Arbor DDoS offers security features that automatically detect and prevent DDoS attacks. When a DDoS attack is detected targeting a specific IP, the Arbor device immediately becomes in line with the traffic and actively works to prevent the attack. This auto feature is one of the best aspects of Arbor DDoS, as it ensures timely and effective protection against such attacks.

The solution provides good protection against volumetric DDoS attacks. 

I'm a network engineer by trade. We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs, as we get charged for outbound traffic. But the biggest use right now is for DDoS.

I like Arbor's hybrid approach to DDoS protection. It's a really good setup. We have the on-premise devices and we can monitor and protect our own infrastructure and that gives us a good handle on that traffic. Since we offer it as a service to our customers, those customers really don't want their traffic leaving the data center. Since we're global, when we get to Europe, there are places where that's not possible. So having a hybrid approach, and especially now with the new features that they're installing, we can kick up to Arbor, if needed, to protect our infrastructure and still have visibility within our own deployment to see how traffic looks without having to go to the third-party portal to log in and see traffic.

Its ability to incorporate DDoS with visibility and protection from the network layer up to the application layer, through the use of the Smart Data feature, works really well. You get a lot more visibility than you would with just NetFlow, especially when we get into the situations where we're in the DDoS and seeing every single package that's coming through. In that situation, a wider scope of information is available not only to us but to other security teams as well. We coordinate with our other security teams, further down the stack, and are able to mitigate at different levels using the information that we're pulling from Arbor. We call it the "security onion." We mitigate at different layers.

Arbor's performance is its most valuable feature. The boxes are able to process huge amounts of traffic. One rec unit box can forward 20 gigabytes of traffic without any issue or without any latency towards the network. It's impressive really.

It has an easy-to-understand GUI.

Reporting is quite good. There are several pages of reporting on DDoS attacks, and you can find all the details that you need.

It's quite good out-of-path equipment. It works fine automatically for out-of-path.

The most valuable feature of the solution is that it serves as a tool for DDoS mitigation. The product is also useful when it comes to integrating the on-prem solutions with the cloud scrubbing center of Arbor DDoS.

The most valuable features include the traffic categorization and control of the traffic. The filtering of the traffic is very precise. When you want to stop some traffic, you precisely stop that traffic.

We are living in a world that is changing at a very fast pace. We have to match the pace of  the world, not only from network security per se, but also from the point of view of the security at a larger level. We are not just protecting the safety of the customer, but protecting the application as such. That is where the real threat comes from, and the challenge is being thrown to all the providers and OEMs to keep our feature set updated and adding to features for minimal costs.

The solution is stable and scalable. 

Arbor provides a full solution. They provide: 

• The possibility of alarm triggering based on flow packets. 
• Always-on and on-demand
• Implementation of BGP Flowspec. 
• Implementation with their cloud system.
• Good reporting. 

I like all the features together as a whole. It's a global solution that fits our needs. Detection is really important for us—the ability to trigger mitigation with TMS and the quality of mitigation.

What is also really important is to directly engage in mitigation on network elements, such as routers or switches, in addition to TMS mitigation. The capacity of the mitigation and the capacity to distribute mitigation on the routers are important. Using this solution as a hybrid approach to DDoS protection is an advantage. It's an important tool for managing the natural quality of service. We're quite confident about the solution and the evolution.

The most valuable feature is mitigation, which can blackhole the IP.

I love the forensics. The forensics give us the ability to look at logs and to look for anomalies and give us traffic information about customers that we might not normally have. We can also use that to assist customers in troubleshooting issues that they might be having. The forensics is what I loved the most.

The ability to correlate Arbor managed objects with internet services deployed accurately profiles traffic and makes coordinating appropriate mitigation response simple. The reporting on both alerts and mitigations provides both detailed and visually pleasing reports.

Using standard BGP, NetFlow and SNMP ensure wide compatibility. There are also peering traffic reports that can help identify upstream peering opportunities. The ATLAS aggregation service allows us to contribute to the global DDoS data and benefit from overall trends.

Arbor also allows us to create upstream remote triggered blackhole requests via BGP communities assigned from our upstream carriers. We can have the flexibility to trigger an individual or all carriers for each /32 advertisements. The system also allows us to use BGP flow spec to apply blocking filters at our routing edge nodes.

The product allows us to check real-time progress, including latency and network activities.

Analytics and its attack mitigation capabilities are valuable features of the solution.

The artificial intelligence feature is most appreciated. This solution can lower the throughput and clear the traffic, which is something really important for us. It also provides good protection.

It is user-friendly, and its integration has also been really fast. We have many critical applications, and it was easy to integrate Arbor DDoS with our website, mobile application, and web banking.

Our customers are very happy when we provide them with the interface. We give them read-only privileges and they can review the results by themselves. They can check how many attacks they have faced and how many attacks have been blocked. That is a very valuable feature offered by Arbor DDoS.

We can also give them more privileges. They can do some tweaking according to their own systems. If they have a database running or if they have a website, they can tweak the features themselves.

Valuable features include:

• Simple and centralized management of user access and capabilities
• Viewing and/or configuring of status, history, account, user, AAA, DNS, and NTP settings
• Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control
  

The solution is flexible, easy to implement and has an efficient technical support team.

The most valuable feature is the ability to work in BGP. It is not important to provide all traffic in a mitigation system every time. We have a lot of customers, and only when a proxy is detected do we use it. This has reduced the cost of our solution. 

