• Home
  • Arbor DDoS vs. NetWitness Platform

Arbor DDoS vs NetWitness Platform comparison

Cancel
You must select at least 2 products to compare!
NETSCOUT Logo

Arbor DDoS

Read 46 Arbor DDoS reviews
7,887 views|5,587 comparisons
94% willing to recommend
NetWitness Logo

NetWitness Platform

Read 36 NetWitness Platform reviews
1,183 views|721 comparisons
74% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Distributed Denial of Service (DDOS) Protection
April 2024
Executive Summary

We performed a comparison between Arbor DDoS and NetWitness Platform based on real PeerSpot user reviews.

Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection.
To learn more, read our detailed Distributed Denial of Service (DDOS) Protection Report (Updated: April 2024).
Download the complete report
767,995 professionals have used our research since 2012.
Featured Review
Sobhakant Dhungana
A stable solution offering features like analytics and attack mitigation capabilities
Nilesh Bhate
Streamlined solution that's easy to implement
Over time, NetWitness Logs and Packets has matured from a boxed solution with multiple parts to the current, more streamlined version for which we... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The quality of the technical support provided by Arbor DDoS is premium.""We can reduce the bandwidth to minimize the attack level. If we see more than 2.5 GBs we drop it directly.""The product allows us to check real-time progress, including latency and network activities.""The auto-mitigation, that signaling feature, where it automatically raises an alarm that a line is under attack, is important. The upstream service provider will then do something to reduce the load on our internet lines. The fact that it's automated means I don't have to sit and always be looking at threats coming through. It does it almost automatically, without any intervention by me.""Our customers are very happy when we provide them with the interface... They can check how many attacks they have faced and how many attacks have been blocked.""There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great.""The most valuable features include the traffic categorization and control of the traffic. The filtering of the traffic is very precise. When you want to stop some traffic, you precisely stop that traffic.""We are able to respond quickly and prevent DDoS attacks."

More Arbor DDoS Pros →

"The most valuable feature is the hunting ability to work in a CERT.""What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder.""The most valuable features are the integration and ease of use.""Possibility to investigate incidents based on logs and raw packets, such as extracting files sent over the network""Performance and reporting are very good.""The most valuable feature is the ability to write rules and triggers for network communication, and then being able to investigate based on that.""The most valuable features are the packet inspection and the automated incident response.""NetWitness Platform is valuable for creating rules that the solution must detect."

More NetWitness Platform Pros →

Cons
"When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives.""Arbor's SSL decryption is confusing and needs external cards to be installed in the devices. This is not the best solution from an architectural point of view for protecting HTTPS and every other protocol that is SSL encrypted.""The implementation should be made easier.""There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered in the VNS form in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus.""The solution could be more granular to include logs per second and enhanced pipeline monitoring for router licenses.""The solution's shortcomings are related to its documentation, so it's an area that needs to improve.""An issue which needs to be addressed concerns information I received of attacks on the radar and Arbor, allegedly, not taking any action.""An improvement to Arbor DDoS would be to make evaluation licenses and virtual machines available."

More Arbor DDoS Cons →

"There is no support for this product in this country, so problems have to be resolved through global technical teams.""Health monitoring of the event sources and devices.""They should implement algorithms to digest that data and produce additional, more advanced reporting, alerting and support of internal security teams.""Its technical support could be better.""More customizability is required, which is something that they need to improve on.""Security needs improvement.""The user interface is a little bit difficult for new users and it needs to be improved.""The initial setup was complex because it takes a lot of time to complete the implementation."

More NetWitness Platform Cons →

Pricing and Cost Advice
  • "Start with a small license. Measure your bandwidth requirements."
  • "Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general."
  • "As far as I know, they are the best in this sector, in DDoS protection. They know it, I know, because their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive."
  • "Arbor's products are very expensive. Their competitors are cheap when compared with Arbor."
  • "I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost."
  • "Pricing is slightly on the higher side."
  • "Arbor is striking a good balance between pricing and what they deliver."
  • "The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."

    • More Arbor DDoS Pricing and Cost Advice →

  • "It’s cheaper to run virtual machines in a VMware environment."
  • "The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
  • "It is cheap."
  • "The licenses are good but the cost is very expensive."
  • "This is a pricey solution; it's not cheap."
  • "We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
  • "Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
  • "Our license is for one year."

