Try our new research platform with insights from 80,000+ expert users
reviewer1357092 - PeerSpot reviewer
General Manager at a comms service provider with 10,001+ employees
Real User
The Cloud subscription makes the scalability limitless and you secure yourself for anything beyond your current mitigation capacity
Pros and Cons
  • "We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available."
  • "There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered in the VNS form in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus."

What is our primary use case?

We are a telecom service provider. We provide services to our enterprise customers in India and compliment these services with security layer as a part of our security services.

Being a part of the solution design team, I have been interacting with customers and creating solutions for them to fulfill their requirements. One of the products that we have in our offerings portfolio is around security, which is complimenting our connectivity portfolio. We provide this from Arbor platform, which we have deployed in our network. We have taken the hybrid model from Arbor, and there was a physical installation done in two of the gateways of the country. If the mitigation capacity goes beyond the subscribed boxes, then the Arbor Cloud subscription usage hits and mitigation would be done accordingly.

We have deployed Arbor platform and for our customers, we offer it as a managed service from our network. There are also customers looking for on-premise deployment. 

We are using Arbor's hybrid approach for our overall product build. We have on-premise deployment, however, beyond that we have taken the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available.

How has it helped my organization?

We use Arbor platform to provide DDoS services for our customers. We provide a clean pipeline solution to our customers. We have seen a tremendous response from many customer segments, particularly during the certain period, which is the time period when our customers expect a lot of traffic volumes coming through to their servers. This is where these DDoS services are being requested by the customer. Predominantly, it is DDoS that we offer to our customers, and mostly customers also want protection from the volumetric attacks, but there are certainly cases where application layer attacks are also looked at being mitigated by customers. In more than 75 percent of the cases, it is a volumetric attack protection that customers are looking for.

We have a vast connectivity portfolio and the Arbor solution complements that. In addition to that, it is also helping us to understand where challenges are coming from, so we can do the mitigation in our own network. We can plan our investments accordingly and help to make the network more secure and robust for ourselves as well as our customers.

Recently we have faced unprecedented times when people overnight started to operate from their homes. At that time, many applications for most enterprise customers were exposed to the open Internet by allowing remote working, from homes or anywhere, and the users were given access to the applications over the open Internet. That posed a serious threat to attacks. At the same time, that provided a lot of opportunities for security companies. When we look at the way in which applications are being consumed by end users, security becomes very paramount, because it's not only making the application available to end users, but it is also making it available in a more secure manner.

The moment that we open up these applications to open Internet, we increase the attack surface for the infrastructure/application, and that is where security becomes very critical. We have seen high adoption of security as a service for our customers, because no one wants to invest on day one in the security infrastructure equipment. This is for obvious reasons: 

  1. No budgets being accounted for this
  2. Even if budgets are accounted, it becomes practically impossible to deploy such solutions in such short time frame 

What we have seen is there has been a huge demand from our customers in providing these security services as managed services where the service can be enabled within a short time span. Going forward, I will still see these demands from the market, from across all customers be it large or small, and we plan to provide these services as a managed service on pay-as-you-go model.

What is most valuable?

We are living in a world that is changing at a very fast pace. We have to match the pace of  the world, not only from network security per se, but also from the point of view of the security at a larger level. We are not just protecting the safety of the customer, but protecting the application as such. That is where the real threat comes from, and the challenge is being thrown to all the providers and OEMs to keep our feature set updated and adding to features for minimal costs.

What needs improvement?

There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered as a VNF in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus. 

If we could decouple the hardware and software, making it more easily available for the customers with the exact robustness of the functionality, then that would be beneficial. At the same time, it would bring in cost efficiencies, which eventually is the end goal of most CXOs within an organization.

Buyer's Guide
Arbor DDoS
April 2025
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
845,485 professionals have used our research since 2012.

For how long have I used the solution?

The relationship with Arbor is quite old, however, from current organization per se it is around 5 years.

What do I think about the stability of the solution?

The entire deployment of the hardware that we have done so far is quite stable and robust. As of now, the dependency is more on the hardware itself, which comes along with the Arbor solution. 

