We provide about 50% of the nation's bandwidth because of the submarine cables we have. We use Arbor to provide DDoS-protected bandwidth to our customers who require it.
Dty. Chief Executive Officer at Transworld Associates (Pvt.)
DDoS protection with excellent mitigation
Pros and Cons
- "The most valuable feature is mitigation, which can blackhole the IP."
- "An improvement would be to provide information on how pricing is done on different customer levels."
What is our primary use case?
What is most valuable?
The most valuable feature is mitigation, which can blackhole the IP.
What needs improvement?
An improvement would be to provide information on how pricing is done on different customer levels (e.g. is it done per gig or bandwidth?)
For how long have I used the solution?
I've been using this solution for six or seven years.
Buyer's Guide
Arbor DDoS
December 2024
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
How are customer service and support?
Arbor's technical support is very good, we've had no issues with it.
What's my experience with pricing, setup cost, and licensing?
The price is a little high.
What other advice do I have?
I would rate Arbor DDoS as eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Advisor at a comms service provider with 10,001+ employees
Key features include Web 2.0 interactive attack alerting and traffic visualization
Pros and Cons
- "Valuable features include simple and centralized management of user access and capabilities, as well as Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control."
- "The following areas need improvement: opening and tracking support tickets, online support resources, software upgrades/updates and replacement media, and event management guidelines."
What is our primary use case?
We use these products because of the increase in frequency and sophistication of Denial of Service and Distributed Denial of Service attacks. As a service provider, we need to control and mitigate these attacks.
What is most valuable?
Valuable features include:
- Simple and centralized management of user access and capabilities
- Viewing and/or configuring of status, history, account, user, AAA, DNS, and NTP settings
- Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control
What needs improvement?
The following areas need improvement:
- Opening and tracking support tickets
- Online support resources
- Software upgrades/updates and replacement media
- Event management guidelines.
For how long have I used the solution?
More than five years.
What do I think about the stability of the solution?
The initial implementation phase was a bit tricky but after that, it worked like a charm.
What do I think about the scalability of the solution?
Provides increased performance, scalability, and availability for Peakflow SP-based managed services.
It enables 25 simultaneous users/API per non-leader device. It scales up to ten PI devices and a maximum of 125 simultaneous logins, deployment-wide.
How was the initial setup?
The setup follows a project plan based on a PIP (Performance Improvement Plan) document and the LLD. A process is created to cover site preparation, hardware staging, hardware installation, and link activation and needs the involvement of the Operations team. Deployment takes three to four months.
Our implementation strategy is as follows:
- Assign a project manager to be onsite when needed during the implementation until signoff
- Understand customer’s policies, requirements, and procedures
- Discuss and agree on the general prerequisites for the proposed solutions
- Conduct site survey
- Site preparation for the proposed solutions
- Design the proposed solutions
- Provide detailed project plan for the entire assignment
- Provide Low-Level Design
- Delivering the proposed SW and HW to the site
- Configure the solutions based on best practices
- Complete integration, fine-tuning, testing, and knowledge transfer to provide templates and guidance on use of templates to team members
- Finalize the deliverables along with the client
What about the implementation team?
We did include an SI for the deployment. Our experience with that team was excellent as they knew what they were doing.
What's my experience with pricing, setup cost, and licensing?
Pricing is slightly on the higher side.
What other advice do I have?
It's an excellent product DDoS protection against attacks.
We have more than 7,000 users at all levels of access.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Arbor DDoS
December 2024
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Product Manager, MSx Security Services at TPx Communications
Forensics enable us to look at logs, to see anomalies, and they give us information we might not have about customers
Pros and Cons
- "It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler."
What is our primary use case?
We're a managed service provider as well as an internet service provider. We use it to protect our core network from DDoS attacks, and by protecting our core network we can also protect our end customers.
We're in the process of migrating to the newest version, currently. We use the solution in our physical environment, but we also take advantage of their cloud offering.
