We changed our name from IT Central Station: Here's why
Steve Puluka
Network Architect at DQE Communications
Real User
Top 10
Comprehensive DDoS mitigation options from targeted off-ramp to BGP flow spec or Remote triggered blackhole
Pros and Cons
  • "Using standard BGP, NetFlow and SNMP ensure wide compatibility. There are also peering traffic reports that can help identify upstream peering opportunities. The ATLAS aggregation service allows us to contribute to the global DDoS data and benefit from overall trends."
  • "The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underling OS to the application version can be easily missed."

What is our primary use case?

Using the Arbor SP Insight allows the detection of DDoS attacks coming in from upstream internet providers. The system provides a central analysis to detect DDoS attacks and allow reporting on internet traffic. This along with the TMS physical off-ramp mitigation platform allows us to redirect the inbound attack traffic via BGP. The offramp TMS effectively separates attack traffic from the main path used during normal operation. The system provides attack mitigation for both internal infrastructure and downstream customer services.

How has it helped my organization?

Prior to deploying the Arbor solution, DDoS mitigation involved creating ad hoc packet filters to block the malicious traffic during event. These were difficult to apply because getting the detailed match information during an event was problematic. The traffic monitoring systems we had in place did not always have the necessary detail, nor was the attack traffic patterns readily identifiable as malicious. And then the nature of the attacks did not always allow for blocking filters to apply only to malicious traffic. Arbor has made the whole process simpler. 

What is most valuable?

The ability to correlate Arbor managed objects with internet services deployed accurately profiles traffic and makes coordinating appropriate mitigation response simple. The reporting on both alerts and mitigations provides both detailed and visually pleasing reports.

Using standard BGP, NetFlow and SNMP ensure wide compatibility. There are also peering traffic reports that can help identify upstream peering opportunities. The ATLAS aggregation service allows us to contribute to the global DDoS data and benefit from overall trends.

Arbor also allows us to create upstream remote triggered blackhole requests via BGP communities assigned from our upstream carriers. We can have the flexibility to trigger an individual or all carriers for each /32 advertisements. The system also allows us to use BGP flow spec to apply blocking filters at our routing edge nodes.

What needs improvement?

The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underlying OS to the application version can be easily missed.

Linking the white list designation on managed objects into the alert detection mechanism would be a welcome improvement. Currently, white lists to prevent dropping any traffic on important resources only apply to the mitigation process.  If the white list could be used during alert detection this would prevent some false positive alerts that are coming from these known good sources.

For how long have I used the solution?

I have been using Arbor DDoS protection for over 8 years across two employers one a large scale enterprise network with dual data centers and 4 ISP upstreams and the second a regional service provider with multiple tier-one upstreams and internet exchange connections.

How are customer service and technical support?

Arbor technical support is painless. Support requests at any hour are serviced quickly with an engineer that is very familiar with the platform details. The one RMA from hardware failure that I had to process went through immediately for our next business day delivery.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner at AMPEC DATA SERVICE
Real User
We have no encountered any stability problems
Pros and Cons
  • "The stability is okay and we have not encountered problems with the solution."
  • "An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action."

What is our primary use case?

We receive work orders and implement them for the client. This we do in respects of MMSP solutions. 

We do not help to integrate Arbor in other companies.

What needs improvement?

An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action. I wish to compare this with Fortinet DDoS, with which I am more familiar. This solution places more of an emphasis on the behavior of the traffic and provides a response in respects of the volume. But, it also learns the traffic behavior of the customer as concerns its response to other attacks.

I would like to see a feature concerning the response or one which addresses the need for behavior learning of the customer's traffic. I am sure Arbor is working on it. 

For how long have I used the solution?

We've been using Arbor DDoS for three years.

What do I think about the stability of the solution?

The stability is okay and we have not encountered problems with the solution. 

What do I think about the scalability of the solution?

As I mentioned, we only provide support in the role of technical operators, so the question about plans for increased usage should be directed towards the operator. He is in a position to say whether he has plans to sell more equipment to his customers. While the desire to desire to sell is not at issue, the willingness of people in this country to pay for the security is. 

How are customer service and technical support?

We received from the customer, who is an operator, all of the technical knowledge needed to support NETSCOUT.

How was the initial setup?

The initial setup was okay and did not take long. 

What's my experience with pricing, setup cost, and licensing?

