We used 1H before and due to some incompatibility with our servers, we stopped using it but seems in some servers work as well but for DDoS we recommend network based protection and no script based protection.
You cannot compare 1H Guardian with nagios. Nagios comes with just network monitoring and alert, where Guardian monitor configured services every .5 secs and restart them and it is installed on each servers; it is also loaded with a load management algorithm as well. But someone here reported that HIVE doesn't protect from the Apache symlink issue ( like CloudLinux can do via SecureLinks ). Also HAWK is like CSF, but add some graphing to the system. Anyway you may try them and see how beneficial for you. Good Luck with it