Arbor DDoS Reviews

We receive work orders and implement them for the client. This we do in respects of MMSP solutions. 

We do not help to integrate Arbor in other companies.

An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action. I wish to compare this with Fortinet DDoS, with which I am more familiar. This solution places more of an emphasis on the behavior of the traffic and provides a response in respects of the volume. But, it also learns the traffic behavior of the customer as concerns its response to other attacks.

I would like to see a feature concerning the response or one which addresses the need for behavior learning of the customer's traffic. I am sure Arbor is working on it. 

We've been using Arbor DDoS for three years.

The stability is okay and we have not encountered problems with the solution. 

As I mentioned, we only provide support in the role of technical operators, so the question about plans for increased usage should be directed towards the operator. He is in a position to say whether he has plans to sell more equipment to his customers. While the desire to desire to sell is not at issue, the willingness of people in this country to pay for the security is. 

We received from the customer, who is an operator, all of the technical knowledge needed to support NETSCOUT.

The initial setup was okay and did not take long. 

The licensing of a complete Arbor solution, including fire-walling and unified site management, can get expensive. This is a cost-benefit scenario in which the risk of losing everything must be weighed against the increased expense of the solution. This decision lies with the end customer and it depends on his protection policy. Apparently, taking protective measures is not prevalent in our culture, as people have a tendency to think that they will not be the target of an attack, even though this may be the ultimate result. 

I believe we have 10 or 15 users who are working with the solution. 

I rate Arbor DDoS as a ten out of ten. 

We use Arbor DDoS in the Asia Pacific region for a couple of government clients and Financial sector. The primary use case is for different types of problems that we do not see with other solutions, such as IPS, IDS, and FireEye. It has that type of detection and it blocks things.

It detect and protect DDOS effectively.

We can reduce the bandwidth to minimize the attack level. If we see more than 2.5 GBs we drop it directly. Many times an attack is with hundreds of GBs on our devices. We're able to filter that out.

Also, it is able to find new, different IPs. Arbor keeps them for one or two days, but it will release them after some time. That enables us to blacklist them permanently so that we don't get that IP's traffic.

It also denies fragmented packets.

If we want to see live traffic, we can see do so. But once an attack that lasts for five minutes is done, the data is no longer there.  It would be an improvement if we could see recent traffic in the dashboard. We can check and download live traffic, but a past attack, with all the details, such as why it happened and how to mitigate and prevent such future attacks, would be helpful to see.

It's a stable solution. We haven't had any issues up until now, except for one or two times. On those occasions, we found attacks were getting through but then we realized we needed to update the signature database. Since then, it has been working fine. It is blocking as it should.

There haven't been any bugs.

We haven't had any issues with the scalability.

Technical support is good. They respond swiftly.

We found what we wanted in Arbor DDoS. It met our expectations, as IT users of different types of complex environments. It fit our needs. After we did the PoC, we found that this product is good. It was scalable and stable.

The initial setup is complex.

Deployment took about four months. After getting vendor support for installation, we then configured IP ranges for different clients. Then we set up the bandwidth and enabled logins.

There has not been much to deploy and maintain since then.

Arbor directly helped with the deployment.

DDoS is a major problem. If it infiltrates one device, it can move laterally, compromising much more. Up until now, we haven't lost any confidential data. The DDoS protection solution is a valuable tool to our organization.

We did look at competitors but I don't remember which ones now.

We have two teams that work with it. There is the maintenance team and we are the team that takes action.

I would rate Arbor DDoS at eight out of ten. It's stable, it's scalable, and it can handle complex environments. 

We are using Arbor as a DDoS protection infrastructure. It protects our both our company's infrastructure and also our customers' infrastructure. We are not using it to protect one website, we are protecting a lot of websites and a lot of customers' infrastructures including their websites, their web services, etc.

It protects our infrastructure. We are in a particular geography so we face a lot of cyber attacks, especially DDoS attacks. It's very beneficial for our infrastructure. It's a vital component for every provider network.

We are using it mainly for DDoS protection. Reporting functions provide good visibility. Also, API's helps us to improve our service. We are also using it by serving cloud signaling service to our customers for their on-premise APS devices.

Learning period for managed objects are too short; better to have auto-profiling based on learning.

