Arbor DDoS Reviews

Arbor has the ability to learn and self-create the appropriate profile for each customer. This ensures that false positives are kept to a minimum.

It provides a much more efficient protection of our customers.

A small improvement could be a better reporting system.

I've used this solution for two years.

No. Since day one, the product works without any issues.

I didn't encounter issues with scalability.

Very Good. The technical support team was there each time we needed them, offering valuable help and advice.

I did not use a different solution prior to Arbor DDoS.

No, the initial setup was easy. The excellent interface makes it easy to configure.

Check if you can combine the product’s Cloud Signaling capabilities with your upstream provider. This will enhance your DDOS protection even further

Start with a small license. Measure your bandwidth requirements.

Yes. Checkpoint.

• As an ISP, it is important to know from where the traffic comes so as to neutralize any attacks.

• The Arbor Networks SP device provided great visualization of the network traffic.

• Arbor Networks TMS is for cleaning the DDoS traffic, which is used sparsely.

The Arbor Networks SP device allowed us to optimize the network traffic. For example, it helped us to find the best IP network route to reach certain countries with low latency.

My opinion is that these Arbor devices should be scalable, in terms of the hardware.

Network bandwidth is rapidly increasing. Therefore, it is not practical to predict the network traffic as what it will be in five years time and also, to accordingly plan the required hardware specifications.

I have been using this solution since 2009.

We have been using the Arbor Peakflow SP CP-5000 and Arbor Peakflow TMS 2700.

Both the devices were very stable at the operation.

Unfortunately, these devices are not scalable and we have to upgrade to the next model in order to increase the threat mitigation capabilities.

We’ve received technical support mainly from Thailand. The guy who supported us was very competent with the products.

We were not using any other solution before.

The initial IP configuration has to be done in a command line, but the rest you can do via the web interface.

As a comparatively medium-scale ISP, we struggled with the license restrictions. By default, the Arbor SP device has only five licenses, which means only five routers can be integrated.

At that time (2008-09), when we checked the other options, there was not even a single product vendor that had the ability to do both network traffic analysis and DDoS traffic cleansing.

There were other proposals such as Radware and Cisco Guard for DDOS protection.

It is vital to identify the number of routers that are going to be integrated and the scrubbing capacity required for the expected lifetime of the product, as it is not scalable once you have purchased it.

For others who expect to implement Arbor, the key prerequisite is to identify the network devices that are going to integrate, since it will dictate the licensing. Since it is not scalable, so users should have to get this right before purchasing the product.

The deployment methods are really important as are the mitigation templates for volumetric and application-level attacks.

We do not have this product in our organization. We are service providers for Arbor.

This product improves the application's availability; we have mitigated targeted attacks for some clients.

I believe that the Arbor Cloud should be available, even if the customer does not have any Arbor appliance on-premise.

I have been using Arbor technologies for about two years.

In the two years I have been using the product, I haven't encountered any stability issues. The solution is pretty robust and stable.

Both solutions, Arbor Networks SP/TMS and APS, are very scalable.

The important point about Arbor Networks APS is that it is usually deployed inline, so you have to be aware of the number of switch ports available for each model.

I have a lot of experience with the technical support for multiple vendors (HPE, Cisco, Palo Alto Networks, Imperva, etc.) and the Arbor support is really good; usually, they respond with the workaround for your issue.

I really recommend the technical support from Arbor.

Setup complexity depends on the appliance:

• Arbor Networks APS: The setup is really straightforward; deployment and tuning are not that hard.
• Arbor Networks SP/TMS: This a complex solution and usually deployed in Diversion/Reinjection mode. Customers have to know the concepts and configuration about BGP, routing etc.

Arbor Networks APS licensing usually depends on the throughput of the enterprise.

Arbor Networks SP/TMS licensing usually depends on the throughput and the number of managed routers.

Note: It is not a cheap solution, but this is the most deployed anti-DDoS solution worldwide.

This is the first enterprise anti-DDoS product that we acquired. It later became Imperva.

You have to be clear as to what do you want to protect, i.e., the applications, networks, etc.

The most complex appliances are for the Arbor Networks SP/TMS solutions, so you have to know the BGP, peering, diversion, and reinjection concepts.

• It is user-friendly and has a very easy GUI.

• It provides the simplest method of mitigation.

• It provides predefined filters/techniques to easily stop attacks.

My last project was with (almost all of) the biggest banks and MNCs in India. It helped us to protect their network from the present DDoS attacks.

The auto-mitigation feature is provided when DDoS is observed on any of the links/customers (configured under auto-mitigation). It automatically starts mitigation with the default filters. In the default filter mode, there could be an impact on a customer’s link.

For example, if we have enabled monitoring of the internal traffic for that link/customer, it starts mitigation on legitimate traffic. It can also create looping in the network for any misconfiguration. This can impact the ISP's internal network and the customer's link utilization.

I have used this solution for two years.

We did not have stability issues.

We did not have scalability issues.

I would rate the technical support a 7/10.

We were using black-hole mitigation. We switched from that technique because we were dropping all the traffic of the attacked link, rather than vulnerable traffic; there were many more loopholes.

The setup is a little complex regarding the methods of configuration with the customers, as we need to provide them with a clean pipe path during mitigation. Also, it is mostly used on ISPs so the configuration on gateways is a little hectic.

They offer good prices.

I did not evaluate other options.

Be in direct contact with Arbor, rather than choosing a vendor in between.

I primarily use Arbor DDoS for scrubbing.

Arbor DDoS's best feature is that we can put the certificates in, and it will look at layer seven and the encrypted traffic and do the required signaling.

An improvement to Arbor DDoS would be to make evaluation licenses and virtual machines available. This would allow us to learn the system and to spread word about the product to others.

I've been using Arbor DDoS for almost five years.

Arbor DDoS is very stable.

Arbor DDoS is scalable.

The complexity of the setup depends on the user's experience, but it's very quick to deploy.

Arbor DDoS has given us a very good ROI - I would rate it five out of five.

I would rate Arbor DDoS ten out of ten.

The solution looks into volumetric attacks and gets them resolved.

The technical support engineers can create more labs within the environment. Real-case scenarios that have taken too long to resolve or were escalated can be directly converted into articles. It is highly possible that someone else may also face similar problems. Such articles will help people easily find a solution to their specific issues.

I have been using Arbor DDoS for seven years.

Arbor DDoS is a stable solution.

Arbor DDoS is a scalable solution. It can be used by small, medium and enterprise businesses.

The solution's integration is simple if you know the steps. If you don't know the steps, it becomes complex. It can become difficult depending on the layer, negotiation, and communication. If everything is laid out in software terms it is not difficult. You just need to follow the process. I would recommend the solution to other users.

Overall, I rate the solution a nine out of ten.

The solution is easy to use. The user interface is also easy to use. The documentation provided by the product is good.

The support got worse after NETSCOUT acquired Arbor.

I have been using the solution for about seven to eight years.

The tool is quite stable. Our customers have used the tool for three to five years without rebooting.

Most of our customers are enterprise businesses.

Earlier, the support was great. Now, the support team provides delayed responses.

Neutral

The initial setup is quite easy. The time taken for deployment depends on the number of servers or machines we need to protect. In most cases, the product can be deployed in one day.

The product must improve its price. Our customers always complain about the price of the product. Most products are expensive in Taiwan. The product might be cheaper in other countries. However, I am not sure.

I do not expand the product. The products are usually standalone products. People should use the product. Overall, I rate the solution an eight out of ten.