Nexusguard: The Digital Fort Knox

On 21st October 2016, a fine Friday morning, people glued to their smartphones and laptops busy tweeting and browsing websites were baffled when they started experiencing lags. It wasn’t long before Dyn, an internet services company, issued a statement that a large-scale Distributed Denial of Service (DDoS) attack temporarily overwhelmed its servers. This persistent assault affected users and businesses alike, causing outages at popular sites including Twitter, The Guardian, Netflix, Reddit, and CNN.

This recent and one of the most devastating DDoS attacks of late—which knocked down much of East Coast’s internet for a day—was orchestrated using a new cyber weapon called the Mirai botnet, which is largely comprised of Internet of Things (IoT) devices such as digital cameras and DVR players. “IoT represents a new opportunity for cyber criminals. By its very design, IoT is built with very lightweight security. Any company with a website or online service is at risk,” delineates Jolene Lee, CEO, Nexusguard. Thereby, today’s debate in the cybersecurity arena is dominated by the intrusion platform created by compromised IoT devices and advanced cyberattacks, and the available robust strategy to combat those attacks.

Operating in the DDoS defense landscape for almost a decade, Nexusguard is the vanguard in the fight against malicious internet attacks, protecting organizations from threats to their websites, services, and reputation. Nexusguard has maintained a continuous evolution phase of tools and insights to face new threats as they emerge—to protect its clients’ vital business systems in each and every circumstance. The company’s DDoS mitigation network prevents downtime on network assets, protects critical applications, and ensures availability for domain resolution. Nexusguard’s solutions for protecting complex applications, networks, and DNS are highly customizable and scalable across the board.

Three Pillared Cybersecurity Platform

When Ryan Chin founded Nexusguard in 2008, he had ample exposure to DDoS issues owing to his experience in senior technical roles where he analyzed and tested a full range of anti- DDoS options to help companies protect their IT infrastructures. Chin’s involvement in the research and analysis for DDoS solutions revealed that the market lacked a dedicated, inclusive solution for keeping mission-critical web applications and services available during severe, highly targeted attacks. Seizing the opportunity, he built a DDoS Protection platform based on three pillars—Application Protection, Origin Protection, and DNS Protection.

Nexusguard’s Application Protection mitigates all types of DDoS attacks and cyber threats, delivering maximum uptime to organizations with an online presence. The protection package is multilayered against level 3 to level 7 attacks including attacks like DDoS, TCP, Brute Force, Connection Flood, Ping of Death, Smurf, Reflected ICMP and UDP, SSL Flood, and Zero-Day attacks. The Application Protection solution executes progressive challenge-response authentication to ensure a seamless user experience, while blocking malicious activities and intrusions with surgical precision. With the growth of mobility, Nexusguard’s mobile SDK is specifically designed for IoT companies to protect mobile apps from DDoS attacks and potential threats.

The company’s DDoS mitigation network prevents downtime on network assets, protects critical applications, and ensures availability for domain resolution

By inserting a short script into the source code, the app servers can distinguish legitimate users from malicious traffic and effectively filter out fake requests. Another ingredient in the solution is web application firewall, designed to protect web applications and SaaS solutions against Open Web Application Security Project (OWASP) Top 10 Common Vulnerabilities and ensure secure access for end users, with reduced operational costs. The Application Protection solution leverages load balancing and caching to guarantee fast content delivery and network resilience. All the components of the solutions are secure, reliable, customizable, and backed by enterprise grade SLAs.

To safeguard firms’ entire backend infrastructure, Nexusguard’s second pillar Origin Protection encompasses a comprehensive toolset that secures backend network elements— from origin of applications and network infrastructure to the backend IPs typically associated with proxy solutions. It is highly suitable for organizations that cannot afford any network downtime. Its Border Gateway Protocol (BGP) anycast routing assures superior redundancy in mitigation and preserves a significant amount of IP addresses as the same pool is shared among multiple locations. Origin Protection empowers clients that lack DDoS detection capabilities with remote DDoS Monitoring and Detection, providing comprehensive coverage.

Balancing the structure of the DDoS Protection platform, Nexusguard third pillar—DNS Protection—comprises a fully redundant network of globally distributed proxy servers to resolve every incoming DNS query quickly and reliably. This ensures that an organization’s DNS server is protected from both internal and external attacks. Nexusguard acts as the authoritative server on behalf of its clients’ DNS server to filter out and absorb all DNS attacks and malicious traffic like DNS Amplification, NXDomain, Phantom Domain, and Random Sub-domain.

Combining top-of-the-line infrastructure with Nexusguard’s mitigation expertise, the company’s proprietary scrubbing technology is capable of protecting against the largest volumetric attacks, as well as complex application attacks targeting new vulnerabilities.

Mitigating a Cocktail of Multiple Attacks

Nexusguard is winning the wager in the DDoS market with the overriding objective to thwart attacks that disrupt online businesses and enable the use of the internet as intended.
The company protects firms of all sizes with premium internet security solutions, empowering them to focus on their business—and not on how to maintain business uptime. Recently, a DDoS attack targeted a Nexusguard client operating an online gold-trading platform serving China and Hong Kong. Services were taken offline by the abnormal traffic created by a DDoS attack. The trading platform first tried to mitigate the attack internally by closing down the IP addresses under attack and switching to secure ones. Despite the time and effort spent, ultimately, the trading platform could not keep its services online. Its internal security team lacked the experience and expertise to repress the attack on their servers. Nexusguard’s proficiency in the DDoS arena persuaded the gold trading platform to approach the company for immediate help. At the outset, Nexusguard’s fast response team analyzed all incoming traffic to the website to determine the attack pattern and discovered that the attacker was using multiple attack types and patterns. Nexusguard mitigated each of them accordingly, while fine-tuning each approach from time to time as the attacker changed the attack pattern. As the fast response team worked to minimize the damage inflicted on the trading platform, Nexusguard’s Security Operations Center (SOC) worked hard to gather intelligence on the attack’s origin. “We tried for more than an hour but could not mitigate the attack, and Nexusguard got us back online in just 15 minutes,” says the General Manager of the gold trading platform.

The Continuous Expansion

Nexusguard’s DDoS mitigation platform integrates seamlessly with existing client infrastructures, including cloud protection. There is no need to invest in additional hardware or cybersecurity personnel. “Nexusguard prides itself for its ‘white-glove service,’” states Terrence Gareau, Chief Scientist, Nexusguard. The company provides end-to-end premium solutions that start with personalized pre-sales and provisioning and follows through with attentive, round the clock service—complete with a dedicated account manager. Alongside DDoS protection, Nexusguard offers a variety of other value-added services. DDoS+ Protection enhances a client’s ability to analyze crucial website data with a variety of insightful, real-time metrics. “Additionally, our solutions comply with today’s major governmental and financial reporting requirements around the world,” adds Gareau.

"Nexusguard’s solutions for protecting complex applications, networks, and DNS are highly customizable and scalable across the board"

With apposite DDoS mitigation services in place, the next step for Nexusguard is to provide enterprises with full visibility during peace time, underpinning the use of analytics to boost business performance. Stretching its arm beyond its existing products, Nexusguard is looking to solve the global DDoS problem, at the service provider level. The company is determined to continue delivering advanced and comprehensive threat intelligence-driven solution that will support firms to discover and mitigate threats even before the incursion takes place, and each day the company is working toward this mission.


San Francisco, CA

Jolene Lee, CEO

Provides protection against a multitude of threats, including DDoS attacks, to ensure uninterrupted internet service