XDP/eBPF · nftables · MikroTik · Bridge appliances

Drop hostile traffic
in the kernel fast path.

NuajProtect is centralized edge threat protection that runs on your own Linux boxes and MikroTik routers. XDP acceleration when hardware supports it, nftables fallback when it does not. Curated threat feeds. Gatekeeper heuristic detection. No vendor-locked appliance required.

See How It Works View Pricing
3M+
Curated threat entries
XDP
Kernel fast-path drops
4
Protection paths
$9
Per guard node / mo

Architecture

Your infrastructure.
Centralized policy.

No proprietary hardware in the data path. NuajProtect agents run on your Linux servers and MikroTik routers, pulling policy from NuajProtect Central (SaaS or self-hosted).

NuajProtect Network Architecture

Under the hood

What actually runs.
No magic. No black boxes.

Linux agent

XDP + nftables enforcement.

  • XDP/eBPF fast path — drops hostile IPs before they hit the network stack. Hash map for IPv4, LPM trie for IPv6 subnets.
  • nftables fallback — automatic when NIC or kernel does not support XDP. Same policy, same feeds.
  • Gatekeeper heuristics — detects scanning, brute-force, and abuse patterns. Shares detections across all guard nodes.
  • Per-IP rate limiting — sliding window counters in the XDP data path for DDoS mitigation without userspace overhead.

MikroTik agent

RouterOS native integration.

  • Address-list sync — incremental DSV-based updates chunked to fit RouterOS memory limits (3300 entries / 64KB).
  • Sentry, Relay, and Bridge — all three deployment modes supported on RouterOS 7.13+.
  • Firewall rule injection — policy-driven feed selection with blocklist, threat feed, GeoIP, and DDoS lists.
  • QR onboarding — scan, paste token, done. No manual firewall configuration.
Threat feeds
3M+ entries from curated sources. Blocklist, GeoIP (/24 precision), threat intel, and Gatekeeper detections.
Supported platforms
Ubuntu, Debian, RHEL/Rocky/Alma, Fedora (x86_64 + ARM64). MikroTik RouterOS 7.13+.
Deployment modes
Sentry (direct guard node), Relay (forwarding proxy), Bridge (transparent inline). Mix and match per guard node.
On-prem option
Self-hosted NuajProtect Central with perpetual license. Full data sovereignty. Air-gapped operation supported.

Honest take

NuajProtect is not a next-gen firewall. It is not a SIEM. It does one thing well: block known-bad and heuristically-detected traffic at the edge before it reaches your services.

If you run Linux servers or MikroTik routers and want centralized threat protection without buying a Fortinet/Palo Alto/Sophos appliance for every site — this is what NuajProtect does.

Pricing

SaaS or self-hosted.
No seat tax. No surprise renewals.

Shield (SaaS)
$9
per guard node / mo
Guard (On-Prem)
$4,900
5 guard nodes · perpetual
Fortress
$12,500
25 guard nodes · perpetual
Sovereign
$75K
unlimited · perpetual

All tiers include full product, threat feeds, and updates. On-prem includes Nuaj Blocklist server at Sovereign tier. Full pricing breakdown →

Try it

Questions? Just ask.

Happy to answer technical questions, walk through the architecture, or set up a demo environment. No sales deck — just the product.

Get in Touch

sales@nuaj.com · No call required