We performed a comparison between Cloudflare and Neustar UltraDDoS based on real PeerSpot user reviews.
Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection."When using services like Heroku, Cloudflare is very useful for CNAME flattening. I also use it for their end-to-end SSL with TLS authentication on nginx for securing servers."
"The most valuable feature of Cloudflare is the GUI. You are able to control the solution very well through the interface. There is a lot of functionality that is embedded in the service."
"DDoS attacks target unprotected machines. Cloudflare detects and stops these attacks using internal systems. It identifies incoming DDoS attacks, issuing challenges or blocking them immediately."
"Centralized, full-featured DNS."
"Generally, I am satisfied with this product."
"I rate its stability a ten out of ten."
"We're using dynamic components to build flexible pages to create and manage Git merge requests for code and reviews."
"Many websites require an SSL certificate because they sell stuff and want SSL. Cloudflare comes with an SSL certificate built in. It's automatic. You sign yourself up for Cloudflare, and an SSL certificate automatically protects your website. You don't necessarily need a certificate if you have a connection between your website and your host, the server, Cloudflare, and the host."
"In the DDoS it's difficult to validate what is a genuine request from an end user. We've started being able to do that with the logistics that they have set up. With the protection that they have provided, they are able to identify what is valid and what is not valid. We see that a person who is getting DDoS Neustar service is able to block that particular user. However, while they are doing that it doesn't affect other customers on the server."
"In the last two years, there has been a certain amount of downtime when using the VDM."
"We are a product integrator and reseller, and we would like to have a better partner relationship, similar to a channel sales relationship. Sometimes we are on our own or get diverted by Cloudflare because they have direct sales, which competes with us and makes it difficult to build a relationship with this company since we want to be an MSP or a managed service provider for the solution."
"I would like Cloudflare to offer a dedicated account manager for large enterprise clients like us."
"The solution could work at being less expensive. It costs a lot to use it."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"It should be easier to collect the logs with companies like Sumo. However, based on my discussions with the salespeople, I understand that's how they make their money. With the enterprise product, they want people doing those kinds of enterprise features to do the logging. They want them to pay a lot of money, and that's where I have an issue with them. That should be a default. You should be able to get the log no matter what. The logging should be universal."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"Even if I wanted to, I wouldn't be able to buy Cloudflare in my country."
"I would like to see a dashboard that shows you the data that is transferred from which end. It's where people start looking at abuse management. People keep questioning when the mitigation is on what service it is and how many GBs are passing through. An end user dashboard that will help you identify all of these questions and that can be visible in your entire organization is something that would make sense."
Earn 20 points
Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 57 reviews while Neustar UltraDDoS is ranked 29th in Distributed Denial of Service (DDOS) Protection. Cloudflare is rated 8.4, while Neustar UltraDDoS is rated 8.0. The top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". On the other hand, the top reviewer of Neustar UltraDDoS writes "Identifies a request that comes up multiple times, block holds that particular IP, and lets the genuine traffic pass through". Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, AWS Shield and Microsoft Azure Application Gateway, whereas Neustar UltraDDoS is most compared with Arbor DDoS.
See our list of best Distributed Denial of Service (DDOS) Protection vendors.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Imperva Incapsula is the solution to have for DDoS at L7, L3 and L4. This effective solution also provides CDN, LB, ADR, DNS protection, SIEM integration and of course has an awesome WAF! Cloud based, OPEX only - no HW!! Easy to use - done and done!
i think it's not just a DDoS on the DNS issue but the resiliency you need to provide for your Internet services. So, to better answer your questions, you have to provide some sizing of the traffic per site, the kind of internet services and number of concurrent users, the source where most traffic is coming from (West coast, East coast). It's always a balance of efficiency and practicality.
Hi,
Actually we (Radware) are one of the market leaders in both of the requested solutions.
We offer ISP load balancing and Hybrid DDoS protection.
Radware’s Linkproof (first in the industry) to ensures optimal application service level.
We optimize in real time application performance in normal WAN state for both inbound and outbound traffic, when a service is disrupted we will divert traffic from highly-utilized links and ensure service-level for real time application or business related ones (for instance VoIP , voice or just cloud applications like office 365), In addition we maintain high WAN (ISP) availability at all times and steer the traffic to the operational links when failure occurs, compared to BGP protocol we will do it instantly with no impact on the applications.
Unlike most of the competition Radware user total round trip time mechanism to ensure best user experience at all time, Radware owns a patent for this technology.
LinkProof is application aware and will use smart prioritization mechanism to ensures bandwidth management and overall bandwidth for latency-sensitive apps.
Our APM will monitors all transaction end-to-end as experienced by end user to show user friendly graphs statistics and dashboards.
Load balancing different data centers can be easily achieved with our GSLB license, our Global server load balancing (GSLB) allows Web hosters, portals and enterprises to distribute content and services geographically.
For the DDos part, we can offer protection up to L7 and SSL encrypted attacks both on prem and in the cloud, or a hybrid solution, Radware uses the same technology both on-prem and in the cloud which means when a signature was created it can apply instantly the signature in the cloud and save the le-learning process.
In addition we use our patented "user behavior" mechanism and not only rate limiting.
Reach out for more options and fine tuning the solution.
Vadim
Radware
How may I help? I mean do you need help in suggesting a working solution, design or some hands-on configuration of existing equipment to work around the threat.
For your load balancing requirement, www.cloudflare.com
For your DNS requirements, www.cloudflare.com
Hope the information provided would be useful for your consideration.
If you need more info, please feel free to email me.
Already many good suggestions listed. I'll add another DNS provider to look into: NS1 (ns1.com). They have options for private managed DNS, dedicated DNS, and a control layer for load balancing based on any number of policies you set.
All of the DNS providers listed can provide a layer of defense against DDoS, with the CDNs (Cloudflare, Incapsula, Akamai) also offering WAF. Given the nature of infrastructure attacks, many enterprises are looking to have redundant providers at the DNS level in addition to your use of separate ISPs for internet traffic. That may be an additional factor to consider in your RFP process.
Take a look at DOSarrest. www.dosarrest.com They offer a low cost quick and effective Proxy solution to mitigate DDoS attacks across their global POP's as well as a BGP/GRE option if preferred called Data Center Defender. They include Load balancing and a WAF as standard features.
for DNS DDoS Protection you may use Incapsula DNS Protection OR move your DNS services to a big DNS player with DDoS protection OR have a combination of both.
For your webservices you may use a Balancer to balance the load between your ISPs and provide High Availability also (one ISP goes down). For this you should also use your DNS to amend the dns entries.
In case you are using Incapsula you can have both your websites active at the same time (load balance) and have a WAF,CDN and DDoS protection.