Senior Network Security Engineer at a tech services company with 501-1,000 employees
Real User
Top 10
Dec 10, 2025
We are still working with Fortinet right now for our different products. We are using FortiSOAR but this is a separate department, and I am not handling that one. We are working with FortiGate, different hardware, FortiAnalyzer, FortiWeb, and FortiEMS. We are not currently working with FortiSOAR. Traffic scrubbing works on a backend. The main benefits Arbor DDoS provides for me are definitely a good point. I give this review a rating of 10.
Regarding flexibility in deployment options, Arbor DDoS has all flavors depending on the customer. If they have on-premises data centers, they will buy the Arbor DDoS on-premises solutions. If the customer is hosting applications on the cloud, they will buy Arbor DDoS cloud. The integration capabilities of Arbor DDoS are simple but not complex because Arbor DDoS doesn't need huge or complex integrations. It is very simple and straightforward. For my customers, I recommend Arbor DDoS. Arbor DDoS and F5 are my preferred vendors in this technology. I rate Arbor DDoS eight out of ten.
Last year in Argentina, the smallest ISP was attacked, and they are searching for a solution. I highly recommend Arbor DDoS to others. On a scale of 1 to 10, I would rate the overall solution a 10.
I recommend using Arbor DDoS for those wanting to keep their services online. The biggest advantage is the fast mitigation of DDoS attacks. I rate the overall solution a ten out of ten.
Generally, I would recommend ArborDDoS to others. Any solution in cybersecurity needs experienced people. It would be a good fit also for non-senior engineers, but not for fresh ones. I'd rate the solution ten out of ten.
System Administrator at a tech vendor with 10,001+ employees
MSP
Top 20
Sep 10, 2024
The solution's integration is simple if you know the steps. If you don't know the steps, it becomes complex. It can become difficult depending on the layer, negotiation, and communication. If everything is laid out in software terms it is not difficult. You just need to follow the process. I would recommend the solution to other users. Overall, I rate the solution a nine out of ten.
Information Security Analyst at a financial services firm with 1,001-5,000 employees
Real User
Apr 18, 2019
Go for the latest appliances. We do have plans to increase our usage of this type of solution, but now there are a lot of other services coming up so we are looking in parallel at other stuff, for other functionalities and features from Arbor itself. I rate Arbor DDoS at eight out of ten. They have done a considerable amount of development in the last few years when it comes to features. However, there is a restriction when the environment is hosted in the cloud and it is on-prem, so there a challenge there: The full-fledged features don't comply with certain requirements. There are always challenges.
Team Lead for DDoS Protection at a comms service provider with 10,001+ employees
Real User
Dec 19, 2018
Go for it. It's one of the best solutions you can get for DDoS. It doesn't matter what services you're going to use. As long as you have the whole solution, the TMS and everything in-house, it's the best solution. We have a team of 12 to deploy and monitor the solution; we have three shifts running around the clock. They monitor the system alerts. They monitor the websites using the controls that we have to protect the clients. If one of them catches an attack, there is a high-alert flag and we focus on the attack to see if it has been mitigated or not. If it needs anything, if it needs some tweaking, we have two resources on each watch, a senior resource and a junior. The junior one keeps on monitoring. The senior one comes in whenever there is something to correct or if something needs to be changed in the system. For ISPs, Arbor DDoS would be the best solution. For smaller organizations, we can buy the services from Amazon for DDoS protection, and there's Cloudflare. But for ISPs, it's better to have Arbor DDoS because we have everything in-house. ISPs like ours have almost 120 gig bandwidth. For throughput, it's the best one. We don't have plans to increase usage currently because when we brought the solution four years ago, we measured it a lot. We bought more than what we needed. The plan is to improve the human operability on the system itself. Things look smooth, but you cannot rely on two or three people. We have to have redundancy in the human workforce. We're planning to expand the team so that we don't need to hire any fresh resources and train them from the start. These services are very expensive and our customers are expecting a perfect solution.