The licensing of a complete Arbor solution, including fire-walling and unified site management, can get expensive. This is a cost-benefit scenario in which the risk of losing everything must be weighed against the increased expense of the solution. This decision lies with the end customer and it depends on his protection policy. Apparently, taking protective measures is not prevalent in our culture, as people have a tendency to think that they will not be the target of an attack, even though this may be the ultimate result. 

What other advice do I have?

I believe we have 10 or 15 users who are working with the solution. 

I rate Arbor DDoS as a ten out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: January 2022.
564,322 professionals have used our research since 2012.
Information Security Officer at a financial services firm with 51-200 employees
Real User
Top 5Leaderboard
Good protection, good artificial intelligence, good stability, and easy to integrate
Pros and Cons
  • "The artificial intelligence feature is most appreciated. This solution can lower the throughput and clear the traffic, which is something really important for us. It also provides good protection. It is user-friendly, and its integration has also been really fast. We have many critical applications, and it was easy to integrate Arbor DDoS with our website, mobile application, and web banking."
  • "They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports."

What is our primary use case?

We use it to protect our infrastructure from DDoS attacks. It is used to protect web applications to provide a secure infrastructure for our client.

What is most valuable?

The artificial intelligence feature is most appreciated. This solution can lower the throughput and clear the traffic, which is something really important for us. It also provides good protection.

It is user-friendly, and its integration has also been really fast. We have many critical applications, and it was easy to integrate Arbor DDoS with our website, mobile application, and web banking.

What needs improvement?

They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports.

For how long have I used the solution?

I have been using this solution for three months. It was implemented in February.

What do I think about the stability of the solution?

Its stability is really good.

What do I think about the scalability of the solution?

Because it is on-premise, it has limited capability. That's why in six months, we would like to move to the cloud. Moving to the cloud will also enable us to prevent biometric attacks. It will make it easier for us to protect all the throughput traffic.

Our client is a medium-sized company in Bolivia with around 3,000 employees.

How are customer service and technical support?

Their technical support is really good. They have a nice workflow.

Which solution did I use previously and why did I switch?

We had Check Point and Radware solutions. Gartner Quadrant ratings were one of the key factors for going for this solution.

How was the initial setup?

Its initial setup was easy. It was a one-month project, and its implementation was very fast.

What about the implementation team?

Five engineers were involved in its implementation.

What other advice do I have?

I would advise others to do a proof of concept. That's a good way to choose a solution. We did a proof of concept, and it gave us a good idea, so I would advise others to do that.

I would rate Arbor DDoS a nine out of ten. I am really happy with this solution.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Flag as inappropriate
Regional Technical Manager at HTBS
Real User
Povides effective blocking of attacks, and can be used for DNS, web, and main servers

What is our primary use case?

We use Arbor DDoS for network security defense.

How has it helped my organization?

The solution has blocked many attacks on our customer's systems that would have disrupted their operations.

What is most valuable?

Arbor DDoS is easy to use, provides effective blocking of DDoS attacks, and can be used for DNS, web, and main servers. Additionally, this solution is far easier to operate than others solutions, such as Fortinet DDoS.

For how long have I used the solution?

I have been using Arbor DDoS for approximately four years.

What do I think about the stability of the solution?

The solution is very stable. In the time we have been using the solution we have not had any incidents.

What do I think about the scalability of the solution?

We…

What is our primary use case?

We use Arbor DDoS for network security defense.

How has it helped my organization?

The solution has blocked many attacks on our customer's systems that would have disrupted their operations.

What is most valuable?

Arbor DDoS is easy to use, provides effective blocking of DDoS attacks, and can be used for DNS, web, and main servers. Additionally, this solution is far easier to operate than others solutions, such as Fortinet DDoS.

For how long have I used the solution?

I have been using Arbor DDoS for approximately four years.

What do I think about the stability of the solution?

The solution is very stable. In the time we have been using the solution we have not had any incidents.

What do I think about the scalability of the solution?

We have not needed to scale the solution.

How are customer service and technical support?

The regional support here in African could improve, such as marketing and account managers.

Which solution did I use previously and why did I switch?

I have previously used Fortinet DDoS.

How was the initial setup?

The solution is easy to deploy and takes approximately two days. It is easier to deploy than other solutions.

What's my experience with pricing, setup cost, and licensing?

The price of this solution is a little high in the African market, it should be lower.

What other advice do I have?

I rate Arbor DDoS an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Buyer's Guide
Download our free Arbor DDoS Report and get advice and tips from experienced pros sharing their opinions.