What do I think about the scalability of the solution?

I am convinced with the kind of scalability Arbor brings in. The Cloud subscription, which is available as one of its features, makes the scalability limitless. This is something which makes Arbor stand out from the others, not only from the perspective of scalability, but also from the overall user experience perspective as well. It is critical to still manage within the limits of the customer and do all the mitigation that is required for them.

What was our ROI?

In the world that we are living, there are challenges everywhere at every step. We are able to run our businesses without a glitch and offer DDOS services to our customer within the SLA

Which other solutions did I evaluate?

We have evaluated Arbor against other OEMs. It is not only about the feature comparison, it is also based on what kind of skill sets are available in any enterprise and what are they more comfortable with. We are living in a world that is very heterogeneous, and we like to keep it heterogeneous in order to maintain some level of redundancy of the OEM level. This is where from a security perspective Arbor DDoS has the advantage. Customers tend to pick vendors who have a multi-level approach that can protect them from any potential attacks.

As a product/platform, Arbor is quite focused and offers quite smooth features vis-à-vis its competition. The acceptance that we see for Arbor, from the customer's perspective, is very high. Many customers prefer to go with Arbor solutions rather than any other solution when it comes to DDoS. Abor solution offers service feature, reliability, and a brand that can be trusted. From our perspective, we value it quite highly as far as its standards of security when providing DDoS services.

What other advice do I have?

It is not just about the features alone, it is about how smoothly you will be able to deploy the solution, e.g., the availability of the product and how the OEM is maintaining the relationship with its customer. There are multiple factors that need to be considered. "This is not just a one-time sale. It's about how easily the systems are available, and how well your partner is able to support you and provide lifecycle management."

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.

PeerSpot user
Rich text editor
    reviewer991227 - PeerSpot reviewer
    Traffic Management skill center at a comms service provider with 10,001+ employees
    Real User
    A good tool for threat detection and mitigation, but implementation could be more open
    Pros and Cons
    • "I like all the features together as a whole."
    • "Implementation could be better."

    What is our primary use case?

    As an operator, we use Arbor antiDDoS system to protect our backbone, protecting the network and our assets like DNS.I'm involved in the validation and testing of the solution. 

    The solution is installed in our lab, with a simulated full network. We can send some regular traffic as well as DDOS traffic, using some testing tools like IXIA system and opensource tools. 

    For testing, we simulate some regular traffic, as background traffic, and we added some attacks on the network with attack tools. We can monitor what's sent to the network, and we can monitor what's received by the victim. In this case, we can assess which part of the attack was stopped by the system.

    Arbor DDoS helps consolidate visibility on traffic and on DDOS attacks attempts. It can perform direct mitigation action on the network, which is important. It has also helped us achieve our network and application uptime goals.

    What is most valuable?

    I like all the features together as a whole. It's a global solution that fits our needs. Detection is really important for us—the ability to trigger mitigation with TMS and the quality of mitigation.

    What is also really important is to directly engage in mitigation on network elements, such as routers or switches, in addition to TMS mitigation. The capacity of the mitigation and the capacity to distribute mitigation on the routers are important. Using this solution as a hybrid approach to DDoS protection is an advantage. It's an important tool for managing the natural quality of service. We're quite confident about the solution and the evolution.

    What needs improvement?

    I think Arbor DDoS should be more open to other systems, in the sense of coordination between mitigation centers, like for example the capacity to ask the upstream transit provider for mitigation.

    Netscout's Arbor allows it, but between Arbor systems only. It should be more open to Third party systems, that's what I mean by "openness" : evolution from Netscout signaling protocol to standardized DOTS protocol (DDOS Open Threat Signaling)

    Implementation could also be improved regarding distribution of mitigation directly on network elements.

    For how long have I used the solution?

    I've been using Arbor DDoS for testing for about a year.

    What do I think about the stability of the solution?

    Arbor DDoS is stable and robust, as seen during testing phase and with feedback from the field.

    According to the operational team, there are few tickets open on the Netscout/Arbor site, but I don't have a precise figure, as I'm only involved in testing phase.

    What do I think about the scalability of the solution?