Product Specialist at a comms service provider with 501-1,000 employees
Real User
Nov 15, 2023
Suppose I discuss my experience and my customers' feedback about Arbor DDoS. In that case, I can say that we all are very satisfied with the solution in terms of the performance and the technology itself, like DDoS mitigation techniques for applications starting from Layer 1 to Layer 7. The cloud scrubbing center offered by Arbor DDoS is amazing, as it has reached up to 11 TB. Arbor DDoS offers very nice support. The only issue with the product is when it comes to its integration capabilities with other technologies, an area where I think Arbor DDoS is working on currently. My company has recently dealt with some incidents when it comes to integrating Arbor DDoS with our SIEM solution, and we saw that there were some issues that Arbor DDoS fixed. I rate the overall tool an eight out of ten.
Security Consultant at a tech vendor with 11-50 employees
Reseller
Jul 21, 2023
I do not expand the product. The products are usually standalone products. People should use the product. Overall, I rate the solution an eight out of ten.
Arbor and other Netscout products are almost like Cisco. You configure them once and you can leave them in the data center forever and never do anything on them again. Issues with stability and other unexpected things barely happen ever. Regardless of how big your organization is, if you provide some sort of services towards the internet or towards clients, you will benefit from DDoS protection and Arbor especially. They have boxes that are really affordable. Arbor can be deployed as hybrid solution, but the company's main business model is deploying their appliances on premises. The good thing about Arbor and Netscout is that they are able to incorporate taxi and streaks external feeds into their devices. That makes them really flexible not towards their own IP intelligence, but you can streamline the additional information from multiple different open source or paid sources. They are well rounded in terms of features. Their portfolio covers network visibility, pocket brokers, and similar stuff.
Network Security Engineer at a tech vendor with 11-50 employees
Reseller
Oct 26, 2022
I recommend the solution and rate it a seven out of ten. If the solution adds a behavioral traffic analyzer and SSL inspection tool, then I rate it a nine out of ten.
Information Security Officer at a financial services firm with 51-200 employees
Real User
May 14, 2021
I would advise others to do a proof of concept. That's a good way to choose a solution. We did a proof of concept, and it gave us a good idea, so I would advise others to do that. I would rate Arbor DDoS a nine out of ten. I am really happy with this solution.
Sr. Manager at a energy/utilities company with 10,001+ employees
Real User
Feb 10, 2021
Arbor's hybrid approach to DDoS protection is both an advantage and a disadvantage. Sometimes it is not able to filter traffic adequately because of the hybrid approach. It only takes action after a bit of time. It starts acting on malicious traffic a little bit late because of the hybrid approach. On the other hand, after seeing all the aspects, the analysis is sensible and perfect. So it depends on from which side we look at this feature. Network layer DDoS attacks are absolutely big. DDoS attacks cannot be mitigated instantly, it takes time. You have to be very aware of your network and about which machine an attack has reached, and what the network architecture is. All those aspects are responsible for the impact of DDoS attacks. Arbor is not absolute but, comparatively, I find it to be an effective solution. Overall, it's a great product. It is a very effective product in terms of dealing with DDoS attacks, whether it is network layer attacks or application layer attacks. But it is better in network layer DDoS attacks. It is among the best.
It is not just about the features alone, it is about how smoothly you will be able to deploy the solution, e.g., the availability of the product and how the OEM is maintaining the relationship with its customer. There are multiple factors that need to be considered. "This is not just a one-time sale. It's about how easily the systems are available, and how well your partner is able to support you and provide lifecycle management."
Traffic Management skill center at a comms service provider with 10,001+ employees
Real User
Jan 19, 2021
I would advise potential users to try the NETSCOUT Arbor DDoS system but also to check on other solutions. On a scale from one to ten, I would give Arbor DDoS a seven.
Engineer at a comms service provider with 10,001+ employees
Real User
Jan 17, 2021
I would recommend using Arbor DDoS. We will buy the next version on virtual machines. We will buy a server separately with the on-premise solution, then install it on our servers where it would be virtual. We have been thinking about creating our own DDoS solution using firewalls from other vendors. We are looking to buy two distributed servers this year that we will need to test locally. I would rate this solution as an eight (out of 10). Arbor DDoS is a stable solution that fulfills our requirements for DDoS protection services.
