Arbor DDoS Reviews

We provide about 50% of the nation's bandwidth because of the submarine cables we have. We use Arbor to provide DDoS-protected bandwidth to our customers who require it.

The most valuable feature is mitigation, which can blackhole the IP.

An improvement would be to provide information on how pricing is done on different customer levels (e.g. is it done per gig or bandwidth?)

I've been using this solution for six or seven years.

Arbor's technical support is very good, we've had no issues with it.

The price is a little high.

I would rate Arbor DDoS as eight out of ten.

We use these products because of the increase in frequency and sophistication of Denial of Service and Distributed Denial of Service attacks. As a service provider, we need to control and mitigate these attacks.

Valuable features include:

• Simple and centralized management of user access and capabilities
• Viewing and/or configuring of status, history, account, user, AAA, DNS, and NTP settings
• Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control
  

The following areas need improvement:

• Opening and tracking support tickets 
• Online support resources
• Software upgrades/updates and replacement media
• Event management guidelines.
  

The initial implementation phase was a bit tricky but after that, it worked like a charm.

Provides increased performance, scalability, and availability for Peakflow SP-based managed services.

It enables 25 simultaneous users/API per non-leader device. It scales up to ten PI devices and a maximum of 125 simultaneous logins, deployment-wide.

The setup follows a project plan based on a PIP (Performance Improvement Plan) document and the LLD. A process is created to cover site preparation, hardware staging, hardware installation, and link activation and needs the involvement of the Operations team. Deployment takes three to four months.

Our implementation strategy is as follows:

• Assign a project manager to be onsite when needed during the implementation until signoff
• Understand customer’s policies, requirements, and procedures
• Discuss and agree on the general prerequisites for the proposed solutions
• Conduct site survey
• Site preparation for the proposed solutions
• Design the proposed solutions
• Provide detailed project plan for the entire assignment
• Provide Low-Level Design
• Delivering the proposed SW and HW to the site
• Configure the solutions based on best practices
• Complete integration, fine-tuning, testing, and knowledge transfer to provide templates and guidance on use of templates to team members
• Finalize the deliverables along with the client
  

We did include an SI for the deployment. Our experience with that team was excellent as they knew what they were doing.

Pricing is slightly on the higher side.

It's an excellent product DDoS protection against attacks.

We have more than 7,000 users at all levels of access.

We're a managed service provider as well as an internet service provider. We use it to protect our core network from DDoS attacks, and by protecting our core network we can also protect our end customers.

We're in the process of migrating to the newest version, currently. We use the solution in our physical environment, but we also take advantage of their cloud offering.

Previously, we were vulnerable to DDoS attacks, and large-scale attacks could potentially take down parts of our network segments. With the Arbor product, that doesn't happen anymore.

I love the forensics. The forensics give us the ability to look at logs and to look for anomalies and give us traffic information about customers that we might not normally have. We can also use that to assist customers in troubleshooting issues that they might be having. The forensics is what I loved the most.

I struggle with where the product could improve because it's pretty great the way it is.

I would just say more granular reporting, down to our customer level, would be helpful. If we could somehow import customer information in their networks, it would be able to generate reports. It might actually be able to do that right now, and we have just never used it.

I've dealt with other solutions where I said, "I wish it did this," but it didn't. We have tried some other solutions that do what Arbor does and I would often go back to them and say, "Well, I want it to do this," because we already have that now with the Arbor solution. I've dealt with other vendors and I don't see things that they're doing that Arbor doesn't do.

I've been using Arbor DDoS for eight years.

It's very stable. Things do happen and we have had to open support tickets, but that touchpoint with Arbor is very low. There is not a lot of trouble that comes up with it. 

We don't necessarily need to update the firmware versions all the time, although they are available. Sometimes we have stayed with a  version that we were on because it was stable and it was secure. I've dealt with other vendors before where there are constant problems and their solution is, "Well, there's a new firmware version. Upgrade." We don't have those kinds of problems with Arbor.

It's easily scalable. We could add on routers if we wanted to; we could add on more devices to handle more mitigations, or go to the cloud if necessary. If there was a large scale attack, we'd just use their scrubbing centers versus ours. It's very scalable.

It touches a relatively small part of our overall network: It touches our drain points to the internet. But it affects the entire network, which is quite complex. It's protecting our entire network. As our network expands, it can expand with us.

The technical support is very good. We usually get answers right away. We can submit a ticket online or just give them a call and get a quick response.

We didn't have a solution before Arbor, but there was a period of time where we tried another solution. We did not find that solution to be adequate.

With Arbor, when we see DDoS attacks, it is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler.