    • More NetWitness Platform Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Distributed Denial of Service (DDOS) Protection solutions are best for your needs.
    See Recommendations
    767,995 professionals have used our research since 2012.
    Comparison Review
    Vinod Shankar
    HP ArcSight vs. IBM QRadar vs. ​McAfee Nitro vs. Splunk vs. RSA Security vs. LogRhythm
    We at Infosecnirvana.com have done several posts on SIEM. After the Dummies Guide on SIEM, we are following it up with a SIEM Product Comparison – 101 deck. So, here it is for your viewing pleasure. Let me know what you think by posting your comments below. The key products compared here are based on Gartner Magic Q which is what Organizations typically use to select SIEM vendors. The Vendors mentioned here in the deck are : 1. HP ArcSight 2. McAfee Nitro 3. IBM QRadar 4. Splunk SIEM 5. RSA Security Analytic 6. LogRhythm. SIEM Technology Space SIEM market analysis of the last 3 years suggest: Market consolidation of SIEM players (25 vendors in 2011 to 16 vendors in 2013)Only products with technology maturity and a strong road map have featured in leaders quadrant.HP ArcSight & IBM Q1 Labs have maintained leadership in SIEM industry with continued technology upgradeMcAfee Nitro has strong product features & road map to challenge HP & IBM for leadershipHPArcSight The ArcSight Enterprise Threat and Risk Management (ETRM) Platform is an integrated set of products for collecting, analysing, and managing enterprise Security Event information ArcSight Enterprise Security Manager (ESM): Correlation and analysis engine used to identify security threat in real-time& virtual environments ArcSight Logger: Log storage and Search solution ArcSight IdentityView: User Identity tracking/User activity monitoring ArcSight Connectors: For data collection from a variety of data… Read more →
    Questions from the Community
    Which is the best DDoS protection solution for a big ISP for monitoring a...
    Top Answer:I would say if it’s an ISP that will build a scrubbing center, Netscout/Arbor is a good solution. In all other solutions, Imperva is a great choice.
    Read all 8 answers   →
    Which is the best DDoS protection solution for a big ISP for monitoring a...
    Top Answer:Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.
    Read all 8 answers   →
    What do you like most about Arbor DDoS?
    Top Answer:The quality of the technical support provided by Arbor DDoS is premium.
    Read all 32 answers   →
    What do you like most about NetWitness Platform?
    Top Answer:The product's initial setup phase was not at all difficult.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for NetWitness Platform?
    Top Answer:The product price was reasonable for my region and the market.
    Read all 16 answers   →
    What needs improvement with NetWitness Platform?
    Top Answer:From an improvement perspective, the NetWitness Platform needs to release new features and improve in areas like log correlation. The tool needs to have easier integrations with the cloud. Building a… more »
    Read all 25 answers   →
    Ranking
    2nd
    out of 43 in Distributed Denial of Service (DDOS) Protection
    Views
    7,887
    Comparisons
    5,587
    Reviews
    12
    Average Words per Review
    353
    Rating
    8.9
    20th
    out of 95 in Log Management
    Views
    1,183
    Comparisons
    721
    Reviews
    10
    Average Words per Review
    458
    Rating
    7.2
    Comparisons
    Also Known As
    Arbor Networks SP, Arbor Networks TMS, Arbor Cloud for ENT
    RSA Security Analytics
    Learn More
    NETSCOUT
    NetWitness
    Video Not Available
    Overview

    Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand, and solve the most complex and consequential security challenges facing their organizations.

    With Arbor DDoS you can automatically identify and stop all types of DDoS attacks and other cyber threats before they impact the availability of business-critical services.


    Arbor DDoS is an intelligently automated combination of in-cloud and on-premises DDoS attack protection that is continuously backed by global threat intelligence and expertise.

    Arbor DDoS Features and Benefits:

    • Global DDoS Protection: Arbor DDoS is an all-in-one solution offering carrier-agnostic, global DDoS protection that is backed by world-class security intelligence as well as industry leading DDoS protection products.
    • Worldwide scrubbing centers: Arbor DDoS offers comprehensive protection from the largest DDoS attacks.
    • Cloud Only and/or Hybrid Protection: The solution provides the flexibility to design comprehensive DDoS protection that fits your specific environment. It can be deployed as a cloud-only and/or an intelligent combination of in-cloud and on-premise DDoS protection.
    • Global Threat Intelligence: Arbor DDoS protection is continuously armed with the latest global threat intelligence from Netscout’s response team.
    • Automated DDoS Attack Detection and Mitigation: DDoS attacks can be automatically detected and routed to Arbor Cloud global scrubbing centers for mitigation.
    • Managed Services: To manage and optimize your on-premise DDoS protection, you can rely upon the industry-leading expertise of Arbor Networks.
    • Multi-layered Approach: As part of a layered approach to DDoS protection, Arbor Cloud provides in-cloud protection from advanced and high-volume DDoS attacks, all without interrupting access to your applications or services. Arbor Cloud’s automated or on-demand traffic scrubbing service defends against volumetric DDoS attacks that are too large to be mitigated on premises.

    Reviews from Real Users:

    Below are some of the many reasons why PeerSpot users are giving Arbor DDoS an 8 out of 10 rating:

    "We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs.” - Roman L, Sr. Security Engineer at Rackspace

    "We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available.” - Assistant General Manager at a comms service provider

    “It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler." - Erik N., Product Manager, MSx Security Services at TPx Communications

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    Sample Customers
    Xtel Communications
    Los Angeles World Airports, Reply
    Top Industries
    REVIEWERS
    Comms Service Provider55%
    Financial Services Firm16%
    Computer Software Company10%
    Media Company6%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company17%
    Comms Service Provider9%
    Government7%
    REVIEWERS
    Comms Service Provider24%
    Financial Services Firm24%
    Computer Software Company24%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company14%
    Government10%
    Insurance Company6%
    Company Size
    REVIEWERS
    Small Business36%
    Midsize Enterprise21%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise17%
    Large Enterprise62%
    REVIEWERS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise10%
    Large Enterprise68%
    Buyer's Guide
    Distributed Denial of Service (DDOS) Protection
    April 2024
    Download Free Report
    Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection. Updated: April 2024.
    DOWNLOAD NOW
    767,995 professionals have used our research since 2012.

    Arbor DDoS is ranked 2nd in Distributed Denial of Service (DDOS) Protection with 46 reviews while NetWitness Platform is ranked 20th in Log Management with 36 reviews. Arbor DDoS is rated 8.6, while NetWitness Platform is rated 7.4. The top reviewer of Arbor DDoS writes "A critical solution for security, as it includes features that can automatically detect and prevent DDoS attacks". On the other hand, the top reviewer of NetWitness Platform writes "Can find out if there is lateral movement, but integration and workflow need improvement". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Imperva DDoS, Corero and Fortinet FortiDDoS, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Fortinet FortiSIEM.

    We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.