Arbor DDoS Reviews

We are using it for application availability, for its perimeter protection against DDoS and such service-exhausting attacks. Our goal is service availability and protecting our infrastructure against reputational damage and other penalties that could be incurred as a result of outages and malicious activities.

In terms of availability, we have never suffered any service exhaustion or services unavailability. Credit goes to the solution in that we have probably suffered a number of attacks, but they were mitigated by the tech solution without any notable impact - automation. We have benefited a lot from it.

It gives us visibility into what's going on with our externally exposed services. The better the visibility it means we are able to take better informed actions to improve our infrastructure, both inside and outside the LAN.

And it has definitely helped us to achieve our network and application uptime requirements for our business and its external stakeholders. We have always maintained a very high service availability. Previously, the work involved was so intense to ensure we could support that availability. The uptime was the same then as it is now, almost 99.99 percent availability. But back then, threats were not as evolved and sophisticated as they are now. In the seven years we have been using the tool, we have continued with availability of services as before. But today, without the Arbor solution, I believe we would have suffered quite a number of service availability issues.

The auto-mitigation and upstream signaling are awesome. With the upstream signaling, this is where the application automatically raises an alarm that the data-line is over-utilized (potentially resulting in service unavailability) or is under attack (volumetric attack). The upstream service provider will then start scrubbing and black-holing malicious connections as a means to clean up the line and relieving the load. The fact that it's automated means I don't have to sit the entire time and always be looking out for threats coming through. It does it almost automatically, without any intervention by me.

They are putting quite a good amount of effort into their research to make their products stand out from the rest.

Day by day, the solution is actually getting smarter and more useful.

I haven't found anything to complain about or anything that they need to improve on.

I have been using Arbor DDoS for close to seven years now.

It's a very well-developed tool. I'm quite impressed. I'm happy with its performance. Stability-wise, it's a good tool. Support is also very impressive.

For my environment, there is no need for growing the platform. We currently have about 5,000 endpoints. But from what I've seen, and the way we deployed it, it looks quite scalable.

I've used NETSCOUT's technical support a number of times. I would rate it at 8 out of 10.  They are doing well, there is always room for improvement. Their technical knowledge is on point, and their turnaround time is on point.

We did not have a previous solution.

The decision to use Arbor was based on their track record and capabilities - they stood out very well.

It's not complex. If you know what you want to use the tool for, the placement, and you know what you want to protect, the setup is very straightforward. It requires minimal downtime to deploy the solution. I found it quite easy.

Deployment took about two hours, but that time includes internal delays. From the moment you start setting it up, it takes no more than 30 minutes. The longest part, before you deploy the technology, is learning your network by monitoring it. That could take a long time, depending on the timeframe that you want to benchmark on. It could take, say, a month, just to get an idea of how your network behaves. But in terms of setting up the device, it should take an hour, tops.

We had three people involved in the initial setup. All are network engineers.

Post-deployment maintenance on our side consists of just the regular updates of the software. 

Implementation was both inhouse and vendor supported - vendor support was great, very knowledgeable resources.

ROI comes from the fact that we've never suffered any outages. In the absence of Arbor, if we were to be compromised, the cost would be way more than the cost of the solution.

The solution is a bit costly if you're on a tight budget, but it's worth the price that they are charging - the ROI is notable in a long run.

I've only used the Arbor solution, so I haven't had any hands-on exposure to other technologies. But from the bit that I've read, and based on the ratings of the other solutions, nothing compares closed to what Arbor anti-DDoS offers. I've tried to compare it with the F5 Silverline solution, but the way that solution does threat mitigation is not as advanced or as comprehensive as what Arbor does.

My advice is "Go for it." It's a great tool. If you're concerned about the availability of your services, I highly recommend it, without any hesitation. If you regard your brand or organization as valuable, then Arbor is the tool for you.

