What is our primary use case?
Our business is to provide a DDoS protection solution for our customers. Our customers are banks, financial groups, etc.
We might develop some DDoS protection services for our customers under our Internet umbrella. We detect and filter traffic using Arbor DDoS in our network.
We use it as a BGP or prompt, as a telecom service provider. We have SP and TMS, and that is all our architecture.
We resell on-premise the Arbor edition and install at our customers' site, specifically the Availability Protection System (APS) system.
How has it helped my organization?
It protects huge attacks on our Internet system over our network.
We provide more granular application protection using the APS system, which is located at customer sites.
Our concern is to provide flexibility. We decided to move to this DDoS solution. We wanted to install some local filtering service in the regions. We wanted to be able to add or remove some mitigation capacity to our regional services, which is vital for us. So, we decided to develop these new features to our DDoS service.
Every day or month, we have found some new attack, but I don't think that is very important. It is just the evolution of attacks. We fix it and make a description, so we will be aware when some new attacks come. I think that the Arbor DDoS and APS solutions are quite enough at the moment, as they mitigate all attacks that we face.
What is most valuable?
The most valuable feature is the ability to work in BGP. It is not important to provide all traffic in a mitigation system every time. We have a lot of customers, and only when a proxy is detected do we use it. This has reduced the cost of our solution.
What needs improvement?
We would like the ability to decrypt APS traffic.
We need a SaaS model for the solution.
I opened a ticket with Arbor for the ability to localize numbers of our customers in BGP sessions. This has not been resolved.
For how long have I used the solution?
We have been using Arbor DDoS for seven years, since 2013.
What do I think about the stability of the solution?
It is quite stable. There are no major important bugs, though maybe some small ones.
There are around five people who maintain it 24 hours a day.
What do I think about the scalability of the solution?
It is quite scalable and effective. You can add new integration services quite easily.
There are around 60 end users/customers of this solution.
How are customer service and technical support?
They have good support. Tickets are resolved efficiently in time with Arbor engineers.
How was the initial setup?
It was quite complicated and complex to set up.
What about the implementation team?
Several engineers were required to deploy it.
What was our ROI?
There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great.
What's my experience with pricing, setup cost, and licensing?
The solution has a huge price, but we are a global company so we receive global pricing, which is why we chose Arbor. We also receive good prices for Russia.
We also bought the Sentinel feature to use its flow spec because we needed to know how much traffic will be mitigated on our borders. We haven't used it yet, but we are planning on using it in the Spring. We found that the combination of the Sentinel feature with Arbor DDoS going forward is the most important feature.
We do not use the Arbor Cloud DDoS solution because it is too costly. We decided to make our proprietary cloud solution designed by our company.
Which other solutions did I evaluate?
Several solutions were tested, then we chose Arbor DDoS.
We evaluated several solutions, like NSFOCUS, three months ago, and decided to continue to go with Arbor. Another solution was similar to Arbor because they have a very sophisticated mitigation system. However, they still don't have a system that can analyze traffic by BGP, and their solution was to integrate with Arbor. We decided not to do that.
Arbor is the solution for telecom services on the market.
Arbor is still the leader versus many vendors and products, which is why we decided to integrate with the Arbor solution for another three years. The solution has met our requirements.
What other advice do I have?
I would recommend using Arbor DDoS.
We will buy the next version on virtual machines. We will buy a server separately with the on-premise solution, then install it on our servers where it would be virtual.
We have been thinking about creating our own DDoS solution using firewalls from other vendors.
We are looking to buy two distributed servers this year that we will need to test locally.
I would rate this solution as an eight (out of 10). Arbor DDoS is a stable solution that fulfills our requirements for DDoS protection services.
Which version of this solution are you currently using?
Invest in better cybersecurity for your business. Find out how Arbor DDoS can help protect your network from DDoS threats.