The solution is used for protection and to review any potential attack.
Presales Manager - Iraq and Jordan at a computer software company with 201-500 employees
A flexible, easy to implement solution with good customer support team
Pros and Cons
- "The solution is flexible, easy to implement and has an efficient technical support team."
- "The implementation should be made easier."
What is our primary use case?
What is most valuable?
The solution is flexible, easy to implement and has an efficient technical support team.
What needs improvement?
The implementation should be made easier.
For how long have I used the solution?
I have been using the solution for more than five years.
Buyer's Guide
Arbor DDoS
November 2024
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
What do I think about the stability of the solution?
It is a stable solution. It could be more stable depending on the upgrade of the software. I rate the stability an eight out of ten.
What do I think about the scalability of the solution?
It is a scalable solution.For the cloud version the scalability is ten out of ten but for the on-premises, it depends on the sizing of the file. The solution is best for medium sized enterprises. All our clients are medium -sized enterprises.
How are customer service and support?
The technical support is good.
How was the initial setup?
The initial setup is easy. It takes two days to be deployed. One or two engineers are required for the deployment depending on the use cases.
What was our ROI?
I see a Return on Investment.
What's my experience with pricing, setup cost, and licensing?
The pricing of the solution is cheap.
What other advice do I have?
I rate the overall solution an eight out of ten.
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
Owner at Ampec Data Service srl
We have no encountered any stability problems
Pros and Cons
- "The stability is okay and we have not encountered problems with the solution."
- "An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action."
What is our primary use case?
We receive work orders and implement them for the client. This we do in respects of MMSP solutions.
We do not help to integrate Arbor in other companies.
What needs improvement?
An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action. I wish to compare this with Fortinet DDoS, with which I am more familiar. This solution places more of an emphasis on the behavior of the traffic and provides a response in respects of the volume. But, it also learns the traffic behavior of the customer as concerns its response to other attacks.
I would like to see a feature concerning the response or one which addresses the need for behavior learning of the customer's traffic. I am sure Arbor is working on it.
For how long have I used the solution?
We've been using Arbor DDoS for three years.
What do I think about the stability of the solution?
The stability is okay and we have not encountered problems with the solution.
What do I think about the scalability of the solution?
As I mentioned, we only provide support in the role of technical operators, so the question about plans for increased usage should be directed towards the operator. He is in a position to say whether he has plans to sell more equipment to his customers. While the desire to desire to sell is not at issue, the willingness of people in this country to pay for the security is.
How are customer service and technical support?
We received from the customer, who is an operator, all of the technical knowledge needed to support NETSCOUT.
How was the initial setup?
The initial setup was okay and did not take long.
What's my experience with pricing, setup cost, and licensing?
The licensing of a complete Arbor solution, including fire-walling and unified site management, can get expensive. This is a cost-benefit scenario in which the risk of losing everything must be weighed against the increased expense of the solution. This decision lies with the end customer and it depends on his protection policy. Apparently, taking protective measures is not prevalent in our culture, as people have a tendency to think that they will not be the target of an attack, even though this may be the ultimate result.
What other advice do I have?
I believe we have 10 or 15 users who are working with the solution.
I rate Arbor DDoS as a ten out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Arbor DDoS
November 2024
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,406 professionals have used our research since 2012.
We're able to develop threshold values for clients' servers to help flag suspicious traffic
Pros and Cons
- "There are a number of valuable features in this product, like Cloud Signaling and Threat Intelligence feeds."
- "Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning."
What is our primary use case?
Our primary use case is developing threshold values for all groups. We use it to analyze packets to build a use-case for when a server group hits the limit of incoming traffic. In such a case we suspect traffic.
We use it to build use-case scenarios, based on the server input and a client's requirements. Some clients have a number of users accessing a given server which affects the bandwidth. In each case, we need to tell DDoS what is considered legitimate traffic.
How has it helped my organization?
It prevents all unwanted or malicious traffic, using the Threat Intelligence feeds.
What is most valuable?
There are a number of valuable features in this product, like Cloud Signaling and Threat Intelligence feeds.
There are two modes in the product: The first is a learning mode and the other is a production mode. First, we learn the traffic using the learning mode. We use it to fine-tune what is suspicious data and what is legitimate traffic.
What needs improvement?
Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning. Self-learning would be an improvement.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
The stability of Arbor DDoS is good. It's not that complex as a product and stability is not an issue.
What do I think about the scalability of the solution?
The scalability is good. Configuration-wise, an administrator could create issues. But the product itself is good.
I have implemented it multiple times in industries like oil and gas, banking, and insurance.
How is customer service and technical support?
The response from Arbor's technical support is good. They respond within two days.
How was the initial setup?
The initial setup is straightforward. It's very simple. I have deployed the product for multiple clients. Implementation takes less than three to four hours, but the fine-tuning takes some time, based on the organization's needs. That can take more than a month.
Our implementation strategy is based on how many servers and groups there are and what kind of traffic is coming to/from the internet. These are the factors that affect how we deploy it. Deployment requires two to three consultants who are security architects. For maintenance, one administrator is fine.
What's my experience with pricing, setup cost, and licensing?
Licensing is based on features, I believe.
What other advice do I have?
Implementation is very easy but making the product work optimally is more difficult.
It's the best product. I would rate it at eight out of ten. There are some minor issues with blocking legitimate traffic and that's why it's not a ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
Security Consultant with 51-200 employees
Operating the solution is easy, it's just one dashboard with mitigation
Pros and Cons
- "It's just one dashboard with mitigation. You decide which mitigation you want and at what threshold to do this or that. Its operation is pretty simple. It's easy."
- "For troubleshooting problems, it's not so intuitive. It's not straightforward. This is the core of their kernel, so they need to improve it a little bit... In F5 I have full control of everything."
What is our primary use case?
I work at the service provider level. I did a deployment at a multinational telecommunications company. They have network separation, and each network has its own SP which is a controller, the "mind" of the solution, and multiple TMS's, which are the scrubbing centers for the illegal traffic. They are forwarding suspected denial-of-service traffic to the scrubbing centers, based on the SP intelligence. It will scrub the data and forward it to the normal traffic after mitigating the denial-of-service attack.
How has it helped my organization?
I work as a security consultant and integrator. We deploy Arbor for our customers. Arbor is a great network service solution. Most of the bigger enterprises or service providers use Arbor. I don't think there's another option.
What is most valuable?
The DDoS mitigation. There is no other feature.
It's just one dashboard with mitigation. You decide which mitigation you want and at what threshold to do this or that. Its operation is pretty simple. It's easy. Once you deploy it, you're optimizing your network and using the solution to its fullest.
What needs improvement?
For troubleshooting problems, it's not so intuitive. It's not straightforward. This is the core of their kernel, so they need to improve it a little bit. I don't have a specific example, but I don't feel comfortable troubleshooting Arbor issues. You don't have full control of the system. I also work on F5 in which you have access to the kernel, bare-bones Linux, so you can do whatever you want. Maybe this is a security hazard. Someone may miss something with F5, but for me, as troubleshooter, I have full control of everything. On Arbor, you don't have the same type of control.
But otherwise, from a user perspective, it's pretty straightforward.
For how long have I used the solution?
One to three years.
What do I think about the stability of the solution?
It's pretty stable. Every now and then you'll hit a bug, but it's pretty stable.
What do I think about the scalability of the solution?
Scalability is pretty good because you have the SP, which is a controller, and you can add TMS's based on your needs.
There's a problem when using Arbor, but it's mostly not related to Arbor itself, it's connected to scaling. What happens is, you will design a deployment and, after some time, you find that the deployment is not enough for the throughput of your network. Then you have CPU spikes, memory spikes, and some other issues.
How are customer service and technical support?
Tech support is very good. On a scale of one to ten, they are a seven to eight. They're very responsive. Compared to most of the vendors, they're pretty good. The quality of the people handling the tickets is high.
Which solution did I use previously and why did I switch?
I used Juniper and F5, but F5 is not an on-premise solution. They have multiple protections but it's not a full-blown solution. We still offer F5.
When I joined this company I found that they work with Arbor. They told me there's something called Arbor and I had to do a deployment and start working with it.
How was the initial setup?
The complexity of the initial setup depends. If you have a simple network, the deployment will be easy, but if you have something more complex and you are trying to inject Arbor, it won't be easy. Most likely, you'll do it as Layer 2, and you have VRFs and VLANs. After the design is complete, the configuration will be straightforward, but the design part is not easy. That's not about Arbor itself, it's about how big networks work.
