We performed a comparison between Cloudflare and Neustar UltraDDoS based on real PeerSpot user reviews.
Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection."It is easier to configure and develop documentation to see how we have configured firewalls."
"Cloudflare is a security SaaS provider that provides security and protects us from any application layer attack."
"The technical support is good."
"Generally, I am satisfied with this product."
"I like Cloudflare's application gateway and DDoS protection."
"The most valuable feature is the web application firewall."
"From what I've seen so far, there are no negatives to report as of yet"
"The DDoS protection is the most valuable aspect of the solution."
"In the DDoS it's difficult to validate what is a genuine request from an end user. We've started being able to do that with the logistics that they have set up. With the protection that they have provided, they are able to identify what is valid and what is not valid. We see that a person who is getting DDoS Neustar service is able to block that particular user. However, while they are doing that it doesn't affect other customers on the server."
"There should be a specific price list for enterprise-level customers."
"The product support needs to be accessible from more places, a wider area of coverage."
"They lack a good way to manage DNS as a company, since everything is relegated to single account logins until you get to the higher levels. They have come out with a paid feature to remedy this, but I have not had a chance to fully review it yet to know if it fixes the access problem."
"The timing aspect can lead to it being considered overpriced. This is a particular concern we have with Cloudflare, as they may struggle with accurately detecting the client."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"In the last two years, there has been a certain amount of downtime when using the VDM."
"Technical support is lacking."
"The solution could use more analytics on the backend to give us more insights into everything. More reports would be helpful."
"I would like to see a dashboard that shows you the data that is transferred from which end. It's where people start looking at abuse management. People keep questioning when the mitigation is on what service it is and how many GBs are passing through. An end user dashboard that will help you identify all of these questions and that can be visible in your entire organization is something that would make sense."
Earn 20 points
Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 16 reviews while Neustar UltraDDoS is ranked 28th in Distributed Denial of Service (DDOS) Protection. Cloudflare is rated 8.4, while Neustar UltraDDoS is rated 8.0. The top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". On the other hand, Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, Microsoft Azure Application Gateway and AWS Shield, whereas Neustar UltraDDoS is most compared with Arbor DDoS.
See our list of best Distributed Denial of Service (DDOS) Protection vendors.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Imperva Incapsula is the solution to have for DDoS at L7, L3 and L4. This effective solution also provides CDN, LB, ADR, DNS protection, SIEM integration and of course has an awesome WAF! Cloud based, OPEX only - no HW!! Easy to use - done and done!
i think it's not just a DDoS on the DNS issue but the resiliency you need to provide for your Internet services. So, to better answer your questions, you have to provide some sizing of the traffic per site, the kind of internet services and number of concurrent users, the source where most traffic is coming from (West coast, East coast). It's always a balance of efficiency and practicality.
Hi,
Actually we (Radware) are one of the market leaders in both of the requested solutions.
We offer ISP load balancing and Hybrid DDoS protection.
Radware’s Linkproof (first in the industry) to ensures optimal application service level.
We optimize in real time application performance in normal WAN state for both inbound and outbound traffic, when a service is disrupted we will divert traffic from highly-utilized links and ensure service-level for real time application or business related ones (for instance VoIP , voice or just cloud applications like office 365), In addition we maintain high WAN (ISP) availability at all times and steer the traffic to the operational links when failure occurs, compared to BGP protocol we will do it instantly with no impact on the applications.
Unlike most of the competition Radware user total round trip time mechanism to ensure best user experience at all time, Radware owns a patent for this technology.
LinkProof is application aware and will use smart prioritization mechanism to ensures bandwidth management and overall bandwidth for latency-sensitive apps.
Our APM will monitors all transaction end-to-end as experienced by end user to show user friendly graphs statistics and dashboards.
Load balancing different data centers can be easily achieved with our GSLB license, our Global server load balancing (GSLB) allows Web hosters, portals and enterprises to distribute content and services geographically.
For the DDos part, we can offer protection up to L7 and SSL encrypted attacks both on prem and in the cloud, or a hybrid solution, Radware uses the same technology both on-prem and in the cloud which means when a signature was created it can apply instantly the signature in the cloud and save the le-learning process.
In addition we use our patented "user behavior" mechanism and not only rate limiting.
Reach out for more options and fine tuning the solution.
Vadim
Radware
How may I help? I mean do you need help in suggesting a working solution, design or some hands-on configuration of existing equipment to work around the threat.
For your load balancing requirement, https://www.cloudflare.com/load-balancing/
For your DNS requirements, https://www.cloudflare.com/dns/
Hope the information provided would be useful for your consideration.
If you need more info, please feel free to email me.
Already many good suggestions listed. I'll add another DNS provider to look into: NS1 (https://ns1.com). They have options for private managed DNS, dedicated DNS, and a control layer for load balancing based on any number of policies you set.
All of the DNS providers listed can provide a layer of defense against DDoS, with the CDNs (Cloudflare, Incapsula, Akamai) also offering WAF. Given the nature of infrastructure attacks, many enterprises are looking to have redundant providers at the DNS level in addition to your use of separate ISPs for internet traffic. That may be an additional factor to consider in your RFP process.
Take a look at DOSarrest. www.dosarrest.com They offer a low cost quick and effective Proxy solution to mitigate DDoS attacks across their global POP's as well as a BGP/GRE option if preferred called Data Center Defender. They include Load balancing and a WAF as standard features.
for DNS DDoS Protection you may use Incapsula DNS Protection OR move your DNS services to a big DNS player with DDoS protection OR have a combination of both.
For your webservices you may use a Balancer to balance the load between your ISPs and provide High Availability also (one ISP goes down). For this you should also use your DNS to amend the dns entries.
In case you are using Incapsula you can have both your websites active at the same time (load balance) and have a WAF,CDN and DDoS protection.