Using the Arbor SP Insight allows the detection of DDoS attacks coming in from upstream internet providers. The system provides a central analysis to detect DDoS attacks and allow reporting on internet traffic. This along with the TMS physical off-ramp mitigation platform allows us to redirect the inbound attack traffic via BGP. The offramp TMS effectively separates attack traffic from the main path used during normal operation. The system provides attack mitigation for both internal infrastructure and downstream customer services.

Prior to deploying the Arbor solution, DDoS mitigation involved creating ad hoc packet filters to block the malicious traffic during event. These were difficult to apply because getting the detailed match information during an event was problematic. The traffic monitoring systems we had in place did not always have the necessary detail, nor was the attack traffic patterns readily identifiable as malicious. And then the nature of the attacks did not always allow for blocking filters to apply only to malicious traffic. Arbor has made the whole process simpler. 

The ability to correlate Arbor managed objects with internet services deployed accurately profiles traffic and makes coordinating appropriate mitigation response simple. The reporting on both alerts and mitigations provides both detailed and visually pleasing reports.

Using standard BGP, NetFlow and SNMP ensure wide compatibility. There are also peering traffic reports that can help identify upstream peering opportunities. The ATLAS aggregation service allows us to contribute to the global DDoS data and benefit from overall trends.

Arbor also allows us to create upstream remote triggered blackhole requests via BGP communities assigned from our upstream carriers. We can have the flexibility to trigger an individual or all carriers for each /32 advertisements. The system also allows us to use BGP flow spec to apply blocking filters at our routing edge nodes.

The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underlying OS to the application version can be easily missed.

Linking the white list designation on managed objects into the alert detection mechanism would be a welcome improvement. Currently, white lists to prevent dropping any traffic on important resources only apply to the mitigation process.  If the white list could be used during alert detection this would prevent some false positive alerts that are coming from these known good sources.

I have been using Arbor DDoS protection for over 8 years across two employers one a large scale enterprise network with dual data centers and 4 ISP upstreams and the second a regional service provider with multiple tier-one upstreams and internet exchange connections.

Arbor technical support is painless. Support requests at any hour are serviced quickly with an engineer that is very familiar with the platform details. The one RMA from hardware failure that I had to process went through immediately for our next business day delivery.

We use the product for DDoS settings to prevent malware attacks.

The product allows us to check real-time progress, including latency and network activities.

The product could have end-to-end platform visibility, including connectivity and bandwidth, similar to Cisco.

We have been using Arbor DDoS for seven or eight years. At present, we use the latest version.

The product is very stable.

It is a scalable product. Its scalability depends on the bandwidth. It manages around 50,000 internet banking customers.

The technical support services are excellent.

The initial setup is easy. It involves configuring network connectivity, including public IP addresses and firewall/router configurations. It requires setting up security rules or access controls on Arbor to control which traffic is allowed through. It's important to ensure that traffic from the Internet has a few diversions before reaching the firewall. It takes approximately six hours to complete. The system needs to take a downtime for maintenance. It requires around 13 minutes to complete.

The product’s availability and support services are good. I rate it a ten out of ten.

The solution is used for protection and to review any potential attack.

The solution is flexible, easy to implement and has an efficient technical support team.

The implementation should be made easier. 

I have been using the solution for more than five years.

It is a stable solution. It could be more stable depending on the upgrade of the software. I rate the stability an eight out of ten.

It is a scalable solution.For the cloud version the scalability is ten out of ten but for the on-premises, it depends on the sizing of the file. The solution is best for medium sized enterprises. All our clients are medium -sized enterprises.

The technical support is good.

The initial setup is easy. It takes two days to be deployed. One or two engineers are required for the deployment depending on the use cases.

I see a Return on Investment.

The pricing of the solution is cheap.

I rate the overall solution an eight out of ten.

Arbor DDoS is not used for enterprise companies but by some other companies, including NIDC, a government entity.

Analytics and its attack mitigation capabilities are valuable features of the solution.

It is an expensive product, so there is room for improvement in terms of pricing.

I work for the sales department. So, I've been using Arbor DDoS for three to four years. My company has a partnership with Arbor.

The product is stable. I rate its stability a ten out of ten.

