Origin Protection

Insure against attacks on large networks vital for delivery of any uptime service

Available as an on-demand, managed solution, Nexusguard’s Origin Protection is designed to protect mission-critical services across large networks, especially those managing hundreds of Class C networks or even a Class B network, from L3/4 and L7 attacks.

Large Network Protection

Protect subnets (Layers 3, 4 and 7) against DDoS attacks, leveraging on our highly scalable, fully redundant and globally distributed scrubbing network to mitigate the largest and most sophisticated DDoS attacks.

Network Behavior Analysis

Obtain recommended detection threshold values with Nexusguard’s Smart Baselining that utilizes deep learning to observe and analyze the pattern of traffic to the protected network for a period of time. This helps reduce false alarms and detect anomalies faster.

Real-time Monitoring & Configuration

Monitor real-time traffic, including dropped and clean traffic, on an integrated portal with dynamic dashboard and analytics. View and download event logs and reports. Configure security policies.

Multiple Detection Modes

Optimize detection to address stealthy network attacks or hit-and-run attacks with Instant Flood Detection, Auto Flood Detection and Time-based Flood Detection, minimizing the harm that a threat can do and ensuring that it can be dealt with more efficiently.

Multiple Mitigation Templates

Build custom mitigation policies with templates for specific protection groups to improve mitigation accuracy and minimize false positive rates in your environment.

Automatic Traffic Diversion

With the new Cloud Diversion App you can effortlessly and automatically divert traffic to the Nexusguard network when the services identifies anomalies so that attack mitigation can take place, ensuring that only legitimate traffic enters ur network at all times.


Guaranteed uptime for the network, backed by enterprise-grade SLA against all DDoS attacks

- Protect layers 3, 4 and 7 on core networks and downstreams- Custom rules matching your organizational security policy- Minimize downtime and reduce costly impacts of attacks- Mitigate attacks at the nearest origins

Maximize user experience and performance even during DDoS attacks

- Multiterabit scrubbing capabilities ensure resiliency & low latency
- Ensure business continuity by allowing legitimate transactions to be processed

Enjoy unparalleled visibility of network traffic and threats in real time

- Comprehensive real-time dashboard and analytics
- Automatic monthly reports
- Real-time packet-captures
- Unlimited raw log downloads

24x7 access to dedicated engineers to immediately address your concerns

- Attack monitoring and mitigation with 24x7 SOC & support team
- Dedicated technical support

Trusted By

We want to make the network environment for our customer as safe as they feel at home. Nexusguard offers a customized internet security solution so that our customers can continue to interact with us the way supposed to be and the way they want to—all the way without interruption.

Visrut Manunpon, Chief Technical Officer, SNOC

We chose to partner with Nexusguard because of its specialty in DDoS mitigation. In fact, they not only focus on DDoS attacks, they are also curious about and strive to address the pain points they face.

Lee Shih Yen, VP, Cyber Security, StarHub

We opted to partner with Nexusguard because of their global reach and robustness of their platform. They have helped many companies and governments globally defend against cyberattack. Nexusguard is consistently recognised by analysts such as Gartner and Forrester as a market leader.

Wale Ajisebutu, CEO, 21st Century Technologies

Our customers are extremely satisfied with Nexusguard DDoS Protection solutions because they have sophisticated tools that give them visibility into their networks. With Netpluz mitigation facility commissioned in Singapore, powered by Nexusguard, our customers can expect proactive and intelligent mitigations to ensure only clean traffic reaches their network.

Lau Leng Fong, CEO, Netpluz

The Nexusguard solution secures our network with enterprise-grade SLAs. Most importantly, it ensures all business-essential applications have the uptime that they require.

Michael NG, Sales Director of REDtone

When we have queries and new service requests, the Nexusguard team were able to attend to us promptly. This is a good partnership that every business would want to ensure our business plans are implemented smoothly.

Saymon Araujo, Senior Network Analyst, Azion Technologies Inc.

Nexusguard Service Provider Enablement (Partner Program) allows service providers to deliver DDoS mitigation as a service to their customers and employ a revenue sharing model. This program fills a significant market gap as many businesses lack the resources to justify a large DDoS mitigation appliance deployment.

Chris Rodriguez, Senior Industry Analyst, Frost & Sullivan

Origin Protection Brochure

Nexusguard is the expert in DDoS mitigation and is uniquely positioned to protect your network Infrastructure against malicious traffic so that you can detect and filter out potential DDoS packets before they impact your systems.