    Arbor DDoS is scalable, both horizontally and vertically. It has good visibility making things quite obvious. There are some price issues with scalability, but technically speaking, the solution is fully scalable.

    How are customer service and technical support?

    Technical support was knowledgeable and responsive.

    How was the initial setup?

    The initial setup is quite complex. It isn't easy to do the configuration, but it's okay once it's done. Arbor's implementation strategy was to monitor first and provide all the configuration or the correct profiling for this system after it's considered safe.

    What about the implementation team?

    NETSCOUT's team deployed our solution.

    What's my experience with pricing, setup cost, and licensing?

    Arbor DDoS is quite expensive, especially for the TMS mitigation part

    Which other solutions did I evaluate?

    We compared it with others actors in antiDDOS domain, such as Nokia Deepfield and others. There are some differences, but generally, the logic is the same.

    Arbor Networks, vendor of the solution, has been in DDoS visibility protection for more than ten years, which affected our decision to go with it. We assessed the company's stability (acquired by Netscout), which was part of the decision.

    What other advice do I have?

    I would advise potential users to try the NETSCOUT Arbor DDoS system but also to check on other solutions.

    On a scale from one to ten, I would give Arbor DDoS a seven.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.

    PeerSpot user
    Rich text editor
      Buyer's Guide
      Arbor DDoS
      April 2025
      Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
      845,485 professionals have used our research since 2012.
      Team Lead for DDoS Protection at a comms service provider with 10,001+ employees
      Real User
      Our customers can check how many attacks they have faced and how many have been blocked
      Pros and Cons
      • "Our customers are very happy when we provide them with the interface... They can check how many attacks they have faced and how many attacks have been blocked."
      • "Because we had some routers that were somewhat old, they were not integrated with Arbor. They did not support the NetFlow version that Arbor was running. That was a challenge. We had to upgrade the routers. Some backward-compatibility would be helpful."

      What is our primary use case?

      We use it to protect websites, usually. But it's hosted in our network, our infrastructure, and the company websites as well. We are an ISP company and we provide internet services and other services to companies, like banks, etc. Part of our services is DDoS protection.

      How has it helped my organization?

      We are the ISP for government websites here in Saudi Arabia. We had a lot of attacks on those sites. The way we mitigated those attacks was by asking the people who are hosting the website about the features they were using for the websites. They specified two of the ports, and they said we're not going to allow any other port, any other service apart from these two services. We allowed the websites to be accessible through those two ports only. We blocked everything else. This was four years ago and everything has been smooth ever since.

      We have a monitoring team here, which is on watch 24/7. The monitoring part is very easy with this solution.

      What is most valuable?

      Our customers are very happy when we provide them with the interface. We give them read-only privileges and they can review the results by themselves. They can check how many attacks they have faced and how many attacks have been blocked. That is a very valuable feature offered by Arbor DDoS.

      We can also give them more privileges. They can do some tweaking according to their own systems. If they have a database running or if they have a website, they can tweak the features themselves.

      What needs improvement?

      Because we had some routers that were somewhat old, they were not integrated with Arbor. They did not support the NetFlow version that Arbor was running. That was a challenge. We had to upgrade the routers. Some backward-compatibility would be helpful.

      For how long have I used the solution?

      Three to five years.

      What do I think about the stability of the solution?

      The deployment is okay, stable. But when you are manipulating the countermeasures, that is the difficult part. You have to be very careful, and you have to be sure that these countermeasures will kick in when needed, that they're going to work.

      We have to customize the countermeasures for each customer. That is a real challenge. We should be reviewing them every month. They might be changing their services, they might be using different ports. We have to keep asking our customers, "Okay what are you running now? What are you using now? Which port are you running now?" so that we know what to expect. We need to know which traffic would be legit and which traffic is illegitimate so that we can block the illegitimate traffic without mistakes. We don't want to block the real traffic. There is a feature in Arbor called auto-learning. We can run that and it will help us. But at the end of the day, it's for us to decide what to allow.

      You cannot rely on auto because, for example, if you're running auto-learning, and the services have been running on 80, and all of a sudden it switches to 443, it will keep on blocking. You have to expect what's coming. You cannot rely on auto. Human involvement is always necessary.

