Arbor DDoS Room for Improvement
Their RESTful API is still a work-in-progress. They're pushing out different versions of the API with each code upgrade.
I would also like more visibility into their bad actor feeds, their fingerprint feeds. We try to be good stewards of the internet, so if there are attacks, or bad actors within our networks, if there were an easier way for us to find them, we could stop them from doing their malicious activity, and at the same time save money.View full review »
Assistant General Manager at a comms service provider with 1,001-5,000 employees
There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered as a VNF in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus.
If we could decouple the hardware and software, making it more easily available for the customers with the exact robustness of the functionality, then that would be beneficial. At the same time, it would bring in cost efficiencies, which eventually is the end goal of most CXOs within an organization.View full review »
I struggle with where the product could improve because it's pretty great the way it is.
I would just say more granular reporting, down to our customer level, would be helpful. If we could somehow import customer information in their networks, it would be able to generate reports. It might actually be able to do that right now, and we have just never used it.
I've dealt with other solutions where I said, "I wish it did this," but it didn't. We have tried some other solutions that do what Arbor does and I would often go back to them and say, "Well, I want it to do this," because we already have that now with the Arbor solution. I've dealt with other vendors and I don't see things that they're doing that Arbor doesn't do.View full review »
On the application layer, they could have a better distributed traffic flow. They could improve that a bit. For network data it is very effective, but the application layer can be improved. In today's era, attackers are also developing their skills. Daily, new threats are coming into the environment.View full review »
Network Security Architecture at a financial services firm with 501-1,000 employees
I haven't found anything to complain about or anything that they need to improve on.View full review »
Engineer at a comms service provider with 10,001+ employees
We would like the ability to decrypt APS traffic.
We need a SaaS model for the solution.
I opened a ticket with Arbor for the ability to localize numbers of our customers in BGP sessions. This has not been resolved.View full review »
Manager IP Core and Transmission Networks at GO PLC
When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives.View full review »
Traffic Management skill center at a comms service provider with 10,001+ employees
I think Arbor DDoS should be more open to other systems, in the sense of coordination between mitigation centers, like for example the capacity to ask the upstream transit provider for mitigation.
Netscout's Arbor allows it, but between Arbor systems only. It should be more open to Third party systems, that's what I mean by "openness" : evolution from Netscout signaling protocol to standardized DOTS protocol (DDOS Open Threat Signaling)
Implementation could also be improved regarding distribution of mitigation directly on network elements.View full review »
The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underlying OS to the application version can be easily missed.
Linking the white list designation on managed objects into the alert detection mechanism would be a welcome improvement. Currently, white lists to prevent dropping any traffic on important resources only apply to the mitigation process. If the white list could be used during alert detection this would prevent some false positive alerts that are coming from these known good sources.View full review »
Owner at AMPEC DATA SERVICE
An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action. I wish to compare this with Fortinet DDoS, with which I am more familiar. This solution places more of an emphasis on the behavior of the traffic and provides a response in respects of the volume. But, it also learns the traffic behavior of the customer as concerns its response to other attacks.
I would like to see a feature concerning the response or one which addresses the need for behavior learning of the customer's traffic. I am sure Arbor is working on it.View full review »
Information Security Officer at a financial services firm with 51-200 employees
They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports.View full review »
An improvement would be to provide information on how pricing is done on different customer levels (e.g. is it done per gig or bandwidth?)View full review »