Arbor DDoS Reviews

Arbor DDoS is not used for enterprise companies but by some other companies, including NIDC, a government entity.

Analytics and its attack mitigation capabilities are valuable features of the solution.

It is an expensive product, so there is room for improvement in terms of pricing.

I work for the sales department. So, I've been using Arbor DDoS for three to four years. My company has a partnership with Arbor.

The product is stable. I rate its stability a ten out of ten.

The product is scalable. I rate its stability a ten out of ten.

It is an expensive product. I use this product for its different features.

I rate the overall product a ten out of ten.

We use it to protect our infrastructure from DDoS attacks. It is used to protect web applications to provide a secure infrastructure for our client.

The artificial intelligence feature is most appreciated. This solution can lower the throughput and clear the traffic, which is something really important for us. It also provides good protection.

It is user-friendly, and its integration has also been really fast. We have many critical applications, and it was easy to integrate Arbor DDoS with our website, mobile application, and web banking.

They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports.

I have been using this solution for three months. It was implemented in February.

Its stability is really good.

Because it is on-premise, it has limited capability. That's why in six months, we would like to move to the cloud. Moving to the cloud will also enable us to prevent biometric attacks. It will make it easier for us to protect all the throughput traffic.

Our client is a medium-sized company in Bolivia with around 3,000 employees.

Their technical support is really good. They have a nice workflow.

We had Check Point and Radware solutions. Gartner Quadrant ratings were one of the key factors for going for this solution.

Its initial setup was easy. It was a one-month project, and its implementation was very fast.

Five engineers were involved in its implementation.

I would advise others to do a proof of concept. That's a good way to choose a solution. We did a proof of concept, and it gave us a good idea, so I would advise others to do that.

I would rate Arbor DDoS a nine out of ten. I am really happy with this solution.

We use it to protect websites, usually. But it's hosted in our network, our infrastructure, and the company websites as well. We are an ISP company and we provide internet services and other services to companies, like banks, etc. Part of our services is DDoS protection.

We are the ISP for government websites here in Saudi Arabia. We had a lot of attacks on those sites. The way we mitigated those attacks was by asking the people who are hosting the website about the features they were using for the websites. They specified two of the ports, and they said we're not going to allow any other port, any other service apart from these two services. We allowed the websites to be accessible through those two ports only. We blocked everything else. This was four years ago and everything has been smooth ever since.

We have a monitoring team here, which is on watch 24/7. The monitoring part is very easy with this solution.

Our customers are very happy when we provide them with the interface. We give them read-only privileges and they can review the results by themselves. They can check how many attacks they have faced and how many attacks have been blocked. That is a very valuable feature offered by Arbor DDoS.

We can also give them more privileges. They can do some tweaking according to their own systems. If they have a database running or if they have a website, they can tweak the features themselves.

Because we had some routers that were somewhat old, they were not integrated with Arbor. They did not support the NetFlow version that Arbor was running. That was a challenge. We had to upgrade the routers. Some backward-compatibility would be helpful.

The deployment is okay, stable. But when you are manipulating the countermeasures, that is the difficult part. You have to be very careful, and you have to be sure that these countermeasures will kick in when needed, that they're going to work.

We have to customize the countermeasures for each customer. That is a real challenge. We should be reviewing them every month. They might be changing their services, they might be using different ports. We have to keep asking our customers, "Okay what are you running now? What are you using now? Which port are you running now?" so that we know what to expect. We need to know which traffic would be legit and which traffic is illegitimate so that we can block the illegitimate traffic without mistakes. We don't want to block the real traffic. There is a feature in Arbor called auto-learning. We can run that and it will help us. But at the end of the day, it's for us to decide what to allow.

You cannot rely on auto because, for example, if you're running auto-learning, and the services have been running on 80, and all of a sudden it switches to 443, it will keep on blocking. You have to expect what's coming. You cannot rely on auto. Human involvement is always necessary.

If the network is expanding, of course, we would expect to need to add more equipment. We would need to expand our solution.

We had two customers from the government which came in, and they are super-important. Their services cannot go down. We had another solution from Arbor called Pravail. We had that installed for those two customers specifically. Their expected traffic is almost 8 MB, and their throughput is 12 MB. Any noise or malformed packets or out-of-sequence packets get filtered by the Pravail Solution. The bigger attacks will be handled by the TMS, the Threat Mitigation System.

Scalability is not a problem for Arbor.

Technical support is really good. ATAC has been good with us. We haven't had any problem contacting them or getting them engaged in our activities. For example, sometimes we need to customize the portal banner. For that, they have been helpful.

This is our first DDoS solution.

The initial setup is kind of complex because it requires peering. We have to design it from scratch, which makes it a little bit complex. It depends on whether we want to get it inline or if we want to apply offloading, and whether the company can afford a TMS of its own or we need to send traffic to a remote TMS, hosted by Arbor itself.

The last deployment I was involved in took almost a month-and-a-half, with another 15 days for documentation.

