• Home
  • Arbor DDoS vs. NetWitness Platform

Arbor DDoS vs NetWitness Platform comparison

Cancel
You must select at least 2 products to compare!
NETSCOUT Logo

Arbor DDoS

Read 46 Arbor DDoS reviews
7,887 views|5,587 comparisons
94% willing to recommend
NetWitness Logo

NetWitness Platform

Read 36 NetWitness Platform reviews
1,183 views|721 comparisons
74% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Distributed Denial of Service (DDOS) Protection
April 2024
Executive Summary

We performed a comparison between Arbor DDoS and NetWitness Platform based on real PeerSpot user reviews.

Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection.
To learn more, read our detailed Distributed Denial of Service (DDOS) Protection Report (Updated: April 2024).
Download the complete report
768,578 professionals have used our research since 2012.
Featured Review
Sobhakant Dhungana
A stable solution offering features like analytics and attack mitigation capabilities
Nilesh Bhate
Streamlined solution that's easy to implement
Over time, NetWitness Logs and Packets has matured from a boxed solution with multiple parts to the current, more streamlined version for which we... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great.""With real-time packet capture features, you can easily and quickly response.""Valuable features include simple and centralized management of user access and capabilities, as well as Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control.""The most valuable feature is mitigation, which can blackhole the IP.""Arbor has a global ranking in reliability and credibility. They are very unique and can respond to a very wide scope of threats from their global deployment.""We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available.""The auto-mitigation, that signaling feature, where it automatically raises an alarm that a line is under attack, is important. The upstream service provider will then do something to reduce the load on our internet lines. The fact that it's automated means I don't have to sit and always be looking at threats coming through. It does it almost automatically, without any intervention by me.""The stability is okay and we have not encountered problems with the solution."

More Arbor DDoS Pros →

"The solution is really scalable for the high-end power, enterprise customer.""In my opinion, the solution's most valuable feature is its capacity to monitor network traffic, logs from devices within the network, and network captures. This capability extends beyond logs to include full network capturing.""The most valuable features are the packet decoder, log decoder, and concentrator.""Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.""Incident management is its most valuable feature.""It's quite economical compared to other solutions in the market.""The product's initial setup phase was not at all difficult.""The most valuable feature of RSA NetWitness Logs and Packets are the alerts and correlations tools."

More NetWitness Platform Pros →

Cons
"There is definitely room for improvement in third-party intelligence and integrations.""Arbor DDoS could improve out-of-the-box reporting, it could be better.""Arbor Pravail APS devices do not sync features or config the backup enough. This needs to be improved.""Because we had some routers that were somewhat old, they were not integrated with Arbor. They did not support the NetFlow version that Arbor was running. That was a challenge. We had to upgrade the routers. Some backward-compatibility would be helpful.""It is an expensive product, so there is room for improvement in terms of pricing.""Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning.""Implementation could be better.""For troubleshooting problems, it's not so intuitive. It's not straightforward. This is the core of their kernel, so they need to improve it a little bit... In F5 I have full control of everything."

More Arbor DDoS Cons →

"Lots of competing products have vulnerability protection built into their products, and this solution would be improved by including that support.""The user interface is a little bit difficult for new users and it needs to be improved.""An area for improvement would be better automation and more inbuilt use cases.""The system architecture is complex and sometimes it’s hard to troubleshoot potential problems.""The initial setup is complex. There are other solutions that are easier to implement.""The initial setup is very complex and should be simplified.""Its technical support could be better.""It is not so easy to customize this product."

More NetWitness Platform Cons →

Pricing and Cost Advice
  • "Start with a small license. Measure your bandwidth requirements."
  • "Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general."
  • "As far as I know, they are the best in this sector, in DDoS protection. They know it, I know, because their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive."
  • "Arbor's products are very expensive. Their competitors are cheap when compared with Arbor."
  • "I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost."
  • "Pricing is slightly on the higher side."
  • "Arbor is striking a good balance between pricing and what they deliver."
  • "The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."

    • More Arbor DDoS Pricing and Cost Advice →

  • "It’s cheaper to run virtual machines in a VMware environment."
  • "The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
  • "It is cheap."
  • "The licenses are good but the cost is very expensive."
  • "This is a pricey solution; it's not cheap."
  • "We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
  • "Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
  • "Our license is for one year."