The product is scalable. I rate its stability a ten out of ten.

It is an expensive product. I use this product for its different features.

I rate the overall product a ten out of ten.

Our company uses the solution to protect applications such as web DNS and file servers from DDoS attacks coming through the Internet's application layer. 

We also protect our devices and components such as firewalls, IPSS, and WAFs. 

The stateless device format means that the box is very strong for preventing DDoS attacks.

The solution is user friendly and the graphical user interface can be used for everything without logging into the CLI.

The box includes embedded bypass modules so bypasses can be performed without outages.

Hardware modules do not need to be changed when upgrading licenses for additional capacity.

A behavioral traffic analyzer and SSL inspection tool need to be added. 

The solution needs to enhance its features to compete with other tools. Lately, Arbor has made some improvements but they are not ones that are expected or ones that would better align the solution with competitors. 

For example, the solution announced it was releasing SSL inspection in 2020. After a while, they realized the feature was failing so they stopped mentioning it and instead provided another solution which required purchase of a different box. This created a complex topology that is not cost efficient. I have to set aside extra budget so this is not an improvement or a solution for me. Competitors handle the same feature within their own single box.

I have been using the solution for five years.

The solution is really stable. It is the most stable device in our topology. 

Technical support is very good and responds quickly. If I get any box faults, one phone call gets me to an engineer for troubleshooting. 

I rate support an eight out of ten. 

Positive

I did not use other solutions. 

The setup not complex and a simple configuration takes about one hour. 

An advanced configuration takes up to twenty days because I run simulations and check results. It is not constant work but provides useful results. 

Our team of one system architect and three system engineers implemented the solution in-house. 

The solution's pricing is based on a licensing model that is expensive when compared to other tools. 

The first option is a DDoS or throughput license that never expires after purchase. You can use the box until its end of life. 

The second option is a subscription license that is purchased for one, three, or five years. It includes some additional features and services that are optional. 

Product or technical support is a separate license that must be renewed every one or three years. 

I have evaluated other solutions in a demo environment. 

Radware is the leading DDoS solution right now and a strong competitor. I found that its graphical interface is complex and hard to handle. It takes time to configure properly, is hard to read, and is poor for reporting. 

I recommend the solution and rate it a seven out of ten.

If the solution adds a behavioral traffic analyzer and SSL inspection tool, then I rate it a nine out of ten. 

Arbor DDoS is used for network protection if you have a DDoS attack, it keeps the session or information moving.

Arbor DDoS is a combination of a physical appliance and the cloud, and it's combined in their subscription.

Arbor DDoS could improve out-of-the-box reporting, it could be better.

I have used Arbor DDoS within the last 12 months.

Arbor DDoS is highly stable.

Arbor DDoS is able to increase your bandwidth. You can scale less than 50 percent, but if you are scaling above 100 percent it will not be flexible. You have to get a bigger appliance, which will be at a discount rate. It is scalability in the technical and commercial sense.

The technical support of Arbor DDoS is good.

The initial setup of Arbor DDoS is straightforward, and it took approximately five days to implement.

The price of Arbor DDoS depends on many parameters. It depends on the physical capacity of the environment, and it is not a straight-line price. It's fairly competitive in the market on the price.

I would recommend this solution to others.

I rate Arbor DDoS a nine out of ten.

We use Arbor DDoS for network security defense.

The solution has blocked many attacks on our customer's systems that would have disrupted their operations.

Arbor DDoS is easy to use, provides effective blocking of DDoS attacks, and can be used for DNS, web, and main servers. Additionally, this solution is far easier to operate than others solutions, such as Fortinet DDoS.

I have been using Arbor DDoS for approximately four years.

The solution is very stable. In the time we have been using the solution we have not had any incidents.

We have not needed to scale the solution.

The regional support here in African could improve, such as marketing and account managers.

I have previously used Fortinet DDoS.

The solution is easy to deploy and takes approximately two days. It is easier to deploy than other solutions.

The price of this solution is a little high in the African market, it should be lower.

I rate Arbor DDoS an eight out of ten.