      What do I think about the scalability of the solution?

      If the network is expanding, of course, we would expect to need to add more equipment. We would need to expand our solution.

      We had two customers from the government which came in, and they are super-important. Their services cannot go down. We had another solution from Arbor called Pravail. We had that installed for those two customers specifically. Their expected traffic is almost 8 MB, and their throughput is 12 MB. Any noise or malformed packets or out-of-sequence packets get filtered by the Pravail Solution. The bigger attacks will be handled by the TMS, the Threat Mitigation System.

      Scalability is not a problem for Arbor.

      How are customer service and technical support?

      Technical support is really good. ATAC has been good with us. We haven't had any problem contacting them or getting them engaged in our activities. For example, sometimes we need to customize the portal banner. For that, they have been helpful.

      Which solution did I use previously and why did I switch?

      This is our first DDoS solution.

      How was the initial setup?

      The initial setup is kind of complex because it requires peering. We have to design it from scratch, which makes it a little bit complex. It depends on whether we want to get it inline or if we want to apply offloading, and whether the company can afford a TMS of its own or we need to send traffic to a remote TMS, hosted by Arbor itself.

      The last deployment I was involved in took almost a month-and-a-half, with another 15 days for documentation.

      It took about eight to 12 people to get the deployment operational. We had people from the core who were engaged with us for the integration and bringing up the systems. After that, we had to hire some fresh resources, because, honestly, it's a new product and it's not very common. We can't really find experienced people for DDoS.

      It was not much of a challenge when we were developing it and when we were deploying it because we had a resident engineer who was planning everything, who was leading everything. But after that, when we were mitigating the attacks, there were challenges because we didn't have experienced people over here and the attacks were coming day and night, 24 /7. I had to come to the office after midnight and at midday. 

      But now, the system stable and the people that I'm managing are more experienced. They know stuff and it's pretty smooth now.

      What about the implementation team?

      We engaged Arbor itself. We had a resident engineer from Arbor who came here and deployed the system. He was here for a month more for support and for any types of issues that we faced.

      What other advice do I have?

      Go for it. It's one of the best solutions you can get for DDoS. It doesn't matter what services you're going to use. As long as you have the whole solution, the TMS and everything in-house, it's the best solution.

      We have a team of 12 to deploy and monitor the solution; we have three shifts running around the clock. They monitor the system alerts. They monitor the websites using the controls that we have to protect the clients. If one of them catches an attack, there is a high-alert flag and we focus on the attack to see if it has been mitigated or not. If it needs anything, if it needs some tweaking, we have two resources on each watch, a senior resource and a junior. The junior one keeps on monitoring. The senior one comes in whenever there is something to correct or if something needs to be changed in the system.

      For ISPs, Arbor DDoS would be the best solution. For smaller organizations, we can buy the services from Amazon for DDoS protection, and there's Cloudflare. But for ISPs, it's better to have Arbor DDoS because we have everything in-house. ISPs like ours have almost 120 gig bandwidth. For throughput, it's the best one.

      We don't have plans to increase usage currently because when we brought the solution four years ago, we measured it a lot. We bought more than what we needed. The plan is to improve the human operability on the system itself. Things look smooth, but you cannot rely on two or three people. We have to have redundancy in the human workforce. We're planning to expand the team so that we don't need to hire any fresh resources and train them from the start. These services are very expensive and our customers are expecting a perfect solution.

      Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.

      PeerSpot user
      Rich text editor
        reviewer1931166 - PeerSpot reviewer
        Product Manager at a comms service provider with 10,001+ employees
        Real User
        A stable solution with good protection against volumetric DDoS attacks
        Pros and Cons
        • "The solution provides good protection against volumetric DDoS attacks."
        • "The solution could be more granular to include logs per second and enhanced pipeline monitoring for router licenses."

        What is our primary use case?

        Our company uses a platform to render the solution to our customers and ensure quality service. We build the solution based on our data centers and infrastructure and then deliver an ID appliance to the customer that communicates with our routers and network. The solution provides flow spec protection and prevents volumetric DDoS attacks. 

