We performed a comparison between Arbor DDoS and NetWitness Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection."The solution is easy to use."
"The stability is okay and we have not encountered problems with the solution."
"The stateless device format means that the box is very strong for preventing DDoS attacks."
"The most valuable features include the traffic categorization and control of the traffic. The filtering of the traffic is very precise. When you want to stop some traffic, you precisely stop that traffic."
"The solution provides good protection against volumetric DDoS attacks."
"We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs..."
"The solution is flexible, easy to implement and has an efficient technical support team."
"It has an easy-to-understand GUI...Stability-wise, I rate the solution a ten out of ten."
"Incident management is its most valuable feature."
"The most valuable features are the integration and ease of use."
"The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language."
"The most valuable feature is the correlation. It can report in real-time and monitor the management."
"I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution."
"Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements."
"The most valuable features are its ingestion of logs and raising of alerts based on those logs."
"What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."
"Implementation could be better."
"If we want to see live traffic, we can see do so. But once an attack that lasts for five minutes is done, the data is no longer there. It would be an improvement if we could see recent traffic in the dashboard. We can check and download live traffic, but a past attack, with all the details, such as why it happened and how to mitigate and prevent such future attacks, would be helpful to see."
"There is definitely room for improvement in third-party intelligence and integrations."
"On the main page there are alerts that we are unable to clear, even though the issue has been resolved."
"Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning."
"Auto mitigation is a feature provided when DDoS is observed on any of link/customer (configured under auto mitigation). It automatically starts mitigation with default filters. In default filter mode, there could be an impact on the customer’s link,"
"I would also like more visibility into their bad actor feeds, their fingerprint feeds. We try to be good stewards of the internet, so if there are attacks, or bad actors within our networks, if there were an easier way for us to find them, we could stop them from doing their malicious activity, and at the same time save money."
"The regional support here in African could improve, such as marketing and account managers."
"The log system is a bit complex and has room for improvement."
"The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together."
"An area for improvement would be better automation and more inbuilt use cases."
"There are instances where you try to run the reports and then it does not give you the desired outcome."
"Security needs improvement."
"It is not so easy to customize this product."
"The implementation needs assistance."
"Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."
Arbor DDoS is ranked 2nd in Distributed Denial of Service (DDOS) Protection with 15 reviews while NetWitness Platform is ranked 30th in Log Management with 11 reviews. Arbor DDoS is rated 8.6, while NetWitness Platform is rated 7.4. The top reviewer of Arbor DDoS writes "A tool with great technical support that offers protection against DDoS attacks". On the other hand, the top reviewer of NetWitness Platform writes "A solid SIEM solution that should improve technical support and online resources to be easier to use". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Imperva DDoS, Corero and Fortinet FortiDDoS, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Palo Alto Networks VM-Series.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.