I have a question which I hope you can answer from drawing on your own experience or knowledge.
Have you come across any security safe-guards, implemented by your ISP, which have impacted or even prevented your remote scans for the purpose of conducting an authorised pentest?
My ISP (SKY) has an AUP which as I understand it allows 'Authorised' scans:
"You must not use Sky Broadband to violate Sky Network's security or any third party's system or network security by any method including:
• unauthorised access to or use of data, systems or networks, including any attempt to probe, scan or test the vulnerability of a system or network; "
Do ISPs generally block traffic such as NMAP packets or is that left the end user to employ IDS, etc.?