOnI%2Fuploads%2FKzg7jXfgwDkupSly4EGn%2Fimage.png?alt=media&#x26;token=4dc7b3c0-9e14-4857-b85c-09c771106acd" alt=""><figcaption></figcaption></figure>
{% endtab %}
{% endtabs %}

### Proxy vs. locally-served applications

{% hint style="info" %}
The open-appsec agent attaches itself to the traffic being **proxied** by the Proxy Server or API server.
{% endhint %}

If the server serves applications locally, and does not serve as a proxy between an exposed domain and an internal one - open-appsec can still inspect the traffic if you change the port for the local applications to a higher port, and add a proxy rule between the exposed listening domain and port, to the same local machine at a higher port.

{% content-ref url="start-with-linux/install-open-appsec-for-linux" %}
[install-open-appsec-for-linux](https://docs.openappsec.io/getting-started/start-with-linux/install-open-appsec-for-linux)
{% endcontent-ref %}