    • More NetWitness Platform Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Distributed Denial of Service (DDOS) Protection solutions are best for your needs.
    See Recommendations
    768,578 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Which is the best DDoS protection solution for a big ISP for monitoring a...
    Top Answer:I would say if it’s an ISP that will build a scrubbing center, Netscout/Arbor is a good solution. In all other solutions, Imperva is a great choice.
    Read all 8 answers   →
    Which is the best DDoS protection solution for a big ISP for monitoring a...
    Top Answer:Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.
    Read all 8 answers   →
    What do you like most about Arbor DDoS?
    Top Answer:The quality of the technical support provided by Arbor DDoS is premium.
    Read all 32 answers   →
    What do you like most about NetWitness Platform?
    Top Answer:The product's initial setup phase was not at all difficult.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for NetWitness Platform?
    Top Answer:The product price was reasonable for my region and the market.
    Read all 16 answers   →
    What needs improvement with NetWitness Platform?
    Top Answer:From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building a… more »
    Read all 25 answers   →
    Ranking
    2nd
    out of 43 in Distributed Denial of Service (DDOS) Protection
    Views
    7,887
    Comparisons
    5,587
    Reviews
    12
    Average Words per Review
    353
    Rating
    8.9
    20th
    out of 95 in Log Management
    Views
    1,183
    Comparisons
    721
    Reviews
    10
    Average Words per Review
    458
    Rating
    7.2
    Comparisons
    Also Known As
    Arbor Networks SP, Arbor Networks TMS, Arbor Cloud for ENT
    RSA Security Analytics
    Learn More
    NETSCOUT
    NetWitness
    Video Not Available
    Overview

    Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand, and solve the most complex and consequential security challenges facing their organizations.

    With Arbor DDoS you can automatically identify and stop all types of DDoS attacks and other cyber threats before they impact the availability of business-critical services.


    Arbor DDoS is an intelligently automated combination of in-cloud and on-premises DDoS attack protection that is continuously backed by global threat intelligence and expertise.

    Arbor DDoS Features and Benefits:

    • Global DDoS Protection: Arbor DDoS is an all-in-one solution offering carrier-agnostic, global DDoS protection that is backed by world-class security intelligence as well as industry leading DDoS protection products.
    • Worldwide scrubbing centers: Arbor DDoS offers comprehensive protection from the largest DDoS attacks.
    • Cloud Only and/or Hybrid Protection: The solution provides the flexibility to design comprehensive DDoS protection that fits your specific environment. It can be deployed as a cloud-only and/or an intelligent combination of in-cloud and on-premise DDoS protection.
    • Global Threat Intelligence: Arbor DDoS protection is continuously armed with the latest global threat intelligence from Netscout’s response team.
    • Automated DDoS Attack Detection and Mitigation: DDoS attacks can be automatically detected and routed to Arbor Cloud global scrubbing centers for mitigation.
    • Managed Services: To manage and optimize your on-premise DDoS protection, you can rely upon the industry-leading expertise of Arbor Networks.
    • Multi-layered Approach: As part of a layered approach to DDoS protection, Arbor Cloud provides in-cloud protection from advanced and high-volume DDoS attacks, all without interrupting access to your applications or services. Arbor Cloud’s automated or on-demand traffic scrubbing service defends against volumetric DDoS attacks that are too large to be mitigated on premises.

    Reviews from Real Users:

    Below are some of the many reasons why PeerSpot users are giving Arbor DDoS an 8 out of 10 rating:

    "We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs.” - Roman L, Sr. Security Engineer at Rackspace

    "We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available.” - Assistant General Manager at a comms service provider

    “It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler." - Erik N., Product Manager, MSx Security Services at TPx Communications

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    Sample Customers
    Xtel Communications
    Los Angeles World Airports, Reply
    Top Industries
    REVIEWERS
    Comms Service Provider55%
    Financial Services Firm16%
    Computer Software Company10%
    Media Company6%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company17%
    Comms Service Provider9%
    Government7%
    REVIEWERS
    Comms Service Provider24%
    Financial Services Firm24%
    Computer Software Company24%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government10%
    Insurance Company6%
    Company Size
    REVIEWERS
    Small Business36%
    Midsize Enterprise21%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise17%
    Large Enterprise63%
    REVIEWERS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise10%
    Large Enterprise67%
    Buyer's Guide
    Distributed Denial of Service (DDOS) Protection
    April 2024
    Download Free Report
    Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection. Updated: April 2024.
    DOWNLOAD NOW
    768,578 professionals have used our research since 2012.

    Arbor DDoS is ranked 2nd in Distributed Denial of Service (DDOS) Protection with 46 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Arbor DDoS is rated 8.6, while NetWitness Platform is rated 7.4. The top reviewer of Arbor DDoS writes "A critical solution for security, as it includes features that can automatically detect and prevent DDoS attacks". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Imperva DDoS, Corero and Fortinet FortiDDoS, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Fortinet FortiSIEM.

    We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.