For operators, MSPs, and infrastructure teams

Threat traffic stops
at the edge.

NuajProtect blocks hostile traffic before it reaches your applications — across Linux servers, MikroTik routers, forwarding relays, and transparent bridge appliances. Centralized threat intelligence. Gatekeeper detection. No proprietary firewall lock-in.

Request a 15-Minute Demo View Product
3M+
Curated threat entries
4
Protection paths
XDP
Kernel-fast-path blocking
24/7
Threat feed updates

Architecture

One policy system.
Every edge protected.

NuajProtect deploys across servers, routers, relays, and bridge appliances from a single dashboard — no proprietary hardware required.

NuajProtect Network Architecture

The shift

The edge changed.
Security pricing did not.

Most organizations now protect servers, routers, remote services, cloud workloads, and customer sites at the same time. Buying a larger appliance every time the network changes is not a strategy.

Old model

Appliance-first security.

  • Buy dedicated hardware before you know the real long-term traffic profile.
  • Renew subscriptions to keep threat intelligence and advanced features active.
  • Scale by replacing boxes when throughput, sites, or protected services grow.
  • Manage islands across firewalls, servers, routers, and customer networks.

NuajProtect model

Policy-first edge protection.

  • Use the infrastructure you already own — Linux, MikroTik, relays, or bridge appliances.
  • Block hostile traffic before applications using centralized intelligence and local enforcement.
  • Share Gatekeeper detections across protected guard nodes as new abuse appears.
  • Manage protection centrally without forcing proprietary firewall hardware everywhere.

Deployment modes

Three ways to protect.
One control plane.

Sentry Mode

Protect Linux servers and MikroTik routers directly at the guard node before hostile traffic reaches local services.

Relay Mode

Forward protected traffic through a NuajProtect relay before it reaches the origin — useful for NAT, shared hosting, and remote services.

Bridge Mode

Deploy inline with a transparent bridge appliance or supported MikroTik design. WAN and EDGE remain unaddressed where appropriate.

Built for operators

This is not about replacing one firewall.
It is about protecting every edge.

For IT leaders

Control cost without reducing coverage.

  • Protect exposed services before traffic reaches the application.
  • Use centralized policy across servers, routers, relays, and appliances.
  • Reduce dependency on proprietary firewall hardware for every site or service.
  • Keep visibility into blocked sources, countries, feeds, and guard node activity.

For MSPs and operators

Standardize protection across customers.

  • Deploy the same protection model across Linux, MikroTik, relays, and bridge appliances.
  • Support small customers without forcing enterprise appliance economics.
  • Use Gatekeeper detections to turn abuse at one guard node into shared protection.
  • Offer SaaS or on-prem deployments where data sovereignty matters.

Transparent pricing

SaaS or on-prem.
No appliance tax.

Start with SaaS at $9/mo per guard node, or deploy on your own infrastructure with a perpetual license.

Shield
$9
per guard node / mo
Guard
$4,900
5 guard nodes · perpetual
Fortress
$12,500
25 guard nodes · perpetual
Sovereign
$75K
unlimited · perpetual

All plans include full product access, threat feeds, and priority support. View full pricing →

Next step

See where NuajProtect fits.

In 15 minutes, we will show the dashboard, deployment modes, Gatekeeper workflow, and pricing model for your environment.

Request Demo

Prefer email? Contact sales@nuaj.com directly.