The implementation strategy also depends. Every service provider and big enterprise has its own type of networks and its own type of logical flow. So there's no standard strategy.
The last implementation I did took about two months. But again, it's not about the deployment itself, it's about the meetings, the design part, meeting with other teams. After two months it was up and running. Before that, the first one I did, took three months, but we had two SPs and eight TMS's in different data centers, so it was quite a big implementation.
When it's a service provider, multiple teams handle multiple things, so you have to have one person from every team to sit in a meeting; everyone has his own concept or his own ideas. After a couple of meetings, after a couple of suggestions, and after checking if what was discussed is possible, if it is the better option, it can go well.
In terms of staff for deployment, it's mostly a one-person job. For day-to-day administration, it takes three to four people. They would need security backgrounds, SOC or security device managers.
What was our ROI?
I don't have visibility into customers' ROI but the potential is there for ROI because denial of service is the number-one attack that can destroy your reputation and destroy your business. If you're safe from that type of attack, it's really good for your business and your investment.
What's my experience with pricing, setup cost, and licensing?
To be honest, I don't care about numbers. I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost.
What other advice do I have?
Try to design it properly for injecting it into a network. If not, it could be that when you deploy it you will cause a "black hole" in your network and everything will go down. That has happened. In the case where it happened, it had something to do with routing. Arbor was injecting traffic to the TMS's but the TMS's were not able to forward the traffic to its original source.
I rate Arbor DDoS at eight out of ten. For me, that's a pretty high rating because nothing is a nine. It's still a new solution and they're developing it. Every couple of months there's a new release with bug-fixes or some new way to do stuff. They're investing in the solution. Symantec Blue Coat is good, for example, but for quite some time there has been no development. Even with the recent version, there is nothing that different in Blue Coat. For a dynamic environment, you have to have a vendor that you can trust.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
IT Security Manager at a comms service provider with 501-1,000 employees
It helped us to find the best IP network route to reach countries with low latency.
What is most valuable?
- As an ISP, it is important to know from where the traffic comes so as to neutralize any attacks.
- The Arbor Networks SP device provided great visualization of the network traffic.
- Arbor Networks TMS is for cleaning the DDoS traffic, which is used sparsely.
How has it helped my organization?
The Arbor Networks SP device allowed us to optimize the network traffic. For example, it helped us to find the best IP network route to reach certain countries with low latency.
What needs improvement?
My opinion is that these Arbor devices should be scalable, in terms of the hardware.
Network bandwidth is rapidly increasing. Therefore, it is not practical to predict the network traffic as what it will be in five years time and also, to accordingly plan the required hardware specifications.
For how long have I used the solution?
I have been using this solution since 2009.
We have been using the Arbor Peakflow SP CP-5000 and Arbor Peakflow TMS 2700.
What do I think about the stability of the solution?
Both the devices were very stable at the operation.
What do I think about the scalability of the solution?
Unfortunately, these devices are not scalable and we have to upgrade to the next model in order to increase the threat mitigation capabilities.
How are customer service and technical support?
We’ve received technical support mainly from Thailand. The guy who supported us was very competent with the products.
Which solution did I use previously and why did I switch?
We were not using any other solution before.
How was the initial setup?
The initial IP configuration has to be done in a command line, but the rest you can do via the web interface.
What's my experience with pricing, setup cost, and licensing?
As a comparatively medium-scale ISP, we struggled with the license restrictions. By default, the Arbor SP device has only five licenses, which means only five routers can be integrated.
Which other solutions did I evaluate?
At that time (2008-09), when we checked the other options, there was not even a single product vendor that had the ability to do both network traffic analysis and DDoS traffic cleansing.
There were other proposals such as Radware and Cisco Guard for DDOS protection.
What other advice do I have?
It is vital to identify the number of routers that are going to be integrated and the scrubbing capacity required for the expected lifetime of the product, as it is not scalable once you have purchased it.
For others who expect to implement Arbor, the key prerequisite is to identify the network devices that are going to integrate, since it will dictate the licensing. Since it is not scalable, so users should have to get this right before purchasing the product.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Client Sales Manager at TIGER LOGIC
Highly reliable, scales well, and good support
Pros and Cons
- "The technical support of Arbor DDoS is good."
