Nexusguard is seen as one of the top DDoS protection services for small and medium-sized organizations, which in addition to mitigating attacks will also optimize your online content through its role as a CDN and its global presence.
Its service is cloud-based. At 1.44TB, it has a large network and scrubbing capacity, giving it the capability to handle large-scale volumetric attacks in addition to protecting against application layer and protocol attacks, the most common kinds of DDoS. Application, origin and DNS are Nexusguard’s “three pillars” for their cybersecurity platform. Its multi-layered mitigation includes hi-speed border filtering, protocol verification, deep packet inspection, adaptive filtering, application level filtering, flexible content filtering, Web Application Firewall, caching and compression, and acceleration and optimization.
Nexusguard’s nine scrubbing centers are located around the world. Four are situated in the U.S., in addition to four others in the U.K, Costa Rica, Hong Kong, Taiwan and Singapore. If one data center fails, the service has a failover system in place so that the others can automatically pick up the slack. In general, however, the DDoS protection service provides caching and optimization services via the data center closest to you in order to deliver content more quickly and improve your site’s performance.
Although Nexusguard does not offer on-site deployment or hardware, it does offer several customizations of the kind of service you want, including always-on DDoS protection. Furthermore, its service enablement program issues on-premise equipment and consultation services to your ISP. Nexusguard sees itself as a mediator between the content and the user, and works in partnership with the ISP by installing its technology into its network and using BGP to route attack traffic to one of its data centers when necessary.
Nexusguard’s mitigation techniques are numerous. They include blacklisting and whitelisting via an extensive IP reputation list that is kept continually updated. The service additionally uses a progressive challenge algorithm that determines whether or not an IP is dangerous. Suspicious IPs are required to authenticate themselves via a series of progressive challenges, which lead to CAPTCHA as a last resort technique. Nexusguard also deploys deep packet inspections that scan beyond the header and investigate the body of the packet in order to filter out suspicious content. These combinations of techniques usually allow the company to prevent DDoS attacks from striking.
Nexusguard also offers monitoring and customer support 24/7 out of their Security Operations Center. They have live chat, email and telephone information on their website along with an emergency number to be used in the instance of a DDoS attack. When you become a client, you will have access to a centralized management dashboard that allows you to view information about your site, including attack rates and detailed reports. Pricing is available on request.
The company also offer a Service Provider Enablement (SPE) package, which allows you to brand the service as your own and offer it to your customers with the same degree of security that Nexusguard offers directly. The white label version of its platform allows customers to create their own pricing structure and provide a package for organizations with a range of budget allocations for the service.