Network Security Architecture at a financial services firm with 501-1,000 employees
Real User
Dec 22, 2020
My advice is "Go for it." It's a great tool. If you're concerned about the availability of your services, I highly recommend it, without any hesitation. If you regard your brand or organization as valuable, then Arbor is the tool for you.
Talk with their sales engineers and understand the different uses of Arbor. If you're just looking just for a pure DDoS product, there may be other solutions within Arbor that are better to use, or different feeds that may be beneficial. Maybe you're more into capacity planning or peering analysis, and there are other things in addition to those that you can do with Arbor. If you're buying it for DDoS, you still do capacity planning and peer evaluation for the same cost using the same license. But what I've found with other people that use the product is they're single-use. Some buy it for DDoS and only use it for DDoS. They don't take into account the other information that they could be pulling from it. The sheer amount of traffic that's out there in the network is one of the biggest things I've learned from using the solution. Looking at north-south traffic, traffic coming into our data centers and out of our data centers, it's a lot higher than what we had thought we would see when we first started using Arbor. It helped us to provide an infrastructure that was future-proof. Before we started understanding the different uses of Arbor, we would upgrade our routers on the edge, only to have to upgrade two or three years later when the actual router was still viable but it just wasn't able to control or handle the capacity. Now, we're able to put devices in place that are future-proof and that reduces our costs by not having to replace those devices every so often because they ran out of bandwidth. Another thing we found was the number of bad actors that were living within our environment. When cloud first started popping up, everybody rushed to get their own clouds up and running. What wasn't taken into account was that there was a lot of malicious traffic that was being generated by these types of environments. They gave us a better understanding of cloud computing and the security issues that we would be facing as we tried to expand that environment. Sightline with Sentinel does not yet communicate information upstream to our service provider around attacks, so that they can stop the attack closer to the attacker. It's something that we've been working on with Arbor for many years. There are some programs out there that Arbor is working on where we can communicate with other deployments that have Arbor. From the engineering perspective, we're all for it, not only at my company but even at the major Tier-1s. It's when you get up to higher management that we hit the roadblocks. Everybody in security wants to share information, but nobody wants to say anything either. More and more people are coming around to the idea that they need some type of DDoS protection as part of their security posture. We tell customers that there's no one silver bullet out there that's going to do it all. Arbor does a great job of mitigating DoS attacks but we don't want to do all the blocking with Arbor devices, so further down the stack you want load balancers and firewalls to help you out. The fact that Arbor has been in DDoS visibility and protection for more than 10 years definitely affects our confidence in it. I've been with other providers that use Arbor as well and that's one of the things that is always brought up, the confidence level. Deploying this on my network and the visibility it's going to give me is hands-down better, compared to an up and coming cheaper product that may claim to have better abilities to mitigate DDoS attacks. But they don't have the visibility that you really need. That's the key asset that Arbor has because they've been in the business for so long and have these great relationships with these big Tier-1 providers. They're not only able to provide the necessary equipment but, more importantly, the knowledge that comes with it. At the root of things, all DDoS vendors basically do the same thing, they drop traffic. It's the knowledge of what type of traffic to drop that is extremely important, to me and others who are in the same business. When you have visibility into one-third of the global internet, you have great visibility into what's going to happen in the future as well. I would give Arbor DDoS a nine out of 10. There's always room for improvement. With DDoS products, there's always an evolving merry-go-round of different attacks. For me, giving it a 10 would be that silver bullet where it is going to handle all your attacks. Arbor will be straightforward with you and let you know that it's not that silver bullet and that there are times when its system is not the best system for the use that you have. One of the downfalls, at least on our site, has been that its visibility into the application layer in the monitoring mode is not the best, and that's because it's sampling traffic. Once it's in a mitigation and seeing packet-for-packet, it's devastating to see the amount of information you can pull. That's why we've gone ahead and implemented different Arbor devices lower down, closer to the application, to give us even more visibility.
