Appendix to NDPS Description & Terms -
Self-Service Operating Model

Back
Last Updated: Feb 05, 2026

Roles, Responsibilities, Acceptance by Use, and Platform Protection

1. Purpose and Scope

This appendix describes the Self-Service Operating Model for the Nexusguard DDoS Protection Service (NDPS).

NDPS may be delivered either as a fully managed service or under a self-service operating model, depending on the level of operational control exercised by the customer or partner.

This appendix is intended to ensure a clear separation of responsibilities and expectations, particularly during security incidents or service disruptions.

This appendix forms part of the NDPS Service Description.

2. Default NDPS Operating Model (Fully Managed)

All NDPS services are provisioned under one of the following support plans:

  • Lite
  • Standard
  • Enterprise
  • White-Gloved

Under the Standard, Enterprise, and White-Gloved plans, NDPS operates as a fully managed service by default.

In this operating model:

  • Customers are provided read-only access to the NDPS platform.
  • Nexusguard’s Security Operations Center (SOC) is responsible for service provisioning and configuration.
  • The SOC manages the creation, tuning, and maintenance of detection and mitigation profiles.
  • The SOC performs continuous monitoring, active mitigation, incident response, and service recovery.
  • The SOC delivers ongoing service optimisation, reporting, and service reviews.

3. Definition of the Self-Service Operating Model

The Self-Service Operating Model applies when a customer or partner elects to directly participate in the operational management of NDPS.

A customer is considered to be operating under the Self-Service model when they perform any activity that involves direct operational control, including but not limited to the following:

  • Creation, modification, or deletion of detection policies.
  • Creation, modification, or deletion of mitigation policies.
  • Manual intervention during active mitigation events.
  • Independent tuning or adjustment of security configurations.

To preserve clarity of responsibility, Nexusguard adopts a hands-off operational posture for any service scope operating under the Self-Service model.

4. Service Scope and Operational Limitations Under Self-Service

For any service scope operating under the Self-Service model, the customer acknowledges that Nexusguard will no longer be able to provide or guarantee the following:

  • SOC-curated event alerts and notifications.
  • Monthly service reports and service review sessions.
  • Service uptime SLAs and related service credits.
  • Time-to-mitigate SLAs.
  • Ongoing fine-tuning of detection and mitigation policies.
  • Service recovery SLAs for incidents arising from customer-managed configurations.

These limitations exist to ensure a clear allocation of responsibility and do not represent a reduction in the underlying platform capabilities.

5. Customer Enablement and Support Resources

Customers operating under the Self-Service model have access to the following enablement resources:

  • Online documentation and user guides available at docs.nexusguard.com free of charge.
  • Self-guided Nexusguard Certified System Analyst learning.
  • Instructor-led Nexusguard Certified System Analyst courses.
  • On-site boot camps for NCSA or NCSS certification.
6. Election of Self-Service and Acceptance by Use

The Self-Service Operating Model is not enabled by default.

A customer is deemed to have elected and accepted the Self-Service Operating Model for the relevant service scope when any of the following actions occur:

  • Write-access or administrative user roles are enabled for the customer or partner.
  • Customer or partner personnel create, modify, or delete detection or mitigation policies.
  • Customer or partner personnel manually intervene during live mitigation events.
  • Customer or partner personnel otherwise exercise operational control beyond read-only access.

By performing any of the above actions, the customer acknowledges that they have reviewed and understood this appendix, that operational responsibility for the affected service scope transfers to the customer, and that the service scope is no longer covered by the SLAs, SOC services, and commitments described herein.

No separate written acknowledgement or signature is required for this election to take effect.

7. Nexusguard Platform Protection and Right to Intervene

Notwithstanding a customer’s election of the Self-Service Operating Model, Nexusguard retains the right to take any action it reasonably deems necessary to protect the integrity, stability, security, and availability of the Nexusguard platform, infrastructure, and services, including those provided to other customers.

Such actions may be taken if customer-managed configurations, actions, or omissions result in, or reasonably risk resulting in, collateral impact, degradation, instability, security exposure, or harm to the Nexusguard platform, infrastructure, or other customers.

Nexusguard’s intervention may include, without limitation:

  • Suspension, rollback, or modification of customer-managed policies or configurations.
  • Temporary restriction or removal of self-service or write-access privileges.
  • Traffic isolation, filtering, or mitigation actions necessary to protect the platform or other customers.
  • Any other technical or operational measures reasonably required to prevent or contain collateral impact.

Where practicable, Nexusguard will make reasonable efforts to notify the customer of such intervention. However, in urgent or emergency situations, Nexusguard may act without prior notice.

Any intervention by Nexusguard under this section shall not be construed as a resumption of fully managed service responsibilities, nor shall it reinstate any SLAs or commitments that are excluded under the Self-Service Operating Model.

8. Reversion to Fully Managed Operation

Where commercially and operationally feasible, customers may request a reversion to the fully managed operating model.

Such reversion may require a formal handover review by Nexusguard, validation and remediation of customer-managed policies, and applicable professional services fees.

Reversion to the fully managed model will only take effect upon confirmation by Nexusguard.

9. Precedence

In the event of any inconsistency between this appendix and the main NDPS Service Description, this appendix shall apply solely with respect to Self-Service operations and responsibilities.

