Arbor DDoS Review

The introduction of IP-intelligence helps in determining IPs with a bad reputation


What is our primary use case?

We observed traffic over six months to create a benchmark. We created alerts to trigger and be sent to our SOC once the traffic exceeds the benchmark.

How has it helped my organization?

The introduction of IP-intelligence helps in determining IPs with a bad reputation. We recently upgraded to the latest version and that functionality is enabled now. They've come up with centralized intelligence based on their own cloud, and they feed the data, the intelligence.

What is most valuable?

In the GUI, the packet capture is a very good option, as is the option to block an IP address. These help in analyzing traffic and blocking unwanted IP addresses as a preliminary troubleshooting step.

Also, they have a customer program where, if we find a blacklisted or bad-reputation IP, we can submit it to Arbor directly.

What needs improvement?

There is definitely room for improvement in third-party intelligence and integrations. I would like to see more threat intelligence and internal traffic monitoring for C & C communications.

What do I think about the stability of the solution?

The product is very stable.

What do I think about the scalability of the solution?

We have not faced any scalability issues since we have a very confined environment.

How are customer service and technical support?

Tech support is good. They have really good expertise from the appliance point of view.

Which solution did I use previously and why did I switch?

We did not have a previous solution.

How was the initial setup?

Although I was not involved in the initial setup, I understand that it is easy. In terms of the specifics of our implementation, it's sensitive information so it can not be made public. Because of the criticality, I cannot comment on configuration or how is it implemented.

Regarding the simple setup, it is because of the out-of-the-box configurations which Arbor provides you with. I don't think there is another way to implement it as such. It was per Arbor's standards, so there was nothing that was done differently.

What's my experience with pricing, setup cost, and licensing?

Pricing is average.

What other advice do I have?

Go for the latest appliances.

We do have plans to increase our usage of this type of solution, but now there are a lot of other services coming up so we are looking in parallel at other stuff, for other functionalities and features from Arbor itself.

I rate Arbor DDoS at eight out of ten. They have done a considerable amount of development in the last few years when it comes to features. However, there is a restriction when the environment is hosted in the cloud and it is on-prem, so there a challenge there: The full-fledged features don't comply with certain requirements. There are always challenges.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Under Attack?

Invest in better cybersecurity for your business. Find out how Arbor DDoS can help protect your network from DDoS threats.

Add a Comment
Guest
Sign Up with Email