• Home
  • Arbor DDoS vs. Trellix Network Detection and Response

Arbor DDoS vs Trellix Network Detection and Response comparison

Cancel
You must select at least 2 products to compare!
NETSCOUT Logo
Arbor DDoS
Read 46 Arbor DDoS reviews
7,765 views|5,511 comparisons
94% willing to recommend
Trellix Logo
Trellix Network Detection and Response
Read 37 Trellix Network Detection and Response reviews
1,917 views|1,335 comparisons
97% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Distributed Denial of Service (DDOS) Protection
April 2024
Executive Summary

We performed a comparison between Arbor DDoS and Trellix Network Detection and Response based on real PeerSpot user reviews.

Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection.
To learn more, read our detailed Distributed Denial of Service (DDOS) Protection Report (Updated: April 2024).
Download the complete report
769,976 professionals have used our research since 2012.
Featured Review
Sobhakant Dhungana
A stable solution offering features like analytics and attack mitigation capabilities
BiswabhanuPanda
Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity...
We had a serious incident where an attacker attempted a web shell attack on one of our web servers [DevOps server]. We were able to identify that... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I like all the features together as a whole.""Predefined filters/techniques to easily stop the attacks and start mitigation.""Our customers are very happy when we provide them with the interface... They can check how many attacks they have faced and how many attacks have been blocked.""The solution is easy to use.""We also use it by serving our customers' cloud signaling services with on-premise APS devices.""It provides packet capture and we can block or whitelist whichever IPs we need to. Whatever traffic we want to block - and we get IPs from internal teams and from national teams - we block at the Arbor level only, because if it gets to the firewall then firewall bandwidth will be taken.""We are able to respond quickly and prevent DDoS attacks.""The stateless device format means that the box is very strong for preventing DDoS attacks."

More Arbor DDoS Pros →

"The server appliance is good.""Very functional and good for detecting malicious traffic.""We wanted to cross-reference that activity with the network traffic just to be sure there was no lateral movement. With Trellix, we easily confirmed that there was no lateral network involvement and that nothing else was infected. It helped us correlate the events and feel confident in our containment.""We see ROI in the sense that we don't have to react because it stops anything from hurting the network. We can stop it before we have a bigger mess to clean up.""It allows us to be more hands off in checking on emails and networking traffic. We can set up a bunch of different alerts and have it alert us.""It protects from signature-based attacks and signature-less attacks. The sandboxing technology, invented by FireEye, is very valuable. Our customers go for FireEye because of the sandboxing feature. When there is a threat or any malicious activity with a signature, it can be blocked by IPS. However, attacks that do not have any signatures and are very new can only be blocked by using the sandboxing feature, which is available only in FireEye. So, FireEye has both engines. It has an IPS engine and a sandbox engine, which is the best part. You can get complete network protection by using FireEye.""If we are receiving spam emails, or other types of malicious email coming from a particular email ID, then we are able to block them using this solution.""It is stable and quite protective. It has a lot of features to scan a lot of malicious things and vulnerabilities."

More Trellix Network Detection and Response Pros →

Cons
"For troubleshooting problems, it's not so intuitive. It's not straightforward. This is the core of their kernel, so they need to improve it a little bit... In F5 I have full control of everything.""Arbor DDoS could improve out-of-the-box reporting, it could be better.""The look and feel of the management console is a little old, excessively simple. If you compare it with other solutions, the look and feel of the console is like you're using technology from five or six years ago. It doesn't show all the technology that is actually behind it. It looks like an older solution, even though it is not.""Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning.""Implementation could be better.""It is an expensive product, so there is room for improvement in terms of pricing.""When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives.""The implementation should be made easier."