Last Updated: Feb 05, 2026

Roles, Responsibilities, Acceptance by Use, and Platform Protection

1. Purpose and Scope

This appendix describes the Self-Service Operating Model for the Nexusguard DDoS Protection Service (NDPS).

NDPS may be delivered either as a fully managed service or under a self-service operating model, depending on the level of operational control exercised by the customer or partner.

This appendix is intended to ensure a clear separation of responsibilities and expectations, particularly during security incidents or service disruptions.

This appendix forms part of the NDPS Service Description.

2. Default NDPS Operating Model (Fully Managed)

All NDPS services are provisioned under one of the following support plans:

  • Lite
  • Standard
  • Enterprise
  • White-Gloved

Under the Standard, Enterprise, and White-Gloved plans, NDPS operates as a fully managed service by default.

In this operating model:

  • Customers are provided read-only access to the NDPS platform.
  • Nexusguard’s Security Operations Center (SOC) is responsible for service provisioning and configuration.
  • The SOC manages the creation, tuning, and maintenance of detection and mitigation profiles.
  • The SOC performs continuous monitoring, active mitigation, incident response, and service recovery.
  • The SOC delivers ongoing service optimisation, reporting, and service reviews.

3. Definition of the Self-Service Operating Model

The Self-Service Operating Model applies when a customer or partner elects to directly participate in the operational management of NDPS.

A customer is considered to be operating under the Self-Service model when they perform any activity that involves direct operational control, including but not limited to the following:

  • Creation, modification, or deletion of detection policies.
  • Creation, modification, or deletion of mitigation policies.
  • Manual intervention during active mitigation events.
  • Independent tuning or adjustment of security configurations.

To preserve clarity of responsibility, Nexusguard adopts a hands-off operational posture for any service scope operating under the Self-Service model.

4. Service Scope and Operational Limitations Under Self-Service

For any service scope operating under the Self-Service model, the customer acknowledges that Nexusguard will no longer be able to provide or guarantee the following:

  • SOC-curated event alerts and notifications.
  • Monthly service reports and service review sessions.
  • Service uptime SLAs and related service credits.
  • Time-to-mitigate SLAs.
  • Ongoing fine-tuning of detection and mitigation policies.
  • Service recovery SLAs for incidents arising from customer-managed configurations.

These limitations exist to ensure a clear allocation of responsibility and do not represent a reduction in the underlying platform capabilities.

5. Customer Enablement and Support Resources

Customers operating under the Self-Service model have access to the following enablement resources:

  • Online documentation and user guides available at docs.nexusguard.com free of charge.
  • Self-guided Nexusguard Certified System Analyst learning.
  • Instructor-led Nexusguard Certified System Analyst courses.
  • On-site boot camps for NCSA or NCSS certification.
6. Election of Self-Service and Acceptance by Use

The Self-Service Operating Model is not enabled by default.

A customer is deemed to have elected and accepted the Self-Service Operating Model for the relevant service scope when any of the following actions occur:

  • Write-access or administrative user roles are enabled for the customer or partner.
  • Customer or partner personnel create, modify, or delete detection or mitigation policies.
  • Customer or partner personnel manually intervene during live mitigation events.
  • Customer or partner personnel otherwise exercise operational control beyond read-only access.

By performing any of the above actions, the customer acknowledges that they have reviewed and understood this appendix, that operational responsibility for the affected service scope transfers to the customer, and that the service scope is no longer covered by the SLAs, SOC services, and commitments described herein.

No separate written acknowledgement or signature is required for this election to take effect.

7. Nexusguard Platform Protection and Right to Intervene

Notwithstanding a customer’s election of the Self-Service Operating Model, Nexusguard retains the right to take any action it reasonably deems necessary to protect the integrity, stability, security, and availability of the Nexusguard platform, infrastructure, and services, including those provided to other customers.

Such actions may be taken if customer-managed configurations, actions, or omissions result in, or reasonably risk resulting in, collateral impact, degradation, instability, security exposure, or harm to the Nexusguard platform, infrastructure, or other customers.

Nexusguard’s intervention may include, without limitation:

  • Suspension, rollback, or modification of customer-managed policies or configurations.
  • Temporary restriction or removal of self-service or write-access privileges.
  • Traffic isolation, filtering, or mitigation actions necessary to protect the platform or other customers.
  • Any other technical or operational measures reasonably required to prevent or contain collateral impact.

Where practicable, Nexusguard will make reasonable efforts to notify the customer of such intervention. However, in urgent or emergency situations, Nexusguard may act without prior notice.

Any intervention by Nexusguard under this section shall not be construed as a resumption of fully managed service responsibilities, nor shall it reinstate any SLAs or commitments that are excluded under the Self-Service Operating Model.

8. Reversion to Fully Managed Operation

Where commercially and operationally feasible, customers may request a reversion to the fully managed operating model.

Such reversion may require a formal handover review by Nexusguard, validation and remediation of customer-managed policies, and applicable professional services fees.

Reversion to the fully managed model will only take effect upon confirmation by Nexusguard.

9. Precedence

In the event of any inconsistency between this appendix and the main NDPS Service Description, this appendix shall apply solely with respect to Self-Service operations and responsibilities.

Back

Enhance Government Cybersecurity with Nexusguard Bastions

Reach out to us now to explore how our solution can bolster your government cybersecurity offerings as a Communications Service Provider.
Contact Us