“Every employee should be educated in best practice procedures, starting with basics like clever password combinations and then going into details of how different attacks work, emphasising ways to recognise social engineering tactics. Businesses must also demonstrate the potential impact of a breach occurring, which can help establish personal responsibility. Crucially, businesses shouldn’t just focus on prevention. Employees also need to understand best practice in minimising the damage should a breach occurs
Product Manager, MSx Security Services at TPx Communications
MSP
Mar 15, 2020
Work with Arbor. They have great people to help you make sure it's implemented correctly. And they also have a great training team to help you understand the solution and use it to its fullest advantages. The biggest thing I have learned from using the solution is seeing all the different types of denial of service attacks that are out there. I have come to understand that they will come in waves and that certain types of customers are more prone to attack than others. It also lets us understand traffic flows on our network, as far as the usual traffic goes. We can understand what our network looks like. What it looks like at 1:00 pm is very different then what it looks like at 3:00 am. The solution helps us understand that. The users of Arbor DDoS in our company are only a handful of technicians. Our NOC and some of our security people, engineers, are in there, but it protects tens of thousands of customers for us. For deployment and maintenance of this solution we require two security engineers. They maintain the system and make any configuration changes, if necessary. They handle regular maintenance, if necessary, although it's pretty minimal. I would rate this product as an eleven out of 10.
Security Consultant at a tech services company with 10,001+ employees
Real User
Dec 19, 2018
Implementation is very easy but making the product work optimally is more difficult. It's the best product. I would rate it at eight out of ten. There are some minor issues with blocking legitimate traffic and that's why it's not a ten.
Try to design it properly for injecting it into a network. If not, it could be that when you deploy it you will cause a "black hole" in your network and everything will go down. That has happened. In the case where it happened, it had something to do with routing. Arbor was injecting traffic to the TMS's but the TMS's were not able to forward the traffic to its original source. I rate Arbor DDoS at eight out of ten. For me, that's a pretty high rating because nothing is a nine. It's still a new solution and they're developing it. Every couple of months there's a new release with bug-fixes or some new way to do stuff. They're investing in the solution. Symantec Blue Coat is good, for example, but for quite some time there has been no development. Even with the recent version, there is nothing that different in Blue Coat. For a dynamic environment, you have to have a vendor that you can trust.
I would recommend Arbor's solution. I like it. In terms of increasing the usage of Arbor, when we expand our networks, we open new sites or data centers, we always use Arbor. In the future, if expand out, we will use it again. I rate it a nine out of ten because I have been using it for about eight years and it's very user-friendly, troubleshooting is good, and the reporting side is also good. It's easy to deploy and our customer feedback has been good. It's just that the pricing is very expensive, so I give it a nine.
Technical Lead - DEVSECOPS with 1,001-5,000 employees
Real User
Dec 2, 2018
We have two teams that work with it. There is the maintenance team and we are the team that takes action. I would rate Arbor DDoS at eight out of ten. It's stable, it's scalable, and it can handle complex environments.
Manager IP Services at a tech company with 10,001+ employees
Real User
Dec 2, 2018
Arbor has a global ranking and global recognition. Whenever you do a search on Google, you can find Arbor on the top three or top five DDoS protection vendors. Obviously, Arbor is very reliable.
Security Expert at a comms service provider with 10,001+ employees
Real User
Dec 2, 2018
Arbor is very good at what it does. If you have enough budget you can apply it to your infrastructure and use its flexibility and reporting features very well. But if you don't have the budget and you don't expand the budget for the coming next years, I suggest not getting in touch with Arbor. Five or six engineers can log in to devices, but in our company two people are managing infrastructure. There are always ways to optimize it, but we have been working for two years to optimize it and it's in a good situation compared to two years ago. I would rate it a seven out of ten. My rating is based on the general problems that we had and the solutions for them, as well as the daily stability of these devices. We are using nearly all the features of Arbor. Currently, they are enough for us, but in the future, if there are different kinds of DDoS attacks I believe that Arbor DDoS will also take action against them.
Cloud Security Specialist at a tech services company with 11-50 employees
Real User
Oct 29, 2018
Don't worry that it is complex because, out-of-the-box, it protects you from the basics. Just open it and connect, that's all you have to do. But if you are making an investment of this type because you have to be protected against all scenarios, you have two options: close support from Arbor or a specialized engineer. If you have those resources, all the rest is very straightforward. It becomes a simple solution that can give you good results. I give the solution a nine out of ten. I try to put myself in the shoes of our company's owner. If a solution is simple to operate and gives good results, it's good for me. The solution needs to do what it's supposed to do and be simple to manage.