It took about eight to 12 people to get the deployment operational. We had people from the core who were engaged with us for the integration and bringing up the systems. After that, we had to hire some fresh resources, because, honestly, it's a new product and it's not very common. We can't really find experienced people for DDoS.

It was not much of a challenge when we were developing it and when we were deploying it because we had a resident engineer who was planning everything, who was leading everything. But after that, when we were mitigating the attacks, there were challenges because we didn't have experienced people over here and the attacks were coming day and night, 24 /7. I had to come to the office after midnight and at midday. 

But now, the system stable and the people that I'm managing are more experienced. They know stuff and it's pretty smooth now.

We engaged Arbor itself. We had a resident engineer from Arbor who came here and deployed the system. He was here for a month more for support and for any types of issues that we faced.

Go for it. It's one of the best solutions you can get for DDoS. It doesn't matter what services you're going to use. As long as you have the whole solution, the TMS and everything in-house, it's the best solution.

We have a team of 12 to deploy and monitor the solution; we have three shifts running around the clock. They monitor the system alerts. They monitor the websites using the controls that we have to protect the clients. If one of them catches an attack, there is a high-alert flag and we focus on the attack to see if it has been mitigated or not. If it needs anything, if it needs some tweaking, we have two resources on each watch, a senior resource and a junior. The junior one keeps on monitoring. The senior one comes in whenever there is something to correct or if something needs to be changed in the system.

For ISPs, Arbor DDoS would be the best solution. For smaller organizations, we can buy the services from Amazon for DDoS protection, and there's Cloudflare. But for ISPs, it's better to have Arbor DDoS because we have everything in-house. ISPs like ours have almost 120 gig bandwidth. For throughput, it's the best one.

We don't have plans to increase usage currently because when we brought the solution four years ago, we measured it a lot. We bought more than what we needed. The plan is to improve the human operability on the system itself. Things look smooth, but you cannot rely on two or three people. We have to have redundancy in the human workforce. We're planning to expand the team so that we don't need to hire any fresh resources and train them from the start. These services are very expensive and our customers are expecting a perfect solution.

We use these products because of the increase in frequency and sophistication of Denial of Service and Distributed Denial of Service attacks. As a service provider, we need to control and mitigate these attacks.

Valuable features include:

• Simple and centralized management of user access and capabilities
• Viewing and/or configuring of status, history, account, user, AAA, DNS, and NTP settings
• Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control
  

The following areas need improvement:

• Opening and tracking support tickets 
• Online support resources
• Software upgrades/updates and replacement media
• Event management guidelines.
  

The initial implementation phase was a bit tricky but after that, it worked like a charm.

Provides increased performance, scalability, and availability for Peakflow SP-based managed services.

It enables 25 simultaneous users/API per non-leader device. It scales up to ten PI devices and a maximum of 125 simultaneous logins, deployment-wide.

The setup follows a project plan based on a PIP (Performance Improvement Plan) document and the LLD. A process is created to cover site preparation, hardware staging, hardware installation, and link activation and needs the involvement of the Operations team. Deployment takes three to four months.

Our implementation strategy is as follows:

• Assign a project manager to be onsite when needed during the implementation until signoff
• Understand customer’s policies, requirements, and procedures
• Discuss and agree on the general prerequisites for the proposed solutions
• Conduct site survey
• Site preparation for the proposed solutions
• Design the proposed solutions
• Provide detailed project plan for the entire assignment
• Provide Low-Level Design
• Delivering the proposed SW and HW to the site
• Configure the solutions based on best practices
• Complete integration, fine-tuning, testing, and knowledge transfer to provide templates and guidance on use of templates to team members
• Finalize the deliverables along with the client
  

We did include an SI for the deployment. Our experience with that team was excellent as they knew what they were doing.

Pricing is slightly on the higher side.

It's an excellent product DDoS protection against attacks.

We have more than 7,000 users at all levels of access.

The solution is used for protection and to review any potential attack.

The solution is flexible, easy to implement and has an efficient technical support team.

The implementation should be made easier. 

I have been using the solution for more than five years.

It is a stable solution. It could be more stable depending on the upgrade of the software. I rate the stability an eight out of ten.

It is a scalable solution.For the cloud version the scalability is ten out of ten but for the on-premises, it depends on the sizing of the file. The solution is best for medium sized enterprises. All our clients are medium -sized enterprises.

The technical support is good.

The initial setup is easy. It takes two days to be deployed. One or two engineers are required for the deployment depending on the use cases.

I see a Return on Investment.

The pricing of the solution is cheap.

I rate the overall solution an eight out of ten.

Our business is to provide a DDoS protection solution for our customers. Our customers are banks, financial groups, etc.

We might develop some DDoS protection services for our customers under our Internet umbrella. We detect and filter traffic using Arbor DDoS in our network. 

We use it as a BGP or prompt, as a telecom service provider. We have SP and TMS, and that is all our architecture.

We resell on-premise the Arbor edition and install at our customers' site, specifically the Availability Protection System (APS) system.

It protects huge attacks on our Internet system over our network. 

