Arbor DDoS vs NetWitness Platform comparison

Cancel
You must select at least 2 products to compare!
NETSCOUT Logo
8,063 views|5,726 comparisons
NetWitness Logo
1,261 views|770 comparisons
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Arbor DDoS and NetWitness Platform based on real PeerSpot user reviews.

Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection.
To learn more, read our detailed Distributed Denial of Service (DDOS) Protection Report (Updated: March 2024).
763,955 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The solution is easy to use.""The stability is okay and we have not encountered problems with the solution.""The stateless device format means that the box is very strong for preventing DDoS attacks.""The most valuable features include the traffic categorization and control of the traffic. The filtering of the traffic is very precise. When you want to stop some traffic, you precisely stop that traffic.""The solution provides good protection against volumetric DDoS attacks.""We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs...""The solution is flexible, easy to implement and has an efficient technical support team.""It has an easy-to-understand GUI...Stability-wise, I rate the solution a ten out of ten."

More Arbor DDoS Pros →

"Incident management is its most valuable feature.""The most valuable features are the integration and ease of use.""The development of use cases on the SSA console is quite user friendly. This means that the security analyst or the researcher does not have to learn another language.""The most valuable feature is the correlation. It can report in real-time and monitor the management.""I can have enterprise security, email security, next generation firewall security log, HIDS and NIDS logs, etc. all on the same dashboard. It makes it easy to pinpoint or correlate our server to this. I can find out if there is lateral movement. This is the biggest advantage of this solution.""Alerting Module: It provides real-time event processing language on all the logs/packets stream for advanced alerting, i.e., using SQL LIKE statements.""The most valuable features are its ingestion of logs and raising of alerts based on those logs.""What we are mainly using are the RSA concentrator, RSA Decoder, Archiver, Broker, and Log Decoder."

More NetWitness Platform Pros →

Cons
"Implementation could be better.""If we want to see live traffic, we can see do so. But once an attack that lasts for five minutes is done, the data is no longer there. It would be an improvement if we could see recent traffic in the dashboard. We can check and download live traffic, but a past attack, with all the details, such as why it happened and how to mitigate and prevent such future attacks, would be helpful to see.""There is definitely room for improvement in third-party intelligence and integrations.""On the main page there are alerts that we are unable to clear, even though the issue has been resolved.""Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning.""Auto mitigation is a feature provided when DDoS is observed on any of link/customer (configured under auto mitigation). It automatically starts mitigation with default filters. In default filter mode, there could be an impact on the customer’s link,""I would also like more visibility into their bad actor feeds, their fingerprint feeds. We try to be good stewards of the internet, so if there are attacks, or bad actors within our networks, if there were an easier way for us to find them, we could stop them from doing their malicious activity, and at the same time save money.""The regional support here in African could improve, such as marketing and account managers."

More Arbor DDoS Cons →

"The log system is a bit complex and has room for improvement.""The system looks like it is a mix of a bunch of different systems, and nothing looked like it was quite together.""An area for improvement would be better automation and more inbuilt use cases.""There are instances where you try to run the reports and then it does not give you the desired outcome.""Security needs improvement.""It is not so easy to customize this product.""The implementation needs assistance.""Sometimes, it gives me static when integrating Windows-based systems. It should produce a precise log of sorts as to where the problem is. For example, a few days ago because of the McAfee application firewall, I couldn't get access to the particular Windows machine. So, my team and I had to figure out by ourselves that there was a virus responsible for the obstacle. This solution should trigger a meaningful log or message indicating the reason the user or implementer can't get into the machine."

More NetWitness Platform Cons →

Pricing and Cost Advice
  • "Start with a small license. Measure your bandwidth requirements."
  • "Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general."
  • "As far as I know, they are the best in this sector, in DDoS protection. They know it, I know, because their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive."
  • "Arbor's products are very expensive. Their competitors are cheap when compared with Arbor."
  • "I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost."
  • "Pricing is slightly on the higher side."
  • "Arbor is striking a good balance between pricing and what they deliver."
  • "The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."
  • More Arbor DDoS Pricing and Cost Advice →

  • "It’s cheaper to run virtual machines in a VMware environment."
  • "The new pricing and licensing mechanisms are fair. I would advise always to get the full solution (i.e., not only Logs)."
  • "It is cheap."
  • "The licenses are good but the cost is very expensive."
  • "This is a pricey solution; it's not cheap."
  • "We have a perpetual license, so the total cost of ownership is not very expensive. It's a good investment."
  • "Many clients are not able to purchase the packet capability because there is a huge amount of data, and the cost depends on the number of EPS (Events per second), as well as the number of gigabytes of data per day."
  • "Our license is for one year."
  • More NetWitness Platform Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Distributed Denial of Service (DDOS) Protection solutions are best for your needs.
    763,955 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:I would say if it’s an ISP that will build a scrubbing center, Netscout/Arbor is a good solution. In all other solutions, Imperva is a great choice.
    Top Answer:Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.
    Top Answer:The quality of the technical support provided by Arbor DDoS is premium.
    Top Answer:The product has a user-friendly interface and a valuable feature for threat intelligence integration.
    Top Answer:The product is expensive. I rate its pricing a seven out of ten.
    Top Answer:It is quite tedious to make changes in the playbooks. There could be an option to integrate or adapt AI and machine learning for our threat-hunting solution. It should have a monitoring feature. It… more »
    Ranking
    Views
    8,063
    Comparisons
    5,726
    Reviews
    12
    Average Words per Review
    353
    Rating
    8.9
    30th
    out of 94 in Log Management
    Views
    1,261
    Comparisons
    770
    Reviews
    9
    Average Words per Review
    451
    Rating
    7.2
    Comparisons
    Also Known As
    Arbor Networks SP, Arbor Networks TMS, Arbor Cloud for ENT
    RSA Security Analytics
    Learn More
    NetWitness
    Video Not Available
    Overview

    Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand, and solve the most complex and consequential security challenges facing their organizations.

    With Arbor DDoS you can automatically identify and stop all types of DDoS attacks and other cyber threats before they impact the availability of business-critical services.


    Arbor DDoS is an intelligently automated combination of in-cloud and on-premises DDoS attack protection that is continuously backed by global threat intelligence and expertise.

    Arbor DDoS Features and Benefits:

    • Global DDoS Protection: Arbor DDoS is an all-in-one solution offering carrier-agnostic, global DDoS protection that is backed by world-class security intelligence as well as industry leading DDoS protection products.
    • Worldwide scrubbing centers: Arbor DDoS offers comprehensive protection from the largest DDoS attacks.
    • Cloud Only and/or Hybrid Protection: The solution provides the flexibility to design comprehensive DDoS protection that fits your specific environment. It can be deployed as a cloud-only and/or an intelligent combination of in-cloud and on-premise DDoS protection.
    • Global Threat Intelligence: Arbor DDoS protection is continuously armed with the latest global threat intelligence from Netscout’s response team.
    • Automated DDoS Attack Detection and Mitigation: DDoS attacks can be automatically detected and routed to Arbor Cloud global scrubbing centers for mitigation.
    • Managed Services: To manage and optimize your on-premise DDoS protection, you can rely upon the industry-leading expertise of Arbor Networks.
    • Multi-layered Approach: As part of a layered approach to DDoS protection, Arbor Cloud provides in-cloud protection from advanced and high-volume DDoS attacks, all without interrupting access to your applications or services. Arbor Cloud’s automated or on-demand traffic scrubbing service defends against volumetric DDoS attacks that are too large to be mitigated on premises.

    Reviews from Real Users:

    Below are some of the many reasons why PeerSpot users are giving Arbor DDoS an 8 out of 10 rating:

    "We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs.” - Roman L, Sr. Security Engineer at Rackspace

    "We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available.” - Assistant General Manager at a comms service provider

    “It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler." - Erik N., Product Manager, MSx Security Services at TPx Communications

    NetWitness Platform is an evolved SIEM and threat detection and response solution that functions as a single, unified platform for ALL your security data. It features an advanced analyst workbench for triaging alerts and incidents, and it orchestrates security operations programs end to end. In short: NetWitness Platform is all you need to run an intelligent SOC.

    Offer
    Under Attack?
    Invest in better cybersecurity for your business. Find out how Arbor DDoS can help protect your network from DDoS threats.
    Learn more about NetWitness Platform
    Sample Customers
    Xtel Communications
    Los Angeles World Airports, Reply
    Top Industries
    REVIEWERS
    Comms Service Provider55%
    Financial Services Firm16%
    Computer Software Company10%
    Media Company6%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company17%
    Comms Service Provider9%
    Government6%
    REVIEWERS
    Comms Service Provider24%
    Financial Services Firm24%
    Computer Software Company24%
    Manufacturing Company10%
    VISITORS READING REVIEWS
    Financial Services Firm15%
    Computer Software Company15%
    Government11%
    Insurance Company7%
    Company Size
    REVIEWERS
    Small Business36%
    Midsize Enterprise21%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise17%
    Large Enterprise63%
    REVIEWERS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business22%
    Midsize Enterprise10%
    Large Enterprise68%
    Buyer's Guide
    Distributed Denial of Service (DDOS) Protection
    March 2024
    Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection. Updated: March 2024.
    763,955 professionals have used our research since 2012.

    Arbor DDoS is ranked 2nd in Distributed Denial of Service (DDOS) Protection with 15 reviews while NetWitness Platform is ranked 30th in Log Management with 11 reviews. Arbor DDoS is rated 8.6, while NetWitness Platform is rated 7.4. The top reviewer of Arbor DDoS writes "A tool with great technical support that offers protection against DDoS attacks". On the other hand, the top reviewer of NetWitness Platform writes "A solid SIEM solution that should improve technical support and online resources to be easier to use". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Imperva DDoS, Corero and Fortinet FortiDDoS, whereas NetWitness Platform is most compared with Splunk Enterprise Security, RSA enVision, IBM Security QRadar, Microsoft Sentinel and Palo Alto Networks VM-Series.

    We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.