Arbor DDoS vs Trellix Network Detection and Response comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Arbor DDoS and Trellix Network Detection and Response based on real PeerSpot user reviews.

Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection.
To learn more, read our detailed Distributed Denial of Service (DDOS) Protection Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Sobhakant Dhungana
Archie Scorgie
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It's just one dashboard with mitigation. You decide which mitigation you want and at what threshold to do this or that. Its operation is pretty simple. It's easy.""Reporting is quite good. There are several pages of reporting on DDoS attacks, and you can find all the details that you need.""We can reduce the bandwidth to minimize the attack level. If we see more than 2.5 GBs we drop it directly.""We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs...""In the GUI, the packet capture is a very good option, as is the option to block an IP address.""The auto-mitigation, that signaling feature, where it automatically raises an alarm that a line is under attack, is important. The upstream service provider will then do something to reduce the load on our internet lines. The fact that it's automated means I don't have to sit and always be looking at threats coming through. It does it almost automatically, without any intervention by me.""Companies that live from their presence on the internet will get a very high return on investment from Arbor.""The stateless device format means that the box is very strong for preventing DDoS attacks."

More Arbor DDoS Pros →

"Before FireEye, most of the times that an incident would happen nobody would be able to find out where or why the incident occurred and that the system is compromised. FireEye is a better product because if the incident already happened I know that the breach is there and that the system is compromised so we can take appropriate action to prevent anything from happening.""Application categorization is the most valuable feature for us. Application filtering is very interesting because other products don't give you full application filtering capabilities.""The most valuable feature is MVX, which tests all of the files that have been received in an email.""It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us.""The server appliance is good.""Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly effective in mitigating these threats.""Support is very helpful and responsive.""It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye."

More Trellix Network Detection and Response Pros →

Cons
"The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underling OS to the application version can be easily missed.""The solution's shortcomings are related to its documentation, so it's an area that needs to improve.""Auto mitigation is a feature provided when DDoS is observed on any of link/customer (configured under auto mitigation). It automatically starts mitigation with default filters. In default filter mode, there could be an impact on the customer’s link,""If we want to see live traffic, we can see do so. But once an attack that lasts for five minutes is done, the data is no longer there. It would be an improvement if we could see recent traffic in the dashboard. We can check and download live traffic, but a past attack, with all the details, such as why it happened and how to mitigate and prevent such future attacks, would be helpful to see.""The following areas need improvement: opening and tracking support tickets, online support resources, software upgrades/updates and replacement media, and event management guidelines.""The solution could be more granular to include logs per second and enhanced pipeline monitoring for router licenses.""They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports.""Arbor Pravail APS devices do not sync features or config the backup enough. This needs to be improved."

More Arbor DDoS Cons →

"The initial setup was complex because of the nature of our environment. When it comes to the type of applications and functions which we were looking at in terms of identifying malicious threats, there would be some level of complexity, if we were doing it right.""Based on what we deployed, they should emphasize the application filtering and the web center. We need to look deeper into the SSM inspection. If we get the full solution with that module, we don't need to get the SSM database from another supplier.""It is very expensive, the price could be better.""Its documentation can be improved. The main problem that I see with FireEye is the documentation. We are an official distributor and partner of FireEye, and we have access to complete documentation about how to configure or implement this technology, but for customers, very limited documentation is available openly. This is the area in which FireEye should evolve. All documents should be easily available for everyone.""It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto.""FireEye Network Security should have better integration with other vendors' firewalls or proxies, such as Palo Alto and Fortinet. Files that are being submitted should happen through the API or automatically.""Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard.""It doesn't connect with the cloud, advanced machine learning is not there. A known threat can be coming into the network and we would want the cloud to look up the problem. I would also like to see them develop more file replication and machine learning."

More Trellix Network Detection and Response Cons →

Pricing and Cost Advice
  • "Start with a small license. Measure your bandwidth requirements."
  • "Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general."
  • "As far as I know, they are the best in this sector, in DDoS protection. They know it, I know, because their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive."
  • "Arbor's products are very expensive. Their competitors are cheap when compared with Arbor."
  • "I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost."
  • "Pricing is slightly on the higher side."
  • "Arbor is striking a good balance between pricing and what they deliver."
  • "The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."
  • More Arbor DDoS Pricing and Cost Advice →