I wasn't involved in the initial setup, but I was involved, mid-stream, when we brought in the mitigation side. We are currently replacing our aged infrastructure of Arbor products with a newer version. I'm tangentially involved with that.

The updating process is straightforward. They've done a good job of that. And the fact that we've already deployed it before means we can use the template of the previous deployment to set up the new deployment. So it is easy.

Our implementation strategy is the same, whether for the initial setup or for the updates. We're finding where the drains are on our network and set up the monitoring for those points. Then we create the mitigation side at specific data centers so we can route traffic to those devices and mitigate the traffic.

We have seen ROI for sure because uptime, as a service provider, is critical and the solution helps us maintain 100 percent uptime.

There is room for improvement with the pricing. It is an expensive solution. The issue with the pricing is more the way it is built. Right now we're paying per router, and there's a limitation there. I would like to see bundle-pricing where there is an overall solution cost.

I will periodically talk with other vendors, just to make sure Arbor is really the best solution for us.

Work with Arbor. They have great people to help you make sure it's implemented correctly. And they also have a great training team to help you understand the solution and use it to its fullest advantages.

The biggest thing I have learned from using the solution is seeing all the different types of denial of service attacks that are out there. I have come to understand that they will come in waves and that certain types of customers are more prone to attack than others.

It also lets us understand traffic flows on our network, as far as the usual traffic goes. We can understand what our network looks like. What it looks like at 1:00 pm is very different then what it looks like at 3:00 am. The solution helps us understand that.

The users of Arbor DDoS in our company are only a handful of technicians. Our NOC and some of our security people, engineers, are in there, but it protects tens of thousands of customers for us. For deployment and maintenance of this solution we require two security engineers. They maintain the system and make any configuration changes, if necessary. They handle regular maintenance, if necessary, although it's pretty minimal.

I would rate this product as an eleven out of 10.

Our business is to provide a DDoS protection solution for our customers. Our customers are banks, financial groups, etc.

We might develop some DDoS protection services for our customers under our Internet umbrella. We detect and filter traffic using Arbor DDoS in our network. 

We use it as a BGP or prompt, as a telecom service provider. We have SP and TMS, and that is all our architecture.

We resell on-premise the Arbor edition and install at our customers' site, specifically the Availability Protection System (APS) system.

It protects huge attacks on our Internet system over our network. 

We provide more granular application protection using the APS system, which is located at customer sites.

Our concern is to provide flexibility. We decided to move to this DDoS solution. We wanted to install some local filtering service in the regions. We wanted to be able to add or remove some mitigation capacity to our regional services, which is vital for us. So, we decided to develop these new features to our DDoS service.

Every day or month, we have found some new attack, but I don't think that is very important. It is just the evolution of attacks. We fix it and make a description, so we will be aware when some new attacks come. I think that the Arbor DDoS and APS solutions are quite enough at the moment, as they mitigate all attacks that we face.

The most valuable feature is the ability to work in BGP. It is not important to provide all traffic in a mitigation system every time. We have a lot of customers, and only when a proxy is detected do we use it. This has reduced the cost of our solution. 

We would like the ability to decrypt APS traffic.

We need a SaaS model for the solution.

I opened a ticket with Arbor for the ability to localize numbers of our customers in BGP sessions. This has not been resolved.

We have been using Arbor DDoS for seven years, since 2013. 

It is quite stable. There are no major important bugs, though maybe some small ones. 

There are around five people who maintain it 24 hours a day.

It is quite scalable and effective. You can add new integration services quite easily. 

There are around 60 end users/customers of this solution.

They have good support. Tickets are resolved efficiently in time with Arbor engineers.

It was quite complicated and complex to set up. 

Several engineers were required to deploy it.

There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great.

The solution has a huge price, but we are a global company so we receive global pricing, which is why we chose Arbor. We also receive good prices for Russia.

We also bought the Sentinel feature to use its flow spec because we needed to know how much traffic will be mitigated on our borders. We haven't used it yet, but we are planning on using it in the Spring. We found that the combination of the Sentinel feature with Arbor DDoS going forward is the most important feature.

We do not use the Arbor Cloud DDoS solution because it is too costly. We decided to make our proprietary cloud solution designed by our company.

Several solutions were tested, then we chose Arbor DDoS.

We evaluated several solutions, like NSFOCUS, three months ago, and decided to continue to go with Arbor. Another solution was similar to Arbor because they have a very sophisticated mitigation system. However, they still don't have a system that can analyze traffic by BGP, and their solution was to integrate with Arbor. We decided not to do that. 

Arbor is the solution for telecom services on the market.

Arbor is still the leader versus many vendors and products, which is why we decided to integrate with the Arbor solution for another three years. The solution has met our requirements.