More Arbor DDoS Cons →

"Improvements could be achieved through greater integration capabilities with different firewall solutions. Integrating with the dashboard itself for different firewalls so users can also pull tags into their firewall dashboard.""They can maybe consider supporting some compliance standards. When we are configuring rules and policies, it can guide whether they are compliant with a particular compliance authority. In addition, if I have configured some rules that have not been used, it should give a report saying that these rules have not been used in the last three months or six months so that I disable or delete those rules.""As far as future inclusions, it would be useful to display more threat intelligence, such as the actual area of the threat and the origin of the web crawling (Tor and Dark Web).""The problem with FireEye is that they don't allow VM or sandbox customization. The user doesn't have control of the VMs that are inside the box. It comes from the vendor as-is. Some users like to have control of it. Like what type of Windows and what type of applications and they have zero control over this.""It would be very helpful if there were better integration with other solutions from other vendors, such as Fortinet and Palo Alto.""Stability issues manifested in terms of throughput maximization.""There is a lot of room for Improvement in the offering, from cost to functionality. It is pretty straightforward to implement which is an advantage. However, it falls short in pricing, detection capabilities, and, most importantly, reporting and policy management.""It is very expensive, the price could be better."

More Trellix Network Detection and Response Cons →

Pricing and Cost Advice
  • "Start with a small license. Measure your bandwidth requirements."
  • "Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general."
  • "As far as I know, they are the best in this sector, in DDoS protection. They know it, I know, because their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive."
  • "Arbor's products are very expensive. Their competitors are cheap when compared with Arbor."
  • "I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost."
  • "Pricing is slightly on the higher side."
  • "Arbor is striking a good balance between pricing and what they deliver."
  • "The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."

    • More Arbor DDoS Pricing and Cost Advice →

  • "Pricing and licensing are reasonable compared to competitors."
  • "The pricing is a little high."
  • "Because of what the FireEye product does, it has significantly decreased our mean time in being able to identify and detect malicious threats. The company that I work with is a very mature organization, and we have seen the meantime to analysis decrease by at least tenfold."
  • "There are some additional services that I understand the vendor provides, but our approach was to package all of the features that we were looking to use into the product."
  • "We're partners with Cisco so we get a reasonable price. It's cheaper than Palo Alto in terms of licensing."
  • "FireEye is comparable to other products, such as HX, but seems expensive. It may cause us to look at other products in the market."
  • "When I compare this solution to its competitors in the market, I find that it is a little expensive."
  • "The user fee is not as high but the maintenance fee is expensive."

    • More Trellix Network Detection and Response Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Distributed Denial of Service (DDOS) Protection solutions are best for your needs.
    See Recommendations
    769,976 professionals have used our research since 2012.
    Questions from the Community
    Which is the best DDoS protection solution for a big ISP for monitoring a...
    Top Answer:I would say if it’s an ISP that will build a scrubbing center, Netscout/Arbor is a good solution. In all other solutions, Imperva is a great choice.
    Read all 8 answers   →
    Which is the best DDoS protection solution for a big ISP for monitoring a...
    Top Answer:Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.
    Read all 8 answers   →
    What do you like most about Arbor DDoS?
    Top Answer:The quality of the technical support provided by Arbor DDoS is premium.
    Read all 32 answers   →
    What do you like most about FireEye Network Security?
    Top Answer:Over the thirteen years of using the product, we have not experienced a single compromise in our environment. During the COVID period, we faced numerous DDoS attacks, and the tool proved highly… more »
    Read all 23 answers   →
    What is your experience regarding pricing and costs for FireEye Network S...
    Top Answer:The tool is a bit pricey.
    Read all 15 answers   →
    What needs improvement with FireEye Network Security?
    Top Answer:Certain features in Trellix Network Detection and Response, such as using AL-type commands, may initially pose a challenge for those unfamiliar with such commands. However, once users become… more »
    Read all 23 answers   →
    Ranking
    2nd
    out of 43 in Distributed Denial of Service (DDOS) Protection
    Views
    7,765
    Comparisons
    5,511
    Reviews
    11
    Average Words per Review
    370
    Rating
    9.0
    9th
    out of 37 in Advanced Threat Protection (ATP)
    Views
    1,917
    Comparisons
    1,335
    Reviews
    6
    Average Words per Review
    562
    Rating
    8.5
    Comparisons
    Also Known As
    Arbor Networks SP, Arbor Networks TMS, Arbor Cloud for ENT
    FireEye Network Security, FireEye
    Learn More
    NETSCOUT
    Trellix
    Video Not Available
    Overview

    Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand, and solve the most complex and consequential security challenges facing their organizations.

    With Arbor DDoS you can automatically identify and stop all types of DDoS attacks and other cyber threats before they impact the availability of business-critical services.