        What is most valuable?

        The solution provides good protection against volumetric DDoS attacks. 

        What needs improvement?

        The solution could be more granular to include logs per second and enhanced pipeline monitoring for router licenses. 

        We would like the solution to offer secure, bug-free portals that could be installed in our data center and be accessible to our customers. Portals built on their own are expensive and time consuming because they have to be aligned with the solution's operational systems. 

        New versions are sometimes released before the bugs are worked out. 

        For how long have I used the solution?

        I have been using the solution for six years. 

        What do I think about the stability of the solution?

        The solution provides good quality stability and I rate it a nine out of ten. 

        What do I think about the scalability of the solution?

        The scalability could be improved with a more granular approach. I rate it a six out of ten. 

        How was the initial setup?

        The initial setup requires knowledge and is not easy. Setup involves many things including security, technology, alerts, and incidents. From a security operation standpoint, it is detailed and hard. 

        What about the implementation team?

        We have 10-12 technicians who implement the solution and service thousands of users.

        What was our ROI?

        There is a push from the solution's vendor to achieve profitability. It is currently profitable and I see it growing in the Polish market. I strongly believe in the solution and its impact on the profitability of our services. 

        What's my experience with pricing, setup cost, and licensing?

        The solution could be a bit less expensive given its market share. Other solutions that only offer DDoS protection are less expensive. Pressure from new companies will be visible in the future and affect pricing. 

        I'd also like botnet protection to be included in the package with volumetric DDoS attack prevention. Since licenses are required for routers, a method for tracking them in the pipeline would make the pricing model more attractive. 

        Given the limited scope of functionality, I rate the solution's pricing model a six out of ten. 

        Which other solutions did I evaluate?

        Our company also uses Radware as a solution. We build our portfolio based on the appliance software and professional services that could be added to create value for customers.

        The battle between NETSCOUT and Radware will continue until the end of time. There are periods of time when NETSCOUT is better and then it switches to Radware. We look beyond the technology when choosing a solution for customers. 

        Radware offers more functionality because they include volumetric DDoS attack and botnet protection in their package. The network behavior analysis in Radware's DefensePro includes intrusion, malware protection, and anti-botnet solutions that are more comprehensive than NETSCOUT. Radware puts an emphasis on cloud service using the OPEX model, which allows a startup purchase for a lower investment that we can enhance for our customers over time. This gives us the flexibility to add licenses at any point.

        Fortinet also has a good model where you can choose to buy segments of virtual machines instead of whole machines. You buy and accrue points that give you access to segments of these virtual machines. 

        What other advice do I have?

        I rate the solution an eight out of ten. 

        Disclosure: I am a real user, and this review is based on my own experience and opinions.

        PeerSpot user
        Rich text editor
          DejanBlagojevic - PeerSpot reviewer
          Presales Engineer at Exclusive-networks
          Reseller
          Best DDoS protection and offers affordable boxes for all types of clients
          Pros and Cons
          • "Companies that live from their presence on the internet will get a very high return on investment from Arbor."
          • "Arbor's SSL decryption is confusing and needs external cards to be installed in the devices. This is not the best solution from an architectural point of view for protecting HTTPS and every other protocol that is SSL encrypted."

          What is our primary use case?

          Our primary use case for Arbor is dose protection. 

          What is most valuable?

          Arbor's performance is its most valuable feature. The boxes are able to process huge amounts of traffic. One rec unit box can forward 20 gigabytes of traffic without any issue or without any latency towards the network. It's impressive really.

          What needs improvement?

          Arbor's SSL decryption is confusing and needs external cards to be installed in the devices. This is not the best solution from an architectural point of view for protecting HTTPS and every other protocol that is SSL encrypted.

          Their mitigation rate could be higher. No matter how good Arbor is in DDoS protection, they do not get a 100% mitigation rate.

          Arbor has the longest tradition in DDoS protection. They have way more expertise in DDoS than anyone else. However, the price of support and licensing is a bit high. They are not affordable but they do their job perfectly.

          For how long have I used the solution?

          I have been using Arbor DDoS for the last five years. 

