To deliver a Clean Pipe to your customers, you will need in-house capabilities or an MSSP, despite the fact that both could lead to delays in traffic redirection. 

Nexusguard’s Clean Pipe, part of Bastions services, is intended for Communications Service Providers looking to immediately expand or complement their existing Clean Pipe offerings. The module brings together best-in-class technology, DDoS experts, and the SLA commitment for the best attack detection, notification and mitigation response times to deliver a truly differentiated CleanPipe service that sets our CSP partners ahead of competition.


CSPs are hard-pressed to deal with attacks without disturbance at customers

CSPs Expected to Protect Customers from DDoS Attacks

There is also a growing consensus that CSPs should protect end customers from DDoS attacks and ensure maximum network availability. Customers, therefore, look for more reliable ISPs who can respect their need for uptime.

Blackholing the Victim's Traffic Upsets the Customer & Ruins the Trust

While useful in heading off a collateral damage, blackholing the traffic to the victim network inevitably upsets the customer. And one unhappy customer can now ruin reputations as bad word of mouth does spread quickly.

Traditional or Appliance-based Mitigation Causes Delays

Whether mitigation is carried out by configuring edging routers or on-premise hardware, human intervention is still involved. Delays caused by humans in “time to mitigate” creates a window of opportunity for cybercriminals to do more harm. 


Tap into the growing market for enterprise-grade DDoS mitigation solutions


DDoS-free Internet Access

Through the Bastions servers, partner CSPs' Clean Pipe service delivers on-premise and always-on attack detection and mitigation, ensuring DDoS-free Internet access, keeping threats well at bay for maximum availability.

ISP Agnostic

ISP Agnostic

As this solution is ISP agnostic, it can be implemented by any organization regardless of their current provider. This makes it ideal for organizations with distributed global presence or with multiple upstream providers that want a single unified solution. To fit your own use, our deployment is implemented in three modes: cloud-in-a-box, pure cloud or hybrid integration. Either one of them is equipped with customer portals on which network traffic and threats are clearly displayed with granular visibility .

Network Resilience Guarantees Industry-Leading Uptime SLA

Network Resilience Guarantees Industry-Leading Uptime SLA

Thanks to the ANYCAST nature of the scrubbing centers, if any one of them fails, traffic would dynamically be passed on to other scrubbing centers. With these scrubbing centers certified as carrier class, your Uptime is guaranteed, covered by enterprise grade SLA against all DDOS attacks. 



Our uncompromising security and protection gives our customers low CapEx, low OpEx and also no surprise charges.  All we deliver for you is truly unlimited attack protection. Our cost-effective comprehensive service has been in store for your network security already.

3 flexible anti-DDoS offerings to
protect your network infrastructure


Starting from US$2,000/month


Learn more

Request a Demo or Proof-of-Concept (POC)