As long as you don't touch it, it's very stable. But if you try to configure new features or some new deployment, sometimes that can be a problem. A few weeks ago we had an appliance that went down. 

It's very scalable. It has a central management platform that manages all appliances, so if you have a few sites, you can scale it to other sites with new devices and you can manage them from the central management platform.

Arbor has an engineer in our country and we try to solve our cases or our problems or our new feature configurations with him. Also we are able to do that by contacting tech directly. The guys in our country help us contact the tech team. They also have another contact in the tech team so they can speed up the resolution of our cases by communicating with him.

When issues arise, they're helpful, they're knowledgeable and responsive.

The last ticket we submitted was when one of our appliances went down while we were configuring it one night. They solved it within four or five hours after we opened the case. They sent the solution within that time. The appliance went back up and has continued to work properly.

The setup is very straightforward, not too complex. Their tech team is very helpful.

As far as I know, they are very successful in DDoS protection. Because they know it, their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive. 

We are evaluating other options. We may apply one if we find an appropriate solution. As I mentioned before, Arbor DDoS prices are too high, it's very expensive. It would be better to have more than one vendor in our infrastructure, because there is no competition when you have one vendor or one solution.

Arbor is very good at what it does. If you have enough budget you can apply it to your infrastructure and use its flexibility and reporting features very well. But if you don't have the budget and you don't expand the budget for the coming next years, I suggest not getting in touch with Arbor.

Five or six engineers can log in to devices, but in our company two people are managing infrastructure. There are always ways to optimize it, but we have been working for two years to optimize it and it's in a good situation compared to two years ago.

I would rate it a seven out of ten. My rating is based on the general problems that we had and the solutions for them, as well as the daily stability of these devices.

We are using nearly all the features of Arbor. Currently, they are enough for us, but in the future, if there are different kinds of DDoS attacks I believe that Arbor DDoS will also take action against them.

Our company uses the solution to protect applications such as web DNS and file servers from DDoS attacks coming through the Internet's application layer. 

We also protect our devices and components such as firewalls, IPSS, and WAFs. 

The stateless device format means that the box is very strong for preventing DDoS attacks.

The solution is user friendly and the graphical user interface can be used for everything without logging into the CLI.

The box includes embedded bypass modules so bypasses can be performed without outages.

Hardware modules do not need to be changed when upgrading licenses for additional capacity.

A behavioral traffic analyzer and SSL inspection tool need to be added. 

The solution needs to enhance its features to compete with other tools. Lately, Arbor has made some improvements but they are not ones that are expected or ones that would better align the solution with competitors. 

For example, the solution announced it was releasing SSL inspection in 2020. After a while, they realized the feature was failing so they stopped mentioning it and instead provided another solution which required purchase of a different box. This created a complex topology that is not cost efficient. I have to set aside extra budget so this is not an improvement or a solution for me. Competitors handle the same feature within their own single box.

I have been using the solution for five years.

The solution is really stable. It is the most stable device in our topology. 

Technical support is very good and responds quickly. If I get any box faults, one phone call gets me to an engineer for troubleshooting. 

I rate support an eight out of ten. 

Positive

I did not use other solutions. 

The setup not complex and a simple configuration takes about one hour. 

An advanced configuration takes up to twenty days because I run simulations and check results. It is not constant work but provides useful results. 

Our team of one system architect and three system engineers implemented the solution in-house. 

The solution's pricing is based on a licensing model that is expensive when compared to other tools. 

The first option is a DDoS or throughput license that never expires after purchase. You can use the box until its end of life. 

The second option is a subscription license that is purchased for one, three, or five years. It includes some additional features and services that are optional. 

Product or technical support is a separate license that must be renewed every one or three years. 

I have evaluated other solutions in a demo environment. 

Radware is the leading DDoS solution right now and a strong competitor. I found that its graphical interface is complex and hard to handle. It takes time to configure properly, is hard to read, and is poor for reporting. 

I recommend the solution and rate it a seven out of ten.

If the solution adds a behavioral traffic analyzer and SSL inspection tool, then I rate it a nine out of ten. 

Arbor DDoS is used for network protection if you have a DDoS attack, it keeps the session or information moving.

Arbor DDoS is a combination of a physical appliance and the cloud, and it's combined in their subscription.