Arbor DDoS offers a comprehensive defense system against DDoS attacks, integrating a user-friendly GUI and advanced threat mitigation technologies for enhanced network protection.Arbor DDoS is recognized for its ability to manage high-volume DDoS attacks efficiently, providing extensive protection through real-time traffic analysis and automated threat detection. It utilizes advanced techniques such as blackhole and BGP Flowspec for effective threat management. Arbor's cloud signaling allows...
We are still working with Fortinet right now for our different products. We are using FortiSOAR but this is a separate department, and I am not handling that one. We are working with FortiGate, different hardware, FortiAnalyzer, FortiWeb, and FortiEMS. We are not currently working with FortiSOAR. Traffic scrubbing works on a backend. The main benefits Arbor DDoS provides for me are definitely a good point. I give this review a rating of 10.
Regarding flexibility in deployment options, Arbor DDoS has all flavors depending on the customer. If they have on-premises data centers, they will buy the Arbor DDoS on-premises solutions. If the customer is hosting applications on the cloud, they will buy Arbor DDoS cloud. The integration capabilities of Arbor DDoS are simple but not complex because Arbor DDoS doesn't need huge or complex integrations. It is very simple and straightforward. For my customers, I recommend Arbor DDoS. Arbor DDoS and F5 are my preferred vendors in this technology. I rate Arbor DDoS eight out of ten.
The total rating for Arbor DDoS is 9.5 out of 10.
Last year in Argentina, the smallest ISP was attacked, and they are searching for a solution. I highly recommend Arbor DDoS to others. On a scale of 1 to 10, I would rate the overall solution a 10.
I recommend using Arbor DDoS for those wanting to keep their services online. The biggest advantage is the fast mitigation of DDoS attacks. I rate the overall solution a ten out of ten.
Generally, I would recommend ArborDDoS to others. Any solution in cybersecurity needs experienced people. It would be a good fit also for non-senior engineers, but not for fresh ones. I'd rate the solution ten out of ten.
The solution's integration is simple if you know the steps. If you don't know the steps, it becomes complex. It can become difficult depending on the layer, negotiation, and communication. If everything is laid out in software terms it is not difficult. You just need to follow the process. I would recommend the solution to other users. Overall, I rate the solution a nine out of ten.
Go for the latest appliances. We do have plans to increase our usage of this type of solution, but now there are a lot of other services coming up so we are looking in parallel at other stuff, for other functionalities and features from Arbor itself. I rate Arbor DDoS at eight out of ten. They have done a considerable amount of development in the last few years when it comes to features. However, there is a restriction when the environment is hosted in the cloud and it is on-prem, so there a challenge there: The full-fledged features don't comply with certain requirements. There are always challenges.
Go for it. It's one of the best solutions you can get for DDoS. It doesn't matter what services you're going to use. As long as you have the whole solution, the TMS and everything in-house, it's the best solution. We have a team of 12 to deploy and monitor the solution; we have three shifts running around the clock. They monitor the system alerts. They monitor the websites using the controls that we have to protect the clients. If one of them catches an attack, there is a high-alert flag and we focus on the attack to see if it has been mitigated or not. If it needs anything, if it needs some tweaking, we have two resources on each watch, a senior resource and a junior. The junior one keeps on monitoring. The senior one comes in whenever there is something to correct or if something needs to be changed in the system. For ISPs, Arbor DDoS would be the best solution. For smaller organizations, we can buy the services from Amazon for DDoS protection, and there's Cloudflare. But for ISPs, it's better to have Arbor DDoS because we have everything in-house. ISPs like ours have almost 120 gig bandwidth. For throughput, it's the best one. We don't have plans to increase usage currently because when we brought the solution four years ago, we measured it a lot. We bought more than what we needed. The plan is to improve the human operability on the system itself. Things look smooth, but you cannot rely on two or three people. We have to have redundancy in the human workforce. We're planning to expand the team so that we don't need to hire any fresh resources and train them from the start. These services are very expensive and our customers are expecting a perfect solution.