Arbor DDoS is easy to use, provides effective blocking of DDoS attacks, and can be used for DNS, web, and main servers. Additionally, this solution is far easier to operate than others solutions, such as Fortinet DDoS.

The stateless device format means that the box is very strong for preventing DDoS attacks.

The solution is user friendly and the graphical user interface can be used for everything without logging into the CLI.

The box includes embedded bypass modules so bypasses can be performed without outages.

Hardware modules do not need to be changed when upgrading licenses for additional capacity.

The auto-mitigation and upstream signaling are awesome. With the upstream signaling, this is where the application automatically raises an alarm that the data-line is over-utilized (potentially resulting in service unavailability) or is under attack (volumetric attack). The upstream service provider will then start scrubbing and black-holing malicious connections as a means to clean up the line and relieving the load. The fact that it's automated means I don't have to sit the entire time and always be looking out for threats coming through. It does it almost automatically, without any intervention by me.

They are putting quite a good amount of effort into their research to make their products stand out from the rest.

Day by day, the solution is actually getting smarter and more useful.

It's very flexible and we can easily deploy it to our network. It's very user-friendly. We can do everything via the web interface and troubleshoot easily from the CLI. It's not complicated. I like the features.

It's very user-friendly. Everything is done through a GUI. It doesn't take much time to learn how to use it. Once you see it a few times you understand it.

It provides packet capture and we can block or whitelist whichever IPs we need to. Whatever traffic we want to block - and we get IPs from internal teams and from national teams - we block at the Arbor level only, because if it gets to the firewall then firewall bandwidth will be taken.

With Arbor, every six or 12 months, we can do DDoS testing.

Also, there are HTTP connections. We can tell it there are multiple production categories which are present in a server-type configuration and we can use that. 

In very rare situations we use it to capture traffic. If there is any malicious traffic we can capture the packet where we can see the HTTP request.

We are using it mainly for DDoS protection. Reporting functions provide good visibility. Also, API's helps us to improve our service. We are also using it by serving cloud signaling service to our customers for their on-premise APS devices.

We can reduce the bandwidth to minimize the attack level. If we see more than 2.5 GBs we drop it directly. Many times an attack is with hundreds of GBs on our devices. We're able to filter that out.

Also, it is able to find new, different IPs. Arbor keeps them for one or two days, but it will release them after some time. That enables us to blacklist them permanently so that we don't get that IP's traffic.

It also denies fragmented packets.

Specifically in the ISP infrastructure where I was working, Arbor DDoS is integrated to detect the threats and mitigation. Basically, the peak flow TMS solution and peak flow SP solution has been procured by my company. We are providing services to customers and protecting our own infrastructure as well.

When you work in an ISP or enterprise environment, the main priority is to protect your services or your customers services, like bandwidth. There must be no high volume breach towards any customer, such as a DDoS attack or application level attack. The purpose of procuring a peak flow TMS solution is to mitigate the high volume attacks towards our customers and to protect our internal infrastructure as well. This is our priority in this aspect.

The deployment methods are really important as are the mitigation templates for volumetric and application-level attacks.

Arbor DDoS's best feature is that we can put the certificates in, and it will look at layer seven and the encrypted traffic and do the required signaling.

There are a number of valuable features in this product, like Cloud Signaling and Threat Intelligence feeds.

There are two modes in the product: The first is a learning mode and the other is a production mode. First, we learn the traffic using the learning mode. We use it to fine-tune what is suspicious data and what is legitimate traffic.

The DDoS mitigation. There is no other feature.

It's just one dashboard with mitigation. You decide which mitigation you want and at what threshold to do this or that. Its operation is pretty simple. It's easy. Once you deploy it, you're optimizing your network and using the solution to its fullest.

• As an ISP, it is important to know from where the traffic comes so as to neutralize any attacks.

• The Arbor Networks SP device provided great visualization of the network traffic.

• Arbor Networks TMS is for cleaning the DDoS traffic, which is used sparsely.

• AIF
• Cloud Signalling - In my previous environment, we worked with Arbor as a carrier but in my current company some of our customers have the solution on-premise and we have to synchronize the solution with the Arbor solution that our customers have in their enterprises. The ability to work with the Arbor solution on the carrier side and on-premise provides solutions for both types of customers.

• Very user-friendly GUI
• Simplest way of mitigation
• Predefined filters/techniques to easily stop the attacks and start mitigation.

• It is user-friendly and has a very easy GUI.

• It provides the simplest method of mitigation.

• It provides predefined filters/techniques to easily stop attacks.

• DDoS amplification
• Flow specs
• Blackhole mitigation, and
• IP location policy to control traffic based on geolocation.

The solution is easy to use. The user interface is also easy to use. The documentation provided by the product is good.

In the GUI, the packet capture is a very good option, as is the option to block an IP address. These help in analyzing traffic and blocking unwanted IP addresses as a preliminary troubleshooting step.

Also, they have a customer program where, if we find a blacklisted or bad-reputation IP, we can submit it to Arbor directly.

We are able to respond quickly and prevent DDoS attacks.

Arbor Pravail APS products provide high visibility. With real-time packet capture features, you can easily and quickly response. 

Arbor has the ability to learn and self-create the appropriate profile for each customer. This ensures that false positives are kept to a minimum.