Bastion Product Draft

Run Bastions Services on premises for a truly consistent and

seamless hybrid experience

Nexusguard Bastions is the latest in fully managed solutions delivering Nexusguard services to virtually any on-premises or edge location for a truly consistent and high performing hybrid experience. Built for Communications Service Providers (CSPs) dealing with the impacts triggered by cyber attacks, or seeking to add advanced cybersecurity capabilities to their product portfolio, the purpose-built Nexusguard Bastions combines carrier grade hardware and proprietary technology, and is a culimination of over a decade of experience fighting cyber criminals.

Through the Bastions servers, Nexusguard Network Protection delivers on-premise and always-on attack detection and mitigation for CSPs' infrastructure, keeping threats well at bay for maximum availability. As an extention to Network Protection (NP), Clean Pipe (CP) enables CSPs to offer fully-managed services to its customers that will benefit from additional layers of security, visibility and control.

With Bastions, CSPs can run co-branded Nexusguard Cloud Services locally and at the same time enjoy Nexusguard's Extended Cloud Protection from the cloud. Bastions supports business requirements for low latency access to on-premises systems, local data processing and data residency, while the protection by the Nexusguard Cloud provides security during trans-global security events.


Run Bastions Services On Premises

Extend networking, security and other services on premises for low latency, local data processing, and data residency needs.


Fully Managed Infrastructure

Reduce the time, resources, operational risk, and maintenance downtime required to manage infrastructure with a fully managed experience.


Truly Consistent and Seamless Hybrid Experience

Use the hardware infrastructure, tools and management controls available in Nexusguard Cloud in combination with Bastions services to provide a truly consistent and seamless hybrid experience.


Integrated and Unified User Experience

Deliver a truly unified on-premise and cloud experience by bringing together detection and mitigation tools, visual representations of multiple metrics, indicators and status to create a holistic view of your cybersecurity posture in one Portal.

Locally deployed Bastions provides instantaneous mitigation for attacks originating from networks immediate to the Bastions location, supressing local attacks instantly with no impacts to latencies and performance for optimal user experience.

Read more >


Nexusguard on-premise Bastions operates simultaneously with the Nexusguard Global Scrubbing Cloud to detect and mitigate threats in real-time, in contrast to traditional sequential-hybrid models that requires activations that are often gated procedurally, technically and financially. Bastions and Nexusguard Extended Cloud protection is a fully customizable solution that puts the control back into the CSP's hand on selecting the best strategy during each and every individual event.

Read more >


Security services shouldn’t operate in silo. Bastions allows the CSP to offer a full range of services to protect customer applications, networks and infrastructure, connectivity, and domain name services from all possible cyber attacks - all on the CSP's branded single-paned glass.

Read more >


Nexusguard PoPs consisting of network equipment, detection and mitigation technology and internet connectivity are fully owned and operated by Nexusguard. Partner CSP’s subscribed to the services delivered via Bastions automatically enjoy enhanced availability and an increase in mitigation capacity through Nexusguard’s Edge Protection (EP), delivered via the Nexusguard Cloud.

Read more >

  • Attack monitoring and mitigation with 24x7 SOC & support team
  • Dedicated technical support

Read more >


With turnkey services ready to be delivered out of the box, CSP Product Teams can immediately roll out enterprise-grade DDoS protection and other Managed Security Services.

Read more >


Application Protection (AP), Origin Protection (OP) and DNS Protection (DP) are the primary cloud services delivered through Nexusguard Cloud. Through Nexusguard's Bastions, CSPs can also deliver co-branded AP, OP and DP to their customers locally as an extension of the Nexusguard Cloud.


CSPs can immediately offer their self-branded cloud service that utilizes Nexusguard’s Cloud and extended PoP mitigation capacity to deliver managed security services to their customers


Mitigates attacks close to their source, thereby optimizing user experience


Stops DDoS attacks close to user, providing optimum protection for their network and business


Ensures consistent uptime connections as well as high availability

  • Bastions Brochure

    Nexusguard Bastions is the latest in fully managed solutions delivering Nexusguard services to virtually any on-premises or edge location for a truly consistent and seamless hybrid experience.

    Download now >
  • Nexusguard Extended Cloud Protection Capability Delivers Increased Flexibility For DDoS Protection Solutions

    Deployed within minutes through our partner CSPs, Nexusguard’s range of cloud services deliver immediate security backed by our 24x7 SOC team - all through an affordable, subscription-based service.

    Read the article >
  • InfraProtect vs Origin Protection - A Comparison Guide

    InfraProtect and Origin Protection provide on-demand attack mitigation, protecting your infrastructure (and downstream) against network DDoS attacks of all sizes and types. Both solutions prevent valuable bandwidth from being saturated with malicious traffic and help maintain network and service availability even during a large-scale DDoS attack.

    Read the article >
  • Utilize Network Protection to maintain own backbone network quality and stability

    Network Protection service is implemented at the Bastion PoP of the partner CSP to protect their own backbone. A highly available and stable network backbone is imperative in order to offer value added high quality network services to downstream clients.

    Read now >
  • Deliver Application Protection service to any website or TCP based application servers

    Websites are exposed to both volumetric and application based DDoS attacks. While there are a number of options to protect against volumetric attacks, Application Protection is the only option that provides all round protection including WAF. Implementing together with DNS Protection would make it a perfect solution by enhancing the availability of the webdomain which is critical in diverting traffic to the cloud.

    Read now >