Neustar DDoS Review

Identifies a request that comes up multiple times, block holds that particular IP, and lets the genuine traffic pass through


What is our primary use case?

Our company has a lot of hosting service and DDoS analytics service. If somebody downloads DDoS on a shared service all of our customers can have an adverse attack. We use mitigation services from Neustar which helps us mitigate this service so that if there is any request that is coming up multiple times, Neustar protection identifies it, block holds that particular IP, and lets the genuine traffic pass through.

How has it helped my organization?

Being in the hosting industry they are times that we get hit by a DDoS attack. Because of this solution, we've been able to mitigate multiple DDoS attacks by people specifically in the SouthEast Asia market. We figure that out with the help of DDoS mitigations by Neustar.

What is most valuable?

In the DDoS, it's difficult to validate what is a genuine request from an end user. We've started being able to do that with the logistics that they have set up. With the protection that they have provided, they are able to identify what is valid and what is not valid. We see that a person who is getting DDoS Neustar service is able to block that particular user. However, while they are doing that it doesn't affect other customers on the server.

What needs improvement?

Genuine traffic coming in is still getting better. While I understand that it's some sort of algorithm that is written in this scale, that algorithm can be a little bit better because sometimes while we are doing DDoS mitigation, genuine traffic does get blocked. While it is one of the greatest features it can still be improved.

I would like to see a dashboard that shows you the data that is transferred from which end. It's where people start looking at abuse management. People keep questioning when the mitigation is on what service it is and how many GBs are passing through. An end user dashboard that will help you identify all of these questions and that can be visible in your entire organization is something that would make sense.

For how long have I used the solution?

More than five years.

What do I think about the stability of the solution?

I would rate the stability around an eight out of ten because of the entire scope of improvement in terms of its denial of service for genuine customers.

What do I think about the scalability of the solution?

Scalability is awesome. We started a big company and DDoS mitigation is something that we really liked. They have grown two folds or three folds since we started using them. Scalability is no concern. 

We have end users who primarily use the site for businesses or some web presences. They use this for doing online e-commerce or just the presence of site in terms of online availability. In terms of the number of used servers, we have close to 2,000 hacked servers for which I have about 3,000 customers each, so that's a good 60,000 hacked. 

We have a network operations teams that is a group of four people. Their task is that in the case of any DDoS they just need to call the on screen provider to figure out if it is actually a DDoS. While Neustar has been available with us, we've also had a fair amount of bandwidth with CloudFlare. We use CloudFlare for both our DNS as well as for DDoS in certain products given that it is a great feature to have both of them together. CloudFlare being a provider across both DDoS and Neustar become the first choice based on our company's taste.

How are customer service and technical support?

Technical support is quick to resolve issues. They give us a basic RCA which is a root cause analysis of things and they are very knowledgeable in terms of at least support.

How was the initial setup?

We did the initial setup via the network and it wasn't very complex. We had an in-house team that helped with the configuring of the network. The entire network is routed by Neustar's IPs and from there on Neustar mitigation takes care of it. It wasn't complex at all. It took us about a month to get everything in place. They did have a small trial run with a selected set of users on selected servers. Once we were considering that things were working properly, we made sure that we moved all customer servers onto that particular product.

What's my experience with pricing, setup cost, and licensing?

The pricing is very competitive given how CloudFlare has come up in terms of their usage right now.

What other advice do I have?

Always go with a player who is known in the market from a scalability standpoint. At times when you are dealing with mitigation, you could hit traffic that is in the trillions. You need to have an infrastructure that supports that. Go with a good, known player who has great infrastructure backing. 

I would rate this solution an eight out of ten because there is a scope of improvement from a mitigation standpoint.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email