          What do I think about the stability of the solution?

          On a scale of one to five, with one being not stable at all and five being very stable, I would give Arbor a five for stability. 

          What do I think about the scalability of the solution?

          If you do a good job planning and selecting a good Arbor box for your organization, you can scale at a fairly high level. For scalability, I give Arbor a four out of five, with one being unscalable and five being highly scalable.

          How are customer service and support?

          Arbor's tech support staff knows what it is doing. 

          How would you rate customer service and support?

          Positive

          How was the initial setup?

          On a scale of one to five, one being difficult and five being easy, I would rate Arbor's initial setup as a three. It is easy, but you need to plan it well. You need to think about what you are protecting. There are a lot of different small fine tuning elements that you need to consider during the deployment.

          A common implementation strategy for Arbor DDoS takes about two to three weeks. That is the optimal time frame for delivering the whole solution and getting it as a fully functional protection. 

          We usually start the implementation process by placing the device in the customer's data center. We put it into a transparent mode and then observe some peaks, packet rates, and traffic flows. When that learning period is over, we will start to enforce the protection. That is about it; nothing more to it than that. There may be some fine tuning as a last step, but that rarely happens.

          The deployment usually includes myself and one more engineer. Bigger teams of up to seven or eight engineers do get formed for enterprise customers and internal service providers.

          What was our ROI?

          Companies that live from their presence on the internet will get a very high return on investment from Arbor. 

          What's my experience with pricing, setup cost, and licensing?

          Arbor services are paid annually. A good option is that cloud mitigations can be licensed annually, but you can also buy a single mitigation. That's the lowest quote that you can get. You can activate a cloud mitigation and 24 hours after the mitigation ends, you can buy one more and so on without a contract. They are flexible with the licensing for these additional services, which is nice.

          What other advice do I have?

          Arbor and other Netscout products are almost like Cisco. You configure them once and you can leave them in the data center forever and never do anything on them again. Issues with stability and other unexpected things barely happen ever.

          Regardless of how big your organization is, if you provide some sort of services towards the internet or towards clients, you will benefit from DDoS protection and Arbor especially. They have boxes that are really affordable. 

          Arbor can be deployed as hybrid solution, but the company's main business model is deploying their appliances on premises.

          The good thing about Arbor and Netscout is that they are able to incorporate taxi and streaks external feeds into their devices. That makes them really flexible not towards their own IP intelligence, but you can streamline the additional information from multiple different open source or paid sources. They are well rounded in terms of features. Their portfolio covers network visibility, pocket brokers, and similar stuff. 

          Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller

          PeerSpot user
          Rich text editor
            Osman Nayan - PeerSpot reviewer
            IP/DDOS Senior Engineer at Türk Telekom International
            Real User
            Top 5
            A highly scalable and extremely stable solution with an easy-to-understand GUI
            Pros and Cons
            • "It has an easy-to-understand GUI...Stability-wise, I rate the solution a ten out of ten."
            • "The solution's shortcomings are related to its documentation, so it's an area that needs to improve."

            What is our primary use case?

            I use Arbor DDoS for the same purposes for which I use A10.


            What is most valuable?

            It has an easy-to-understand GUI.


            What needs improvement?

            The solution's shortcomings are related to its documentation, so it's an area that needs to improve.


            For how long have I used the solution?

            I have been using Arbor DDoS for a year.


            What do I think about the stability of the solution?

            Stability-wise, I rate the solution a ten out of ten.


            What do I think about the scalability of the solution?

            Scalability-wise, I rate the solution a nine out of ten. Around 50 people use the solution in my company. Also, I don't have plans to increase its usage.


            How are customer service and support?

            I have never used Arbor's support.


            How was the initial setup?

            The setup process was easy. The solution has been set up on all the devices. So, I did the setup from start to end.

            Which other solutions did I evaluate?

            I didn't evaluate other products before choosing Arbor DDoS.

            What other advice do I have?

            I would definitely recommend the solution to those planning to use it. I rate the overall solution a ten out of ten.


            Which deployment model are you using for this solution?

            On-premises
            Disclosure: I am a real user, and this review is based on my own experience and opinions.