- "Arbor DDoS could improve out-of-the-box reporting, it could be better."
What is our primary use case?
Arbor DDoS is used for network protection if you have a DDoS attack, it keeps the session or information moving.
Arbor DDoS is a combination of a physical appliance and the cloud, and it's combined in their subscription.
What needs improvement?
Arbor DDoS could improve out-of-the-box reporting, it could be better.
For how long have I used the solution?
I have used Arbor DDoS within the last 12 months.
What do I think about the stability of the solution?
Arbor DDoS is highly stable.
What do I think about the scalability of the solution?
Arbor DDoS is able to increase your bandwidth. You can scale less than 50 percent, but if you are scaling above 100 percent it will not be flexible. You have to get a bigger appliance, which will be at a discount rate. It is scalability in the technical and commercial sense.
How are customer service and support?
The technical support of Arbor DDoS is good.
How was the initial setup?
The initial setup of Arbor DDoS is straightforward, and it took approximately five days to implement.
What's my experience with pricing, setup cost, and licensing?
The price of Arbor DDoS depends on many parameters. It depends on the physical capacity of the environment, and it is not a straight-line price. It's fairly competitive in the market on the price.
What other advice do I have?
I would recommend this solution to others.
I rate Arbor DDoS a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer:
Cloud Security Specialist at a tech services company with 11-50 employees
Cloud Signalling enables us to synchronize with on-premise solutions
Pros and Cons
- "The look and feel of the management console is a little old, excessively simple. If you compare it with other solutions, the look and feel of the console is like you're using technology from five or six years ago. It doesn't show all the technology that is actually behind it. It looks like an older solution, even though it is not."
What is our primary use case?
The main focus was DDoS protection.
How has it helped my organization?
Some months ago, in Mexico, we had presidential elections. At that time it was very important to deny DDoS attacks, especially on the platform for counting votes in the election. This solution was good for our customers.
What is most valuable?
- AIF
- Cloud Signalling - In my previous environment, we worked with Arbor as a carrier but in my current company some of our customers have the solution on-premise and we have to synchronize the solution with the Arbor solution that our customers have in their enterprises. The ability to work with the Arbor solution on the carrier side and on-premise provides solutions for both types of customers.
What needs improvement?
The look and feel of the management console is a little old, excessively simple. If you compare it with other solutions, the look and feel of the console is like you're using technology from five or six years ago. It doesn't show all the technology that is actually behind it. It looks like an older solution, even though it is not.
The first impression needs to be more mature. It needs to be something that you would be proud to show someone. If you have a visitor to your SOC and you show him your installation, you need something more impressive. The look and feel of other brands is really nice, while Arbor is really simple. It's a good solution but not as spectacular as others. It's a matter of marketing, not performance.
For how long have I used the solution?
Three to five years.
What do I think about the stability of the solution?
The product is very stable.
What do I think about the scalability of the solution?
The scalability is really amazing. That was part of the equation for one particular customer. When they understood how the bandwidth can be shared between different branches of their backbone, that they could really grow by correctly re-routing traffic, they were really happy with the solution.
How are customer service and technical support?
My interaction with tech support was really nice. I used to be part of HPE some time ago and I understand how those kinds of companies work. You have to have all the requirements before you make an appointment with the engineers. When we followed up with all the requirements that Arbor needed, the process was very straightforward.
In terms of submitting a ticket, they are responsive and knowledgeable. They are very experienced people.
Which solution did I use previously and why did I switch?
My former company didn't have a previous solution. The company was new in Mexico and there were many considerations regarding government involvement in the industry, so security considerations were not there at that time.
Arbor is the official solution for my former company, worldwide. Also, Arbor was sold as OEM as part of Cisco, and Cisco has a very strong position in that company. Both of those facts helped push the Arbor solution there.
How was the initial setup?
The setup is very straightforward, once the final architecture is decided.
However, the decision regarding the final architecture was not very simple because the carrier environment is very complex. In addition, at the time, the carrier I was working for bought another small carrier and was doing the integration between both their installations and backbones. That was very complex. But once all those details were decided, the placement of the Arbor solution was very straightforward.
The setup work and testing of the Arbor solution took about three to four weeks, not including all the pre-planning and architecture discussions.
What about the implementation team?
