We performed a comparison between Cloudflare and Neustar UltraDDoS based on real PeerSpot user reviews.
Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection."Smaller businesses have seen great ROI due to the low investment and strong performance."
"The solution is very good at mitigating threats."
"I like Cloudflare's application gateway and DDoS protection."
"Easier http to https redirect using page rules"
"Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications."
"What I like best about Cloudflare is that my company can use it to trace and manage applications and monitor traffic. The solution tells you if there's a spike in traffic. Cloudflare also sends you a link to check your equipment and deployment and track it through peering, so it's a valuable tool."
"Cloudflare allows us to self-host services such as Rocket.Chat and Node-RED, in high-availability mode, thanks to round robin DNS which allows us to share one hostname between our two locations."
"New and innovative way to protect the client's data."
"In the DDoS it's difficult to validate what is a genuine request from an end user. We've started being able to do that with the logistics that they have set up. With the protection that they have provided, they are able to identify what is valid and what is not valid. We see that a person who is getting DDoS Neustar service is able to block that particular user. However, while they are doing that it doesn't affect other customers on the server."
"Although I think it's quite good, it doesn't provide me with all the features I would expect to have if I were using Imperva."
"Latencies are always a problem."
"It would be good if Cloudflare could have more servers for better traffic routing or an increase in the traffic routed. This is what I'd like to improve in Cloudflare."
"In the last two years, there has been a certain amount of downtime when using the VDM."
"The solution could use more analytics on the backend to give us more insights into everything. More reports would be helpful."
"One area of improvement is in the Access Rules. Hypothetically, if we wanted to block or challenge traffic outside of the United States, the only way to currently do that (as far as I know) is to enter every single country outside of the United States. That could be a labor intensive job. A solution could be to enable users to create a rule where traffic is only allowed within a certain country."
"The pricing could be improved."
"Sometimes their more advanced caching tools can cause higher first-byte times and problems with JavaScript."
"I would like to see a dashboard that shows you the data that is transferred from which end. It's where people start looking at abuse management. People keep questioning when the mitigation is on what service it is and how many GBs are passing through. An end user dashboard that will help you identify all of these questions and that can be visible in your entire organization is something that would make sense."
Earn 20 points
Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 57 reviews while Neustar UltraDDoS is ranked 30th in Distributed Denial of Service (DDOS) Protection. Cloudflare is rated 8.4, while Neustar UltraDDoS is rated 8.0. The top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". On the other hand, the top reviewer of Neustar UltraDDoS writes "Identifies a request that comes up multiple times, block holds that particular IP, and lets the genuine traffic pass through". Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, AWS Shield and Microsoft Azure Application Gateway, whereas Neustar UltraDDoS is most compared with Arbor DDoS.
See our list of best Distributed Denial of Service (DDOS) Protection vendors.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Imperva Incapsula is the solution to have for DDoS at L7, L3 and L4. This effective solution also provides CDN, LB, ADR, DNS protection, SIEM integration and of course has an awesome WAF! Cloud based, OPEX only - no HW!! Easy to use - done and done!
i think it's not just a DDoS on the DNS issue but the resiliency you need to provide for your Internet services. So, to better answer your questions, you have to provide some sizing of the traffic per site, the kind of internet services and number of concurrent users, the source where most traffic is coming from (West coast, East coast). It's always a balance of efficiency and practicality.
Hi,
Actually we (Radware) are one of the market leaders in both of the requested solutions.
We offer ISP load balancing and Hybrid DDoS protection.
Radware’s Linkproof (first in the industry) to ensures optimal application service level.
We optimize in real time application performance in normal WAN state for both inbound and outbound traffic, when a service is disrupted we will divert traffic from highly-utilized links and ensure service-level for real time application or business related ones (for instance VoIP , voice or just cloud applications like office 365), In addition we maintain high WAN (ISP) availability at all times and steer the traffic to the operational links when failure occurs, compared to BGP protocol we will do it instantly with no impact on the applications.
Unlike most of the competition Radware user total round trip time mechanism to ensure best user experience at all time, Radware owns a patent for this technology.
LinkProof is application aware and will use smart prioritization mechanism to ensures bandwidth management and overall bandwidth for latency-sensitive apps.
Our APM will monitors all transaction end-to-end as experienced by end user to show user friendly graphs statistics and dashboards.
Load balancing different data centers can be easily achieved with our GSLB license, our Global server load balancing (GSLB) allows Web hosters, portals and enterprises to distribute content and services geographically.
For the DDos part, we can offer protection up to L7 and SSL encrypted attacks both on prem and in the cloud, or a hybrid solution, Radware uses the same technology both on-prem and in the cloud which means when a signature was created it can apply instantly the signature in the cloud and save the le-learning process.
In addition we use our patented "user behavior" mechanism and not only rate limiting.
Reach out for more options and fine tuning the solution.
Vadim
Radware
How may I help? I mean do you need help in suggesting a working solution, design or some hands-on configuration of existing equipment to work around the threat.
For your load balancing requirement, www.cloudflare.com
For your DNS requirements, www.cloudflare.com
Hope the information provided would be useful for your consideration.
If you need more info, please feel free to email me.
Already many good suggestions listed. I'll add another DNS provider to look into: NS1 (ns1.com). They have options for private managed DNS, dedicated DNS, and a control layer for load balancing based on any number of policies you set.
All of the DNS providers listed can provide a layer of defense against DDoS, with the CDNs (Cloudflare, Incapsula, Akamai) also offering WAF. Given the nature of infrastructure attacks, many enterprises are looking to have redundant providers at the DNS level in addition to your use of separate ISPs for internet traffic. That may be an additional factor to consider in your RFP process.
Take a look at DOSarrest. www.dosarrest.com They offer a low cost quick and effective Proxy solution to mitigate DDoS attacks across their global POP's as well as a BGP/GRE option if preferred called Data Center Defender. They include Load balancing and a WAF as standard features.
for DNS DDoS Protection you may use Incapsula DNS Protection OR move your DNS services to a big DNS player with DDoS protection OR have a combination of both.
For your webservices you may use a Balancer to balance the load between your ISPs and provide High Availability also (one ISP goes down). For this you should also use your DNS to amend the dns entries.
In case you are using Incapsula you can have both your websites active at the same time (load balance) and have a WAF,CDN and DDoS protection.