    Arbor DDoS is an intelligently automated combination of in-cloud and on-premises DDoS attack protection that is continuously backed by global threat intelligence and expertise.

    Arbor DDoS Features and Benefits:

    • Global DDoS Protection: Arbor DDoS is an all-in-one solution offering carrier-agnostic, global DDoS protection that is backed by world-class security intelligence as well as industry leading DDoS protection products.
    • Worldwide scrubbing centers: Arbor DDoS offers comprehensive protection from the largest DDoS attacks.
    • Cloud Only and/or Hybrid Protection: The solution provides the flexibility to design comprehensive DDoS protection that fits your specific environment. It can be deployed as a cloud-only and/or an intelligent combination of in-cloud and on-premise DDoS protection.
    • Global Threat Intelligence: Arbor DDoS protection is continuously armed with the latest global threat intelligence from Netscout’s response team.
    • Automated DDoS Attack Detection and Mitigation: DDoS attacks can be automatically detected and routed to Arbor Cloud global scrubbing centers for mitigation.
    • Managed Services: To manage and optimize your on-premise DDoS protection, you can rely upon the industry-leading expertise of Arbor Networks.
    • Multi-layered Approach: As part of a layered approach to DDoS protection, Arbor Cloud provides in-cloud protection from advanced and high-volume DDoS attacks, all without interrupting access to your applications or services. Arbor Cloud’s automated or on-demand traffic scrubbing service defends against volumetric DDoS attacks that are too large to be mitigated on premises.

    Reviews from Real Users:

    Below are some of the many reasons why PeerSpot users are giving Arbor DDoS an 8 out of 10 rating:

    "We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs.” - Roman L, Sr. Security Engineer at Rackspace

    "We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available.” - Assistant General Manager at a comms service provider

    “It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler." - Erik N., Product Manager, MSx Security Services at TPx Communications

    Detect the undetectable and stop evasive attacks. Trellix Network Detection and Response (NDR) helps your team focus on real attacks, contain intrusions with speed and intelligence, and eliminate your cybersecurity weak points.

    Sample Customers
    Xtel Communications
    FFRDC, Finansbank, Japan Advanced Institute of Science and Technology, Investis, Kelsey-Seybold Clinic, Bank of Thailand, City of Miramar, Citizens National Bank, D-Wave Systems
    Top Industries
    REVIEWERS
    Comms Service Provider55%
    Financial Services Firm16%
    Computer Software Company10%
    Media Company6%
    VISITORS READING REVIEWS
    Financial Services Firm17%
    Computer Software Company17%
    Comms Service Provider8%
    Government7%
    REVIEWERS
    Financial Services Firm22%
    Computer Software Company13%
    Government9%
    University9%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company9%
    Manufacturing Company8%
    Government8%
    Company Size
    REVIEWERS
    Small Business36%
    Midsize Enterprise21%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business20%
    Midsize Enterprise17%
    Large Enterprise62%
    REVIEWERS
    Small Business39%
    Midsize Enterprise18%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    Buyer's Guide
    Distributed Denial of Service (DDOS) Protection
    April 2024
    Download Free Report
    Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection. Updated: April 2024.
    DOWNLOAD NOW
    769,976 professionals have used our research since 2012.

    Arbor DDoS is ranked 2nd in Distributed Denial of Service (DDOS) Protection with 46 reviews while Trellix Network Detection and Response is ranked 9th in Advanced Threat Protection (ATP) with 37 reviews. Arbor DDoS is rated 8.6, while Trellix Network Detection and Response is rated 8.4. The top reviewer of Arbor DDoS writes "A critical solution for security, as it includes features that can automatically detect and prevent DDoS attacks". On the other hand, the top reviewer of Trellix Network Detection and Response writes "Offers in-depth investigation capabilities, integrates well and smoothly transitioned from a lower-capacity appliance to a higher one". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Corero, Imperva DDoS and A10 Thunder TPS, whereas Trellix Network Detection and Response is most compared with Fortinet FortiSandbox, Palo Alto Networks WildFire, Zscaler Internet Access, Fortinet FortiGate and CyberArk Privileged Access Manager.

    We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.