Download Now

Origin Protection Datasheet

Nexusguard Origin Protection Service guards against threats that target network resources. The service is especially beneficial for organizations that can’t afford any downtime of network assets.

Download Now

InfraProtect Datasheet

Nexusguard InfraProtect offers CSPs the ability to leverage Nexusguard's globally distributed infrastructure to be used as an off-site sandbox to perform traffic analysis, shaping and DDoS mitigation so that traffic that reaches CSPs' network are always clean.

Download Now

The Pros & Cons of Self-administered BGP Diversion

This paper will evaluate the different route diversion options and their impact and highlight the different facets one should consider before deciding whose hands to entrust their keys to.

Learn More

InfraProtect vs Origin Protection - A Comparison Guide

The guide is meant to help you explore the similarities and differences you need to consider when choosing the InfraProtect, Origin Protection or both to protect your network from DDoS attacks.

Learn More

Origin Protection for Large Networks

Protecting a network from malicious and attack traffic is what we are committed to doing to our best at Nexusguard. Our Origin Protection (OP) is architected to protect backend networks. But for enterprises or organizations managing a vast network, such as those managing hundreds of Class C or Class B networks, they want to implement an effective Layer 3/4 mitigation to handle volumetric attacks.

Learn More

Enhancing Nexusguard Cloud Diversion With RPKI ROA

For route verification to be effective, Nexusguard validates ROAs created by their customers, ensuring all their routes are safe to announce to the Internet.

Read now

Safeguarding Customer Assets with Nexusguard On-Net

Nexusguard’s enhanced Cloud Diversion method, On-Net, not only reduces network latency but also expedites time-to-mitigation, ensuring customer assets are protected at all times.

Read now

Automatic filtering via Nexusguard SmartFilter, for intelligent mitigation

By combining automated mitigation with accurate Smart Detection, Nexusguard’s SmartFilter provides an intelligent approach to implementing cost-effective, fast-to-deploy, real-time protection against DDoS attacks.

Read now

Enabling RPKI For A Safer Internet

With RPKI enabled, Nexusguard ensures configuration mistakes and abuse by bad actors are eliminated, and BGP sessions for our customers and peers are fully validated.

Read now

Smart Mode: DDoS Attack Detection Using Machine Learning

The advances in artificial intelligence (AI) in recent years has given rise to the application of Machine Learning models to enhance DDoS attack detection. Nexusguard’s Smart Mode detection uses Machine Learning techniques to predict whether network traffic coming from a source is legitimate or part of a malicious DDoS attack.

Read now

The Best Of Both Worlds: On-Premise And In The Cloud

To safeguard their businesses from the growing diversity of DDoS attacks, organizations have begun leveraging the combination of on-site appliances for detection with cloud-based mitigation to create an interworking hybrid solution. The collaboration between Fortinet’s FortiDDoS mitigation appliances for detection with Nexusguard’s cloud-based DDoS protection service provides a unified hybrid solution to address this need.

Read now

Reaping The Benefits Of DDoS Incident Handling Automation

Nexusguard’s Cloud Diversion App provides the complete set of tools you need to facilitate the automation of your incident handling workflows, expedite time-to-mitigation and optimize your overall security strategies. Our app is easy to implement and use, allowing you to leverage the capabilities of your existing security infrastructure.

Read now

How to detect and mitigate Bit-and-piece DDoS attack

You may be concerned about the impact posed by “Bit-and-Piece Attacks”, a tactic targeting ASN-level CSP networks and able to bypass traditional detection. It can give a great challenge to the legacy detection and mitigation of traditional telcos and ISPs.

Read now

Communications Service Providers (CSPs) Are Being Brought To Their Knees By “Bit-And-Piece” Attacks That Fly Under The Radar

CSPs are suffering from an extremely stealthy network-layer attack − the “bit-and-piece” attack that we identified as earlier as in 2018, which was later dubbed as carpet bombing by some others. Designed to bypass traditional threshold-based detection, this attack is posing a new security challenge for CSPs, which can cause massive service degradation for its network and its customers and there’s nothing their on-premise investments can do to help.

Read now

Request a Demo or Proof-of-Concept (POC)

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Get the latest cybersecurity news and expert insights direct to your inbox

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.