I played a part, but Arbor engineers do the whole installation process. I helped as much as I could but Arbor wants the implementation done by Arbor techs. I helped with some minor activities.
For the deployment, there was one senior engineer and one junior engineer. On our side, there were a number of people, me and a couple of other engineers. And when we tested the mitigation between different branches, there were three Arbor engineers with us.
What's my experience with pricing, setup cost, and licensing?
Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general.
What other advice do I have?
Don't worry that it is complex because, out-of-the-box, it protects you from the basics. Just open it and connect, that's all you have to do. But if you are making an investment of this type because you have to be protected against all scenarios, you have two options: close support from Arbor or a specialized engineer. If you have those resources, all the rest is very straightforward. It becomes a simple solution that can give you good results.
I give the solution a nine out of ten. I try to put myself in the shoes of our company's owner. If a solution is simple to operate and gives good results, it's good for me. The solution needs to do what it's supposed to do and be simple to manage.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Cyber Security Analyst at a tech services company with 10,001+ employees
The implementation was done by a vendor team, and they were excellent
Pros and Cons
- "Predefined filters/techniques to easily stop the attacks and start mitigation."
- "Auto mitigation is a feature provided when DDoS is observed on any of link/customer (configured under auto mitigation). It automatically starts mitigation with default filters. In default filter mode, there could be an impact on the customer’s link,"
What is most valuable?
- Very user-friendly GUI
- Simplest way of mitigation
- Predefined filters/techniques to easily stop the attacks and start mitigation.
How has it helped my organization?
My last project was with the biggest banks of India (almost all of them) and MNC, so it helped us to protect their network from present DoS/DDoS attacks.
What needs improvement?
Auto mitigation is a feature provided when DDoS is observed on any of link/customer (configured under auto mitigation). It automatically starts mitigation with default filters. In default filter mode, there could be an impact on the customer’s link,
E.g., if we have enabled monitoring of internal traffic for that link/customer, it starts mitigation on legitimate traffic. It can also creates looping in the network for any misconfiguration, which can impact the ISP’s internal network and the customer's link utilization.
For how long have I used the solution?
Two years.
What was my experience with deployment of the solution?
No issues.
What do I think about the stability of the solution?
No issues.
What do I think about the scalability of the solution?
No issues.
How are customer service and technical support?
Customer Service:
A seven out of 10, because response times from Arbor TAC are little higher.
Technical Support:An eight out of 10. Very good.
Which solution did I use previously and why did I switch?
Not applicable.
How was the initial setup?
Not applicable.
What about the implementation team?
The implementation was done by Arbor itself. They were excellent.
What was our ROI?
Not applicable.
What's my experience with pricing, setup cost, and licensing?
Not applicable.
Which other solutions did I evaluate?
Not applicable.
What other advice do I have?
Be in direct contact with Arbor TAC rather than choosing a vendor in-between.
Disclosure: My company has a business relationship with this vendor other than being a customer: We protect our internal network as well as customers.
Buyer's Guide
Download our free Arbor DDoS Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Product Categories
Distributed Denial of Service (DDOS) ProtectionPopular Comparisons
Cloudflare
Cloudflare SASE & SSE Platform
Imperva DDoS
Akamai App and API Protector
Radware DefensePro
Azure DDoS Protection
AWS Shield
Fastly
F5 Silverline Managed Services
Prolexic
Fortinet FortiDDoS
Kentik
Corero
Nexusguard DDoS Protection
A10 Thunder TPS
Buyer's Guide
Download our free Arbor DDoS Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Prolexic vs. Arbor Networks: How do they compare?
- What is the biggest difference between Arbor and Radware?
- What are the differences between Arbor DDoS and Fortinet FortiDDos?
- We are looking at managed DNS providers and want to know what others are using
- Prolexic vs. Arbor Networks: How do they compare?
- Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
- How does a WAF help to protect against DDoS attacks?
- DDoS solutions: Any other solutions to consider aside from Radware DefensePro and F5 Silverline DDoS Protection?
- Which is the best DDoS solution and why?
- What is the difference between denial of service and distributed denial of service?
I am an Arbor employee.
Licensing has been made much more flexible in recent years, and price-per-gigabit of mitigation capacity has gone down consistently. New models, both hardware- and software-based have been added to improve scalability.