  • "Pricing and licensing are reasonable compared to competitors."
  • "The pricing is a little high."
  • "Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
  • "There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."
  • "We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
  • "FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."
  • "When I compare this solution to its competitors in the market, I find that it is a little expensive."
  • "The user fee is not as high but the maintenance fee is expensive."
  • More Trellix Network Detection and Response Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Distributed Denial of Service (DDOS) Protection solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I would say if it’s an ISP that will build a scrubbing center, Netscout/Arbor is a good solution. In all other solutions, Imperva is a great choice.
    Top Answer:Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.
    Top Answer:The quality of the technical support provided by Arbor DDoS is premium.
    Top Answer:Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly… more »
    Top Answer:Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become… more »
    Ranking
    Views
    8,063
    Comparisons
    5,726
    Reviews
    12
    Average Words per Review
    353
    Rating
    8.9
    Views
    2,032
    Comparisons
    1,439
    Reviews
    4
    Average Words per Review
    390
    Rating
    8.3
    Comparisons
    Also Known As
    Arbor Networks SP, Arbor Networks TMS, Arbor Cloud for ENT
    FireEye Network Security, FireEye
    Learn More
    Trellix
    Video Not Available
    Overview

    Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand, and solve the most complex and consequential security challenges facing their organizations.

    With Arbor DDoS you can automatically identify and stop all types of DDoS attacks and other cyber threats before they impact the availability of business-critical services.


    Arbor DDoS is an intelligently automated combination of in-cloud and on-premises DDoS attack protection that is continuously backed by global threat intelligence and expertise.

    Arbor DDoS Features and Benefits:

    • Global DDoS Protection: Arbor DDoS is an all-in-one solution offering carrier-agnostic, global DDoS protection that is backed by world-class security intelligence as well as industry leading DDoS protection products.
    • Worldwide scrubbing centers: Arbor DDoS offers comprehensive protection from the largest DDoS attacks.
    • Cloud Only and/or Hybrid Protection: The solution provides the flexibility to design comprehensive DDoS protection that fits your specific environment. It can be deployed as a cloud-only and/or an intelligent combination of in-cloud and on-premise DDoS protection.
    • Global Threat Intelligence: Arbor DDoS protection is continuously armed with the latest global threat intelligence from Netscout’s response team.
    • Automated DDoS Attack Detection and Mitigation: DDoS attacks can be automatically detected and routed to Arbor Cloud global scrubbing centers for mitigation.
    • Managed Services: To manage and optimize your on-premise DDoS protection, you can rely upon the industry-leading expertise of Arbor Networks.
    • Multi-layered Approach: As part of a layered approach to DDoS protection, Arbor Cloud provides in-cloud protection from advanced and high-volume DDoS attacks, all without interrupting access to your applications or services. Arbor Cloud’s automated or on-demand traffic scrubbing service defends against volumetric DDoS attacks that are too large to be mitigated on premises.

    Reviews from Real Users:

    Below are some of the many reasons why PeerSpot users are giving Arbor DDoS an 8 out of 10 rating:

    "We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs.” - Roman L, Sr. Security Engineer at Rackspace

    "We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available.” - Assistant General Manager at a comms service provider

    “It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler." - Erik N., Product Manager, MSx Security Services at TPx Communications

    Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.

    Offer
    Under Attack?
    Invest in better cybersecurity for your business. Find out how Arbor DDoS can help protect your network from DDoS threats.
    Learn more about Trellix Network Detection and Response
    Sample Customers
    Xtel Communications
    FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
    Top Industries
    REVIEWERS
    Comms Service Provider55%
    Financial Services Firm16%
    Computer Software Company10%
    Media Company6%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company17%
    Comms Service Provider9%
    Government7%
    REVIEWERS
    Financial Services Firm24%
    Government10%
    University10%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company10%
    Manufacturing Company8%
    Government7%
    Company Size
    REVIEWERS
    Small Business36%
    Midsize Enterprise21%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise17%
    Large Enterprise63%
    REVIEWERS
    Small Business40%
    Midsize Enterprise17%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise12%
    Large Enterprise70%
    Buyer's Guide
    Distributed Denial of Service (DDOS) Protection
    March 2024
    Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection. Updated: March 2024.
    765,234 professionals have used our research since 2012.

    Arbor DDoS is ranked 2nd in Distributed Denial of Service (DDOS) Protection with 46 reviews while Trellix Network Detection and Response is ranked 14th in ATP (Advanced Threat Protection) with 35 reviews. Arbor DDoS is rated 8.6, while Trellix Network Detection and Response is rated 8.6. The top reviewer of Arbor DDoS writes "A critical solution for security, as it includes features that can automatically detect and prevent DDoS attacks". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Blocks traffic and DDoS attacks ". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Imperva DDoS, Corero and Fortinet FortiDDoS, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Fortinet FortiGate, Zscaler Internet Access and Cisco Secure Network Analytics.

    We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.