How has it helped my organization?
Previously, we were vulnerable to DDoS attacks, and large-scale attacks could potentially take down parts of our network segments. With the Arbor product, that doesn't happen anymore.
What is most valuable?
I love the forensics. The forensics give us the ability to look at logs and to look for anomalies and give us traffic information about customers that we might not normally have. We can also use that to assist customers in troubleshooting issues that they might be having. The forensics is what I loved the most.
What needs improvement?
I struggle with where the product could improve because it's pretty great the way it is.
I would just say more granular reporting, down to our customer level, would be helpful. If we could somehow import customer information in their networks, it would be able to generate reports. It might actually be able to do that right now, and we have just never used it.
I've dealt with other solutions where I said, "I wish it did this," but it didn't. We have tried some other solutions that do what Arbor does and I would often go back to them and say, "Well, I want it to do this," because we already have that now with the Arbor solution. I've dealt with other vendors and I don't see things that they're doing that Arbor doesn't do.
For how long have I used the solution?
I've been using Arbor DDoS for eight years.
What do I think about the stability of the solution?
It's very stable. Things do happen and we have had to open support tickets, but that touchpoint with Arbor is very low. There is not a lot of trouble that comes up with it.
We don't necessarily need to update the firmware versions all the time, although they are available. Sometimes we have stayed with a version that we were on because it was stable and it was secure. I've dealt with other vendors before where there are constant problems and their solution is, "Well, there's a new firmware version. Upgrade." We don't have those kinds of problems with Arbor.
What do I think about the scalability of the solution?
It's easily scalable. We could add on routers if we wanted to; we could add on more devices to handle more mitigations, or go to the cloud if necessary. If there was a large scale attack, we'd just use their scrubbing centers versus ours. It's very scalable.
It touches a relatively small part of our overall network: It touches our drain points to the internet. But it affects the entire network, which is quite complex. It's protecting our entire network. As our network expands, it can expand with us.
How are customer service and technical support?
The technical support is very good. We usually get answers right away. We can submit a ticket online or just give them a call and get a quick response.
Which solution did I use previously and why did I switch?
We didn't have a solution before Arbor, but there was a period of time where we tried another solution. We did not find that solution to be adequate.
With Arbor, when we see DDoS attacks, it is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler.
How was the initial setup?
I wasn't involved in the initial setup, but I was involved, mid-stream, when we brought in the mitigation side. We are currently replacing our aged infrastructure of Arbor products with a newer version. I'm tangentially involved with that.
The updating process is straightforward. They've done a good job of that. And the fact that we've already deployed it before means we can use the template of the previous deployment to set up the new deployment. So it is easy.
Our implementation strategy is the same, whether for the initial setup or for the updates. We're finding where the drains are on our network and set up the monitoring for those points. Then we create the mitigation side at specific data centers so we can route traffic to those devices and mitigate the traffic.
What was our ROI?
We have seen ROI for sure because uptime, as a service provider, is critical and the solution helps us maintain 100 percent uptime.
What's my experience with pricing, setup cost, and licensing?
There is room for improvement with the pricing. It is an expensive solution. The issue with the pricing is more the way it is built. Right now we're paying per router, and there's a limitation there. I would like to see bundle-pricing where there is an overall solution cost.
Which other solutions did I evaluate?
I will periodically talk with other vendors, just to make sure Arbor is really the best solution for us.
What other advice do I have?
Work with Arbor. They have great people to help you make sure it's implemented correctly. And they also have a great training team to help you understand the solution and use it to its fullest advantages.
The biggest thing I have learned from using the solution is seeing all the different types of denial of service attacks that are out there. I have come to understand that they will come in waves and that certain types of customers are more prone to attack than others.
It also lets us understand traffic flows on our network, as far as the usual traffic goes. We can understand what our network looks like. What it looks like at 1:00 pm is very different then what it looks like at 3:00 am. The solution helps us understand that.