Suppose I discuss my experience and my customers' feedback about Arbor DDoS. In that case, I can say that we all are very satisfied with the solution in terms of the performance and the technology itself, like DDoS mitigation techniques for applications starting from Layer 1 to Layer 7. The cloud scrubbing center offered by Arbor DDoS is amazing, as it has reached up to 11 TB. Arbor DDoS offers very nice support. The only issue with the product is when it comes to its integration capabilities with other technologies, an area where I think Arbor DDoS is working on currently. My company has recently dealt with some incidents when it comes to integrating Arbor DDoS with our SIEM solution, and we saw that there were some issues that Arbor DDoS fixed. I rate the overall tool an eight out of ten.
The product’s availability and support services are good. I rate it a ten out of ten.
I do not expand the product. The products are usually standalone products. People should use the product. Overall, I rate the solution an eight out of ten.
I rate the overall product a ten out of ten.
Overall, I rate the solution a nine out of ten.
I recommend this solution and rate it nine out of 10.
Arbor and other Netscout products are almost like Cisco. You configure them once and you can leave them in the data center forever and never do anything on them again. Issues with stability and other unexpected things barely happen ever. Regardless of how big your organization is, if you provide some sort of services towards the internet or towards clients, you will benefit from DDoS protection and Arbor especially. They have boxes that are really affordable. Arbor can be deployed as hybrid solution, but the company's main business model is deploying their appliances on premises. The good thing about Arbor and Netscout is that they are able to incorporate taxi and streaks external feeds into their devices. That makes them really flexible not towards their own IP intelligence, but you can streamline the additional information from multiple different open source or paid sources. They are well rounded in terms of features. Their portfolio covers network visibility, pocket brokers, and similar stuff.
I recommend the solution and rate it a seven out of ten. If the solution adds a behavioral traffic analyzer and SSL inspection tool, then I rate it a nine out of ten.
I rate the solution an eight out of ten.
I would recommend this solution to others. I rate Arbor DDoS a nine out of ten.
I would rate Arbor DDoS as eight out of ten.
I rate Arbor DDoS an eight out of ten.
I would advise others to do a proof of concept. That's a good way to choose a solution. We did a proof of concept, and it gave us a good idea, so I would advise others to do that. I would rate Arbor DDoS a nine out of ten. I am really happy with this solution.
Arbor's hybrid approach to DDoS protection is both an advantage and a disadvantage. Sometimes it is not able to filter traffic adequately because of the hybrid approach. It only takes action after a bit of time. It starts acting on malicious traffic a little bit late because of the hybrid approach. On the other hand, after seeing all the aspects, the analysis is sensible and perfect. So it depends on from which side we look at this feature. Network layer DDoS attacks are absolutely big. DDoS attacks cannot be mitigated instantly, it takes time. You have to be very aware of your network and about which machine an attack has reached, and what the network architecture is. All those aspects are responsible for the impact of DDoS attacks. Arbor is not absolute but, comparatively, I find it to be an effective solution. Overall, it's a great product. It is a very effective product in terms of dealing with DDoS attacks, whether it is network layer attacks or application layer attacks. But it is better in network layer DDoS attacks. It is among the best.
It is not just about the features alone, it is about how smoothly you will be able to deploy the solution, e.g., the availability of the product and how the OEM is maintaining the relationship with its customer. There are multiple factors that need to be considered. "This is not just a one-time sale. It's about how easily the systems are available, and how well your partner is able to support you and provide lifecycle management."
Overall, I would rate this solution as an eight (out of 10), the reporting as a 10 (out of 10), and the mitigation as a five to eight (out of 10).
I would advise potential users to try the NETSCOUT Arbor DDoS system but also to check on other solutions. On a scale from one to ten, I would give Arbor DDoS a seven.
I would recommend using Arbor DDoS. We will buy the next version on virtual machines. We will buy a server separately with the on-premise solution, then install it on our servers where it would be virtual. We have been thinking about creating our own DDoS solution using firewalls from other vendors. We are looking to buy two distributed servers this year that we will need to test locally. I would rate this solution as an eight (out of 10). Arbor DDoS is a stable solution that fulfills our requirements for DDoS protection services.