We provide more granular application protection using the APS system, which is located at customer sites.

Our concern is to provide flexibility. We decided to move to this DDoS solution. We wanted to install some local filtering service in the regions. We wanted to be able to add or remove some mitigation capacity to our regional services, which is vital for us. So, we decided to develop these new features to our DDoS service.

Every day or month, we have found some new attack, but I don't think that is very important. It is just the evolution of attacks. We fix it and make a description, so we will be aware when some new attacks come. I think that the Arbor DDoS and APS solutions are quite enough at the moment, as they mitigate all attacks that we face.

The most valuable feature is the ability to work in BGP. It is not important to provide all traffic in a mitigation system every time. We have a lot of customers, and only when a proxy is detected do we use it. This has reduced the cost of our solution. 

We would like the ability to decrypt APS traffic.

We need a SaaS model for the solution.

I opened a ticket with Arbor for the ability to localize numbers of our customers in BGP sessions. This has not been resolved.

We have been using Arbor DDoS for seven years, since 2013. 

It is quite stable. There are no major important bugs, though maybe some small ones. 

There are around five people who maintain it 24 hours a day.

It is quite scalable and effective. You can add new integration services quite easily. 

There are around 60 end users/customers of this solution.

They have good support. Tickets are resolved efficiently in time with Arbor engineers.

It was quite complicated and complex to set up. 

Several engineers were required to deploy it.

There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great.

The solution has a huge price, but we are a global company so we receive global pricing, which is why we chose Arbor. We also receive good prices for Russia.

We also bought the Sentinel feature to use its flow spec because we needed to know how much traffic will be mitigated on our borders. We haven't used it yet, but we are planning on using it in the Spring. We found that the combination of the Sentinel feature with Arbor DDoS going forward is the most important feature.

We do not use the Arbor Cloud DDoS solution because it is too costly. We decided to make our proprietary cloud solution designed by our company.

Several solutions were tested, then we chose Arbor DDoS.

We evaluated several solutions, like NSFOCUS, three months ago, and decided to continue to go with Arbor. Another solution was similar to Arbor because they have a very sophisticated mitigation system. However, they still don't have a system that can analyze traffic by BGP, and their solution was to integrate with Arbor. We decided not to do that. 

Arbor is the solution for telecom services on the market.

Arbor is still the leader versus many vendors and products, which is why we decided to integrate with the Arbor solution for another three years. The solution has met our requirements.

I would recommend using Arbor DDoS.

We will buy the next version on virtual machines. We will buy a server separately with the on-premise solution, then install it on our servers where it would be virtual.

We have been thinking about creating our own DDoS solution using firewalls from other vendors.

We are looking to buy two distributed servers this year that we will need to test locally.

I would rate this solution as an eight (out of 10). Arbor DDoS is a stable solution that fulfills our requirements for DDoS protection services.

We use Arbor DDoS for network security defense.

The solution has blocked many attacks on our customer's systems that would have disrupted their operations.

Arbor DDoS is easy to use, provides effective blocking of DDoS attacks, and can be used for DNS, web, and main servers. Additionally, this solution is far easier to operate than others solutions, such as Fortinet DDoS.

I have been using Arbor DDoS for approximately four years.

The solution is very stable. In the time we have been using the solution we have not had any incidents.

We have not needed to scale the solution.

The regional support here in African could improve, such as marketing and account managers.

I have previously used Fortinet DDoS.

The solution is easy to deploy and takes approximately two days. It is easier to deploy than other solutions.

The price of this solution is a little high in the African market, it should be lower.

I rate Arbor DDoS an eight out of ten.

We receive work orders and implement them for the client. This we do in respects of MMSP solutions. 

We do not help to integrate Arbor in other companies.

An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action. I wish to compare this with Fortinet DDoS, with which I am more familiar. This solution places more of an emphasis on the behavior of the traffic and provides a response in respects of the volume. But, it also learns the traffic behavior of the customer as concerns its response to other attacks.

I would like to see a feature concerning the response or one which addresses the need for behavior learning of the customer's traffic. I am sure Arbor is working on it. 

We've been using Arbor DDoS for three years.

The stability is okay and we have not encountered problems with the solution. 

As I mentioned, we only provide support in the role of technical operators, so the question about plans for increased usage should be directed towards the operator. He is in a position to say whether he has plans to sell more equipment to his customers. While the desire to desire to sell is not at issue, the willingness of people in this country to pay for the security is. 

We received from the customer, who is an operator, all of the technical knowledge needed to support NETSCOUT.

The initial setup was okay and did not take long. 

The licensing of a complete Arbor solution, including fire-walling and unified site management, can get expensive. This is a cost-benefit scenario in which the risk of losing everything must be weighed against the increased expense of the solution. This decision lies with the end customer and it depends on his protection policy. Apparently, taking protective measures is not prevalent in our culture, as people have a tendency to think that they will not be the target of an attack, even though this may be the ultimate result. 

I believe we have 10 or 15 users who are working with the solution. 

I rate Arbor DDoS as a ten out of ten.