The users of Arbor DDoS in our company are only a handful of technicians. Our NOC and some of our security people, engineers, are in there, but it protects tens of thousands of customers for us. For deployment and maintenance of this solution we require two security engineers. They maintain the system and make any configuration changes, if necessary. They handle regular maintenance, if necessary, although it's pretty minimal.
I would rate this product as an eleven out of 10.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Engineer at a comms service provider with 10,001+ employees
Performs great at protecting our customers against attacks
Pros and Cons
- "There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great."
- "We need a SaaS model for the solution."
What is our primary use case?
Our business is to provide a DDoS protection solution for our customers. Our customers are banks, financial groups, etc.
We might develop some DDoS protection services for our customers under our Internet umbrella. We detect and filter traffic using Arbor DDoS in our network.
We use it as a BGP or prompt, as a telecom service provider. We have SP and TMS, and that is all our architecture.
We resell on-premise the Arbor edition and install at our customers' site, specifically the Availability Protection System (APS) system.
How has it helped my organization?
It protects huge attacks on our Internet system over our network.
We provide more granular application protection using the APS system, which is located at customer sites.
Our concern is to provide flexibility. We decided to move to this DDoS solution. We wanted to install some local filtering service in the regions. We wanted to be able to add or remove some mitigation capacity to our regional services, which is vital for us. So, we decided to develop these new features to our DDoS service.
Every day or month, we have found some new attack, but I don't think that is very important. It is just the evolution of attacks. We fix it and make a description, so we will be aware when some new attacks come. I think that the Arbor DDoS and APS solutions are quite enough at the moment, as they mitigate all attacks that we face.
What is most valuable?
The most valuable feature is the ability to work in BGP. It is not important to provide all traffic in a mitigation system every time. We have a lot of customers, and only when a proxy is detected do we use it. This has reduced the cost of our solution.
What needs improvement?
We would like the ability to decrypt APS traffic.
We need a SaaS model for the solution.
I opened a ticket with Arbor for the ability to localize numbers of our customers in BGP sessions. This has not been resolved.
For how long have I used the solution?
We have been using Arbor DDoS for seven years, since 2013.
What do I think about the stability of the solution?
It is quite stable. There are no major important bugs, though maybe some small ones.
There are around five people who maintain it 24 hours a day.
What do I think about the scalability of the solution?
It is quite scalable and effective. You can add new integration services quite easily.
There are around 60 end users/customers of this solution.
How are customer service and technical support?
They have good support. Tickets are resolved efficiently in time with Arbor engineers.
How was the initial setup?
It was quite complicated and complex to set up.
What about the implementation team?
Several engineers were required to deploy it.
What was our ROI?
There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great.
What's my experience with pricing, setup cost, and licensing?
The solution has a huge price, but we are a global company so we receive global pricing, which is why we chose Arbor. We also receive good prices for Russia.
We also bought the Sentinel feature to use its flow spec because we needed to know how much traffic will be mitigated on our borders. We haven't used it yet, but we are planning on using it in the Spring. We found that the combination of the Sentinel feature with Arbor DDoS going forward is the most important feature.
We do not use the Arbor Cloud DDoS solution because it is too costly. We decided to make our proprietary cloud solution designed by our company.
Which other solutions did I evaluate?
Several solutions were tested, then we chose Arbor DDoS.
We evaluated several solutions, like NSFOCUS, three months ago, and decided to continue to go with Arbor. Another solution was similar to Arbor because they have a very sophisticated mitigation system. However, they still don't have a system that can analyze traffic by BGP, and their solution was to integrate with Arbor. We decided not to do that.
Arbor is the solution for telecom services on the market.
Arbor is still the leader versus many vendors and products, which is why we decided to integrate with the Arbor solution for another three years. The solution has met our requirements.
What other advice do I have?
I would recommend using Arbor DDoS.