My advice is "Go for it." It's a great tool. If you're concerned about the availability of your services, I highly recommend it, without any hesitation. If you regard your brand or organization as valuable, then Arbor is the tool for you.
Talk with their sales engineers and understand the different uses of Arbor. If you're just looking just for a pure DDoS product, there may be other solutions within Arbor that are better to use, or different feeds that may be beneficial. Maybe you're more into capacity planning or peering analysis, and there are other things in addition to those that you can do with Arbor. If you're buying it for DDoS, you still do capacity planning and peer evaluation for the same cost using the same license. But what I've found with other people that use the product is they're single-use. Some buy it for DDoS and only use it for DDoS. They don't take into account the other information that they could be pulling from it. The sheer amount of traffic that's out there in the network is one of the biggest things I've learned from using the solution. Looking at north-south traffic, traffic coming into our data centers and out of our data centers, it's a lot higher than what we had thought we would see when we first started using Arbor. It helped us to provide an infrastructure that was future-proof. Before we started understanding the different uses of Arbor, we would upgrade our routers on the edge, only to have to upgrade two or three years later when the actual router was still viable but it just wasn't able to control or handle the capacity. Now, we're able to put devices in place that are future-proof and that reduces our costs by not having to replace those devices every so often because they ran out of bandwidth. Another thing we found was the number of bad actors that were living within our environment. When cloud first started popping up, everybody rushed to get their own clouds up and running. What wasn't taken into account was that there was a lot of malicious traffic that was being generated by these types of environments. They gave us a better understanding of cloud computing and the security issues that we would be facing as we tried to expand that environment. Sightline with Sentinel does not yet communicate information upstream to our service provider around attacks, so that they can stop the attack closer to the attacker. It's something that we've been working on with Arbor for many years. There are some programs out there that Arbor is working on where we can communicate with other deployments that have Arbor. From the engineering perspective, we're all for it, not only at my company but even at the major Tier-1s. It's when you get up to higher management that we hit the roadblocks. Everybody in security wants to share information, but nobody wants to say anything either. More and more people are coming around to the idea that they need some type of DDoS protection as part of their security posture. We tell customers that there's no one silver bullet out there that's going to do it all. Arbor does a great job of mitigating DoS attacks but we don't want to do all the blocking with Arbor devices, so further down the stack you want load balancers and firewalls to help you out. The fact that Arbor has been in DDoS visibility and protection for more than 10 years definitely affects our confidence in it. I've been with other providers that use Arbor as well and that's one of the things that is always brought up, the confidence level. Deploying this on my network and the visibility it's going to give me is hands-down better, compared to an up and coming cheaper product that may claim to have better abilities to mitigate DDoS attacks. But they don't have the visibility that you really need. That's the key asset that Arbor has because they've been in the business for so long and have these great relationships with these big Tier-1 providers. They're not only able to provide the necessary equipment but, more importantly, the knowledge that comes with it. At the root of things, all DDoS vendors basically do the same thing, they drop traffic. It's the knowledge of what type of traffic to drop that is extremely important, to me and others who are in the same business. When you have visibility into one-third of the global internet, you have great visibility into what's going to happen in the future as well. I would give Arbor DDoS a nine out of 10. There's always room for improvement. With DDoS products, there's always an evolving merry-go-round of different attacks. For me, giving it a 10 would be that silver bullet where it is going to handle all your attacks. Arbor will be straightforward with you and let you know that it's not that silver bullet and that there are times when its system is not the best system for the use that you have. One of the downfalls, at least on our site, has been that its visibility into the application layer in the monitoring mode is not the best, and that's because it's sampling traffic. Once it's in a mitigation and seeing packet-for-packet, it's devastating to see the amount of information you can pull. That's why we've gone ahead and implemented different Arbor devices lower down, closer to the application, to give us even more visibility.