Arbor DDoS could improve out-of-the-box reporting, it could be better.

I have used Arbor DDoS within the last 12 months.

Arbor DDoS is highly stable.

Arbor DDoS is able to increase your bandwidth. You can scale less than 50 percent, but if you are scaling above 100 percent it will not be flexible. You have to get a bigger appliance, which will be at a discount rate. It is scalability in the technical and commercial sense.

The technical support of Arbor DDoS is good.

The initial setup of Arbor DDoS is straightforward, and it took approximately five days to implement.

The price of Arbor DDoS depends on many parameters. It depends on the physical capacity of the environment, and it is not a straight-line price. It's fairly competitive in the market on the price.

I would recommend this solution to others.

I rate Arbor DDoS a nine out of ten.

We use Arbor DDoS for network security defense.

The solution has blocked many attacks on our customer's systems that would have disrupted their operations.

Arbor DDoS is easy to use, provides effective blocking of DDoS attacks, and can be used for DNS, web, and main servers. Additionally, this solution is far easier to operate than others solutions, such as Fortinet DDoS.

I have been using Arbor DDoS for approximately four years.

The solution is very stable. In the time we have been using the solution we have not had any incidents.

We have not needed to scale the solution.

The regional support here in African could improve, such as marketing and account managers.

I have previously used Fortinet DDoS.

The solution is easy to deploy and takes approximately two days. It is easier to deploy than other solutions.

The price of this solution is a little high in the African market, it should be lower.

I rate Arbor DDoS an eight out of ten.

• Very user-friendly GUI
• Simplest way of mitigation
• Predefined filters/techniques to easily stop the attacks and start mitigation.

My last project was with the biggest banks of India (almost all of them) and MNC, so it helped us to protect their network from present DoS/DDoS attacks.

Auto mitigation is a feature provided when DDoS is observed on any of link/customer (configured under auto mitigation). It automatically starts mitigation with default filters. In default filter mode, there could be an impact on the customer’s link,

E.g., if we have enabled monitoring of internal traffic for that link/customer, it starts mitigation on legitimate traffic. It can also creates looping in the network for any misconfiguration, which can impact the ISP’s internal network and the customer's link utilization.

Two years.

No issues.

No issues.

No issues.

A seven out of 10, because response times from Arbor TAC are little higher.

An eight out of 10. Very good.

Not applicable.

Not applicable.

The implementation was done by Arbor itself. They were excellent.

Not applicable.

Not applicable.

Not applicable.

Be in direct contact with Arbor TAC rather than choosing a vendor in-between.

Our primary use case is developing threshold values for all groups. We use it to analyze packets to build a use-case for when a server group hits the limit of incoming traffic. In such a case we suspect traffic.

We use it to build use-case scenarios, based on the server input and a client's requirements. Some clients have a number of users accessing a given server which affects the bandwidth. In each case, we need to tell DDoS what is considered legitimate traffic.

It prevents all unwanted or malicious traffic, using the Threat Intelligence feeds.

There are a number of valuable features in this product, like Cloud Signaling and Threat Intelligence feeds.

There are two modes in the product: The first is a learning mode and the other is a production mode. First, we learn the traffic using the learning mode. We use it to fine-tune what is suspicious data and what is legitimate traffic.

Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning. Self-learning would be an improvement.

The stability of Arbor DDoS is good. It's not that complex as a product and stability is not an issue.

The scalability is good. Configuration-wise, an administrator could create issues. But the product itself is good.

I have implemented it multiple times in industries like oil and gas, banking, and insurance.

The response from Arbor's technical support is good. They respond within two days.

The initial setup is straightforward. It's very simple. I have deployed the product for multiple clients. Implementation takes less than three to four hours, but the fine-tuning takes some time, based on the organization's needs. That can take more than a month.

Our implementation strategy is based on how many servers and groups there are and what kind of traffic is coming to/from the internet. These are the factors that affect how we deploy it. Deployment requires two to three consultants who are security architects. For maintenance, one administrator is fine.

Licensing is based on features, I believe.

Implementation is very easy but making the product work optimally is more difficult.

It's the best product. I would rate it at eight out of ten. There are some minor issues with blocking legitimate traffic and that's why it's not a ten.