We will buy the next version on virtual machines. We will buy a server separately with the on-premise solution, then install it on our servers where it would be virtual.
We have been thinking about creating our own DDoS solution using firewalls from other vendors.
We are looking to buy two distributed servers this year that we will need to test locally.
I would rate this solution as an eight (out of 10). Arbor DDoS is a stable solution that fulfills our requirements for DDoS protection services.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
System Administrator at a tech vendor with 10,001+ employees
Looks into volumetric attacks and gets them resolved
Pros and Cons
- "The solution looks into volumetric attacks and gets them resolved."
- "Real-case scenarios that have taken too long to resolve or were escalated can be directly converted into articles."
What is most valuable?
The solution looks into volumetric attacks and gets them resolved.
What needs improvement?
The technical support engineers can create more labs within the environment. Real-case scenarios that have taken too long to resolve or were escalated can be directly converted into articles. It is highly possible that someone else may also face similar problems. Such articles will help people easily find a solution to their specific issues.
For how long have I used the solution?
I have been using Arbor DDoS for seven years.
What do I think about the stability of the solution?
Arbor DDoS is a stable solution.
What do I think about the scalability of the solution?
Arbor DDoS is a scalable solution. It can be used by small, medium and enterprise businesses.
What other advice do I have?
The solution's integration is simple if you know the steps. If you don't know the steps, it becomes complex. It can become difficult depending on the layer, negotiation, and communication. If everything is laid out in software terms it is not difficult. You just need to follow the process. I would recommend the solution to other users.
Overall, I rate the solution a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Sep 11, 2024
Flag as inappropriateNetwork Security Manager at a financial services firm with 1,001-5,000 employees
Provides real-time updates and has good technical support services
Pros and Cons
- "The product allows us to check real-time progress, including latency and network activities."
- "The product could have end-to-end platform visibility."
What is our primary use case?
We use the product for DDoS settings to prevent malware attacks.
What is most valuable?
The product allows us to check real-time progress, including latency and network activities.
What needs improvement?
The product could have end-to-end platform visibility, including connectivity and bandwidth, similar to Cisco.
For how long have I used the solution?
We have been using Arbor DDoS for seven or eight years. At present, we use the latest version.
What do I think about the stability of the solution?
The product is very stable.
What do I think about the scalability of the solution?
It is a scalable product. Its scalability depends on the bandwidth. It manages around 50,000 internet banking customers.
How are customer service and support?
The technical support services are excellent.
How was the initial setup?
The initial setup is easy. It involves configuring network connectivity, including public IP addresses and firewall/router configurations. It requires setting up security rules or access controls on Arbor to control which traffic is allowed through. It's important to ensure that traffic from the Internet has a few diversions before reaching the firewall. It takes approximately six hours to complete. The system needs to take a downtime for maintenance. It requires around 13 minutes to complete.
What other advice do I have?
The product’s availability and support services are good. I rate it a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Business Development Manager at World Distribution Nepal Pvt.Ltd
A stable solution offering features like analytics and attack mitigation capabilities
Pros and Cons
- "Analytics and its attack mitigation capabilities are valuable features of the solution."
- "It is an expensive product, so there is room for improvement in terms of pricing."
What is our primary use case?
Arbor DDoS is not used for enterprise companies but by some other companies, including NIDC, a government entity.
How has it helped my organization?
What is most valuable?
Analytics and its attack mitigation capabilities are valuable features of the solution.
What needs improvement?
It is an expensive product, so there is room for improvement in terms of pricing.
For how long have I used the solution?
I work for the sales department. So, I've been using Arbor DDoS for three to four years. My company has a partnership with Arbor.
What do I think about the stability of the solution?
The product is stable. I rate its stability a ten out of ten.
What do I think about the scalability of the solution?
The product is scalable. I rate its stability a ten out of ten.
What's my experience with pricing, setup cost, and licensing?
It is an expensive product. I use this product for its different features.
Which other solutions did I evaluate?
