Hi Hussein,
every ISP should be protected against intrusions and DDoS attacks, as well as from all sorts of spoofing techniques. In case of MPLS VPN service, label spoofing is also a concern. Since MPLS VPNs are not secure in nature, IPSec for data integrity/confidentiality shouldn't be forgotten. Out of band management implementation should be treated with great attention.
As for devices, firewalls of all arts might be examined, Cisco Traffic Anomaly Detector can help to mitigate DDOS attacks.
Security in MPLS environment is a big domain, for an extended view you might be interested to learn the MPLS VPN Security book.
I would summarize my post like this: It is more important which tools/features to use to secure an ISP and it's MPLS infrastructure, rather a which device to install.
Hope that clarifies.