I would recommend using Arbor DDoS.

We will buy the next version on virtual machines. We will buy a server separately with the on-premise solution, then install it on our servers where it would be virtual.

We have been thinking about creating our own DDoS solution using firewalls from other vendors.

We are looking to buy two distributed servers this year that we will need to test locally.

I would rate this solution as an eight (out of 10). Arbor DDoS is a stable solution that fulfills our requirements for DDoS protection services.

The solution looks into volumetric attacks and gets them resolved.

The technical support engineers can create more labs within the environment. Real-case scenarios that have taken too long to resolve or were escalated can be directly converted into articles. It is highly possible that someone else may also face similar problems. Such articles will help people easily find a solution to their specific issues.

I have been using Arbor DDoS for seven years.

Arbor DDoS is a stable solution.

Arbor DDoS is a scalable solution. It can be used by small, medium and enterprise businesses.

The solution's integration is simple if you know the steps. If you don't know the steps, it becomes complex. It can become difficult depending on the layer, negotiation, and communication. If everything is laid out in software terms it is not difficult. You just need to follow the process. I would recommend the solution to other users.

Overall, I rate the solution a nine out of ten.

We use Arbor DDoS for network security defense.

The solution has blocked many attacks on our customer's systems that would have disrupted their operations.

Arbor DDoS is easy to use, provides effective blocking of DDoS attacks, and can be used for DNS, web, and main servers. Additionally, this solution is far easier to operate than others solutions, such as Fortinet DDoS.

I have been using Arbor DDoS for approximately four years.

The solution is very stable. In the time we have been using the solution we have not had any incidents.

We have not needed to scale the solution.

The regional support here in African could improve, such as marketing and account managers.

I have previously used Fortinet DDoS.

The solution is easy to deploy and takes approximately two days. It is easier to deploy than other solutions.

The price of this solution is a little high in the African market, it should be lower.

I rate Arbor DDoS an eight out of ten.

Arbor DDoS is not used for enterprise companies but by some other companies, including NIDC, a government entity.

Analytics and its attack mitigation capabilities are valuable features of the solution.

It is an expensive product, so there is room for improvement in terms of pricing.

I work for the sales department. So, I've been using Arbor DDoS for three to four years. My company has a partnership with Arbor.

The product is stable. I rate its stability a ten out of ten.

The product is scalable. I rate its stability a ten out of ten.

It is an expensive product. I use this product for its different features.

I rate the overall product a ten out of ten.

Our company uses the solution to protect applications such as web DNS and file servers from DDoS attacks coming through the Internet's application layer. 

We also protect our devices and components such as firewalls, IPSS, and WAFs. 

The stateless device format means that the box is very strong for preventing DDoS attacks.

The solution is user friendly and the graphical user interface can be used for everything without logging into the CLI.

The box includes embedded bypass modules so bypasses can be performed without outages.

Hardware modules do not need to be changed when upgrading licenses for additional capacity.

A behavioral traffic analyzer and SSL inspection tool need to be added. 

The solution needs to enhance its features to compete with other tools. Lately, Arbor has made some improvements but they are not ones that are expected or ones that would better align the solution with competitors. 

For example, the solution announced it was releasing SSL inspection in 2020. After a while, they realized the feature was failing so they stopped mentioning it and instead provided another solution which required purchase of a different box. This created a complex topology that is not cost efficient. I have to set aside extra budget so this is not an improvement or a solution for me. Competitors handle the same feature within their own single box.

I have been using the solution for five years.

The solution is really stable. It is the most stable device in our topology. 

Technical support is very good and responds quickly. If I get any box faults, one phone call gets me to an engineer for troubleshooting. 

I rate support an eight out of ten. 

Positive

I did not use other solutions. 

The setup not complex and a simple configuration takes about one hour. 

An advanced configuration takes up to twenty days because I run simulations and check results. It is not constant work but provides useful results. 

Our team of one system architect and three system engineers implemented the solution in-house. 

The solution's pricing is based on a licensing model that is expensive when compared to other tools. 

The first option is a DDoS or throughput license that never expires after purchase. You can use the box until its end of life. 

The second option is a subscription license that is purchased for one, three, or five years. It includes some additional features and services that are optional. 

Product or technical support is a separate license that must be renewed every one or three years. 

I have evaluated other solutions in a demo environment. 

Radware is the leading DDoS solution right now and a strong competitor. I found that its graphical interface is complex and hard to handle. It takes time to configure properly, is hard to read, and is poor for reporting. 

I recommend the solution and rate it a seven out of ten.

If the solution adds a behavioral traffic analyzer and SSL inspection tool, then I rate it a nine out of ten.