            PeerSpot user
            Rich text editor
              reviewer1335690 - PeerSpot reviewer
              Network Security Architecture at a financial services firm with 501-1,000 employees
              Real User
              Gives us visibility into what's going on with our publicly exposed services - hits; both good and bad.
              Pros and Cons
              • "The auto-mitigation, that signaling feature, where it automatically raises an alarm that a line is under attack, is important. The upstream service provider will then do something to reduce the load on our internet lines. The fact that it's automated means I don't have to sit and always be looking at threats coming through. It does it almost automatically, without any intervention by me."

                What is our primary use case?

                We are using it for application availability, for its perimeter protection against DDoS and such service-exhausting attacks. Our goal is service availability and protecting our infrastructure against reputational damage and other penalties that could be incurred as a result of outages and malicious activities.

                How has it helped my organization?

                In terms of availability, we have never suffered any service exhaustion or services unavailability. Credit goes to the solution in that we have probably suffered a number of attacks, but they were mitigated by the tech solution without any notable impact - automation. We have benefited a lot from it.

                It gives us visibility into what's going on with our externally exposed services. The better the visibility it means we are able to take better informed actions to improve our infrastructure, both inside and outside the LAN.

                And it has definitely helped us to achieve our network and application uptime requirements for our business and its external stakeholders. We have always maintained a very high service availability. Previously, the work involved was so intense to ensure we could support that availability. The uptime was the same then as it is now, almost 99.99 percent availability. But back then, threats were not as evolved and sophisticated as they are now. In the seven years we have been using the tool, we have continued with availability of services as before. But today, without the Arbor solution, I believe we would have suffered quite a number of service availability issues.

                What is most valuable?

                The auto-mitigation and upstream signaling are awesome. With the upstream signaling, this is where the application automatically raises an alarm that the data-line is over-utilized (potentially resulting in service unavailability) or is under attack (volumetric attack). The upstream service provider will then start scrubbing and black-holing malicious connections as a means to clean up the line and relieving the load. The fact that it's automated means I don't have to sit the entire time and always be looking out for threats coming through. It does it almost automatically, without any intervention by me.

                They are putting quite a good amount of effort into their research to make their products stand out from the rest.

                Day by day, the solution is actually getting smarter and more useful.

                What needs improvement?

                I haven't found anything to complain about or anything that they need to improve on.

                For how long have I used the solution?

                I have been using Arbor DDoS for close to seven years now.

                What do I think about the stability of the solution?

                It's a very well-developed tool. I'm quite impressed. I'm happy with its performance. Stability-wise, it's a good tool. Support is also very impressive.

                What do I think about the scalability of the solution?

                For my environment, there is no need for growing the platform. We currently have about 5,000 endpoints. But from what I've seen, and the way we deployed it, it looks quite scalable.

                How are customer service and technical support?

                I've used NETSCOUT's technical support a number of times. I would rate it at 8 out of 10.  They are doing well, there is always room for improvement. Their technical knowledge is on point, and their turnaround time is on point.

                Which solution did I use previously and why did I switch?

                We did not have a previous solution.

                The decision to use Arbor was based on their track record and capabilities - they stood out very well.

                How was the initial setup?

                It's not complex. If you know what you want to use the tool for, the placement, and you know what you want to protect, the setup is very straightforward. It requires minimal downtime to deploy the solution. I found it quite easy.

                Deployment took about two hours, but that time includes internal delays. From the moment you start setting it up, it takes no more than 30 minutes. The longest part, before you deploy the technology, is learning your network by monitoring it. That could take a long time, depending on the timeframe that you want to benchmark on. It could take, say, a month, just to get an idea of how your network behaves. But in terms of setting up the device, it should take an hour, tops.

                We had three people involved in the initial setup. All are network engineers.

                Post-deployment maintenance on our side consists of just the regular updates of the software. 

                What about the implementation team?

                Implementation was both inhouse and vendor supported - vendor support was great, very knowledgeable resources.

                What was our ROI?

                ROI comes from the fact that we've never suffered any outages. In the absence of Arbor, if we were to be compromised, the cost would be way more than the cost of the solution.