What other advice do I have?
I rate the overall product a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Network Security Engineer at a tech vendor with 11-50 employees
Very strong for attack prevention but lacks SSL inspection and a behavioral traffic analyzer
Pros and Cons
- "The stateless device format means that the box is very strong for preventing DDoS attacks."
- "The solution needs to enhance its features to compete with other tools."
What is our primary use case?
Our company uses the solution to protect applications such as web DNS and file servers from DDoS attacks coming through the Internet's application layer.
We also protect our devices and components such as firewalls, IPSS, and WAFs.
What is most valuable?
The stateless device format means that the box is very strong for preventing DDoS attacks.
The solution is user friendly and the graphical user interface can be used for everything without logging into the CLI.
The box includes embedded bypass modules so bypasses can be performed without outages.
Hardware modules do not need to be changed when upgrading licenses for additional capacity.
What needs improvement?
A behavioral traffic analyzer and SSL inspection tool need to be added.
The solution needs to enhance its features to compete with other tools. Lately, Arbor has made some improvements but they are not ones that are expected or ones that would better align the solution with competitors.
For example, the solution announced it was releasing SSL inspection in 2020. After a while, they realized the feature was failing so they stopped mentioning it and instead provided another solution which required purchase of a different box. This created a complex topology that is not cost efficient. I have to set aside extra budget so this is not an improvement or a solution for me. Competitors handle the same feature within their own single box.
For how long have I used the solution?
I have been using the solution for five years.
What do I think about the stability of the solution?
The solution is really stable. It is the most stable device in our topology.
How are customer service and support?
Technical support is very good and responds quickly. If I get any box faults, one phone call gets me to an engineer for troubleshooting.
I rate support an eight out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I did not use other solutions.
How was the initial setup?
The setup not complex and a simple configuration takes about one hour.
An advanced configuration takes up to twenty days because I run simulations and check results. It is not constant work but provides useful results.
What about the implementation team?
Our team of one system architect and three system engineers implemented the solution in-house.
What's my experience with pricing, setup cost, and licensing?
The solution's pricing is based on a licensing model that is expensive when compared to other tools.
The first option is a DDoS or throughput license that never expires after purchase. You can use the box until its end of life.
The second option is a subscription license that is purchased for one, three, or five years. It includes some additional features and services that are optional.
Product or technical support is a separate license that must be renewed every one or three years.
Which other solutions did I evaluate?
I have evaluated other solutions in a demo environment.
Radware is the leading DDoS solution right now and a strong competitor. I found that its graphical interface is complex and hard to handle. It takes time to configure properly, is hard to read, and is poor for reporting.
What other advice do I have?
I recommend the solution and rate it a seven out of ten.
If the solution adds a behavioral traffic analyzer and SSL inspection tool, then I rate it a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Buyer's Guide
Download our free Arbor DDoS Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Distributed Denial-of-Service (DDoS) ProtectionPopular Comparisons
Cloudflare
Cloudflare One
Imperva DDoS
Akamai App and API Protector
Radware DefensePro
Azure DDoS Protection
AWS Shield
Fastly
F5 Silverline Managed Services
Prolexic
Fortinet FortiDDoS
Kentik
Corero
Nexusguard DDoS Protection
A10 Thunder TPS
Buyer's Guide
Download our free Arbor DDoS Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Prolexic vs. Arbor Networks: How do they compare?
- What is the biggest difference between Arbor and Radware?
- What are the differences between Arbor DDoS and Fortinet FortiDDos?
- We are looking at managed DNS providers and want to know what others are using
- Prolexic vs. Arbor Networks: How do they compare?
- Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
- How does a WAF help to protect against DDoS attacks?
- DDoS solutions: Any other solutions to consider aside from Radware DefensePro and F5 Silverline DDoS Protection?
- Which is the best DDoS solution and why?
- When evaluating DDoS Protection, what aspect do you think is the most important to look for?