“Every employee should be educated in best practice procedures, starting with basics like clever password combinations and then going into details of how different attacks work, emphasising ways to recognise social engineering tactics. Businesses must also demonstrate the potential impact of a breach occurring, which can help establish personal responsibility. Crucially, businesses shouldn’t just focus on prevention. Employees also need to understand best practice in minimising the damage should a breach occurs
Work with Arbor. They have great people to help you make sure it's implemented correctly. And they also have a great training team to help you understand the solution and use it to its fullest advantages. The biggest thing I have learned from using the solution is seeing all the different types of denial of service attacks that are out there. I have come to understand that they will come in waves and that certain types of customers are more prone to attack than others. It also lets us understand traffic flows on our network, as far as the usual traffic goes. We can understand what our network looks like. What it looks like at 1:00 pm is very different then what it looks like at 3:00 am. The solution helps us understand that. The users of Arbor DDoS in our company are only a handful of technicians. Our NOC and some of our security people, engineers, are in there, but it protects tens of thousands of customers for us. For deployment and maintenance of this solution we require two security engineers. They maintain the system and make any configuration changes, if necessary. They handle regular maintenance, if necessary, although it's pretty minimal. I would rate this product as an eleven out of 10.
We have seven people who directly access Arbor DDoS, mostly project engineers.
Implementation is very easy but making the product work optimally is more difficult. It's the best product. I would rate it at eight out of ten. There are some minor issues with blocking legitimate traffic and that's why it's not a ten.
It's an excellent product DDoS protection against attacks. We have more than 7,000 users at all levels of access.
Try to design it properly for injecting it into a network. If not, it could be that when you deploy it you will cause a "black hole" in your network and everything will go down. That has happened. In the case where it happened, it had something to do with routing. Arbor was injecting traffic to the TMS's but the TMS's were not able to forward the traffic to its original source. I rate Arbor DDoS at eight out of ten. For me, that's a pretty high rating because nothing is a nine. It's still a new solution and they're developing it. Every couple of months there's a new release with bug-fixes or some new way to do stuff. They're investing in the solution. Symantec Blue Coat is good, for example, but for quite some time there has been no development. Even with the recent version, there is nothing that different in Blue Coat. For a dynamic environment, you have to have a vendor that you can trust.
I would recommend Arbor's solution. I like it. In terms of increasing the usage of Arbor, when we expand our networks, we open new sites or data centers, we always use Arbor. In the future, if expand out, we will use it again. I rate it a nine out of ten because I have been using it for about eight years and it's very user-friendly, troubleshooting is good, and the reporting side is also good. It's easy to deploy and our customer feedback has been good. It's just that the pricing is very expensive, so I give it a nine.
We have two teams that work with it. There is the maintenance team and we are the team that takes action. I would rate Arbor DDoS at eight out of ten. It's stable, it's scalable, and it can handle complex environments.
Arbor has a global ranking and global recognition. Whenever you do a search on Google, you can find Arbor on the top three or top five DDoS protection vendors. Obviously, Arbor is very reliable.
Arbor is very good at what it does. If you have enough budget you can apply it to your infrastructure and use its flexibility and reporting features very well. But if you don't have the budget and you don't expand the budget for the coming next years, I suggest not getting in touch with Arbor. Five or six engineers can log in to devices, but in our company two people are managing infrastructure. There are always ways to optimize it, but we have been working for two years to optimize it and it's in a good situation compared to two years ago. I would rate it a seven out of ten. My rating is based on the general problems that we had and the solutions for them, as well as the daily stability of these devices. We are using nearly all the features of Arbor. Currently, they are enough for us, but in the future, if there are different kinds of DDoS attacks I believe that Arbor DDoS will also take action against them.
Don't worry that it is complex because, out-of-the-box, it protects you from the basics. Just open it and connect, that's all you have to do. But if you are making an investment of this type because you have to be protected against all scenarios, you have two options: close support from Arbor or a specialized engineer. If you have those resources, all the rest is very straightforward. It becomes a simple solution that can give you good results. I give the solution a nine out of ten. I try to put myself in the shoes of our company's owner. If a solution is simple to operate and gives good results, it's good for me. The solution needs to do what it's supposed to do and be simple to manage.
Most important important criteria when selecting a vendor: * How the offering covers the business needs. * The reputation of the vendor.