                What's my experience with pricing, setup cost, and licensing?

                The solution is a bit costly if you're on a tight budget, but it's worth the price that they are charging - the ROI is notable in a long run.

                Which other solutions did I evaluate?

                I've only used the Arbor solution, so I haven't had any hands-on exposure to other technologies. But from the bit that I've read, and based on the ratings of the other solutions, nothing compares closed to what Arbor anti-DDoS offers. I've tried to compare it with the F5 Silverline solution, but the way that solution does threat mitigation is not as advanced or as comprehensive as what Arbor does.

                What other advice do I have?

                My advice is "Go for it." It's a great tool. If you're concerned about the availability of your services, I highly recommend it, without any hesitation. If you regard your brand or organization as valuable, then Arbor is the tool for you.

                Which deployment model are you using for this solution?

                On-premises
                Disclosure: I am a real user, and this review is based on my own experience and opinions.

                PeerSpot user
                Rich text editor
                  Security Advisor at a comms service provider with 10,001+ employees
                  Real User
                  Key features include Web 2.0 interactive attack alerting and traffic visualization
                  Pros and Cons
                  • "Valuable features include simple and centralized management of user access and capabilities, as well as Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control."
                  • "The following areas need improvement: opening and tracking support tickets, online support resources, software upgrades/updates and replacement media, and event management guidelines."

                  What is our primary use case?

                  We use these products because of the increase in frequency and sophistication of Denial of Service and Distributed Denial of Service attacks. As a service provider, we need to control and mitigate these attacks.

                  What is most valuable?

                  Valuable features include:

                  • Simple and centralized management of user access and capabilities
                  • Viewing and/or configuring of status, history, account, user, AAA, DNS, and NTP settings
                  • Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control

                  What needs improvement?

                  The following areas need improvement:

                  • Opening and tracking support tickets 
                  • Online support resources
                  • Software upgrades/updates and replacement media
                  • Event management guidelines.

                  For how long have I used the solution?

                  More than five years.

                  What do I think about the stability of the solution?

                  The initial implementation phase was a bit tricky but after that, it worked like a charm.

                  What do I think about the scalability of the solution?

                  Provides increased performance, scalability, and availability for Peakflow SP-based managed services.

                  It enables 25 simultaneous users/API per non-leader device. It scales up to ten PI devices and a maximum of 125 simultaneous logins, deployment-wide.

                  How was the initial setup?

                  The setup follows a project plan based on a PIP (Performance Improvement Plan) document and the LLD. A process is created to cover site preparation, hardware staging, hardware installation, and link activation and needs the involvement of the Operations team. Deployment takes three to four months.

                  Our implementation strategy is as follows:

                  • Assign a project manager to be onsite when needed during the implementation until signoff
                  • Understand customer’s policies, requirements, and procedures
                  • Discuss and agree on the general prerequisites for the proposed solutions
                  • Conduct site survey
                  • Site preparation for the proposed solutions
                  • Design the proposed solutions
                  • Provide detailed project plan for the entire assignment
                  • Provide Low-Level Design
                  • Delivering the proposed SW and HW to the site
                  • Configure the solutions based on best practices
                  • Complete integration, fine-tuning, testing, and knowledge transfer to provide templates and guidance on use of templates to team members
                  • Finalize the deliverables along with the client

                  What about the implementation team?

                  We did include an SI for the deployment. Our experience with that team was excellent as they knew what they were doing.

                  What's my experience with pricing, setup cost, and licensing?

                  Pricing is slightly on the higher side.

                  What other advice do I have?

                  It's an excellent product DDoS protection against attacks.

                  We have more than 7,000 users at all levels of access.

                  Disclosure: I am a real user, and this review is based on my own experience and opinions.

                  PeerSpot user
                  Rich text editor
                    Buyer's Guide
                    Download our free Arbor DDoS Report and get advice and tips from experienced pros sharing their opinions.
                    Updated: April 2025
                    Buyer's Guide
                    Download our free Arbor DDoS Report and get advice and tips from experienced pros sharing their opinions.
                    ...
                    ...