We just raised a $30M Series A: Read our story

Arbor DDoS Alternatives and Competitors

Get our free report covering Radware, Cloudflare, Palo Alto Networks, and other competitors of Arbor DDoS. Updated: October 2021.
541,708 professionals have used our research since 2012.

Read reviews of Arbor DDoS alternatives and competitors

Basil Dange
Senior Manager at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Good support and effective against SSL attacks, but the dashboard is complicated

Pros and Cons

  • "This product uses auto-learning and behavioral analysis to establish baselines for legitimate traffic, and automatically detects and blocks traffic behavior that does not conform."
  • "It does not provide the capability to upload data for blacklisting/whitelisting in bulk."

What is our primary use case?

We use this product as our DDoS mitigation solution. This is something that needs to be able to protect against DDoS attacks for Volumetric, Low, and Slow attacks across layer three to layer seven. 

The solution also needs to integrate with a scrubbing center and route traffic in the case of a volumetric attack. It must also have deep knowledge of DNS traffic behavior and must have early and accurate detection/mitigation.

A DDoS mitigation solution must be able to handle high rates of DNS packets and provide the best quality of experience, even under attack. It must also be able to allow or block traffic based on geolocation or a specific IP address.

A DNS Subdomain Whitelist is available, allowing only the good DNS queries through.

How has it helped my organization?

This solution is able to mitigate and protect against SSL attacks, which is important because this type of attack is becoming more popular among attackers, as it only requires a small number of packets to cause a denial of service for a fairly large service.

Attackers launch attacks that use SSL because each SSL session handshake consumes more resources from the server-side than from the client-side, meaning the attack has exponentially increased in size without requiring additional bots or bandwidth. As a result of these amplification effects, even a small attack can result in crippling damage

This solution is able to mitigate attacks and provides automated DDoS defense and protection from fast-moving, high volume, encrypted, or very short duration threats. This includes IoT-based attacks like Mirai, Pulse, Burst, DNS, TLS/SSL attacks, and those attacks associated with Permanent Denial of Service (PDoS) and Ransom Denial-of-Service (RDoS) techniques.

What is most valuable?

This product uses auto-learning and behavioral analysis to establish baselines for legitimate traffic, and automatically detects and blocks traffic behavior that does not conform. 

The SSL decryptor card comes by default with the appliance and can be enabled if needed with the purchase of a license.

This solution uses asymmetric deployment with a challenge/response mechanism that has lower latency & higher capacity to block SSL/TLS attacks.

Behavior-based protection with automatic signature creation against unknown, zero-day DDoS attacks is employed.

Support for wildcard certificates reduces operational complexity because the admin doesn't have to update it every time a certificate changes.

The Cloud Signaling capability is able to route traffic to the scrubbing center in case of a volumetric attack.

It offers effective protection against DNS attacks.

It provides layer three to layer seven protection in on-premises, cloud, and hybrid environments. It's able to detect and mitigate attacks with no performance impact or risk.

This product has a dedicated DoS mitigation engine (DME) that off-loads high-volume attacks, inspecting without impacting user experience.

What needs improvement?

It does not provide the capability to upload data for blacklisting/whitelisting in bulk. Rather, in cases where many IP addresses need to be blacklisted or whitelisted, either a single IP address has to be added or it needs to be done using a script.

It does not provide default server grouping such as default policy that can be enabled on a Web Server or Application Server IP address.

The dashboard is complicated.

It does not provide real-time traffic details; instead, it only provides logs for blocked traffic. During troubleshooting, a complete log file is required for forensics.

A PCAP file is not provided for individual IP, which is something that should be improved.

What do I think about the stability of the solution?

This is a stable product.

What do I think about the scalability of the solution?

These devices are very much scalable and installed in HA. It provides an automatic passthrough option in the case of ethernet for fiber, where the OEM provides a fiber bypass switch that needs to be installed.

How are customer service and technical support?

Customer support from Check Point and Radware is excellent.

Which solution did I use previously and why did I switch?

We used Cloud Provider Services for DDoS mitigation provided by our ISP. We still use that service for protection against volumetric attacks (Clean Pipe).

How was the initial setup?

The setup was straightforward and the support was excellent.

The configuration requires understanding the services that are hosted against each public IP, as there might be some additional configuration required depending upon the application or services.

What about the implementation team?

This solution was deployed by our in-house team along with the OEM.

What's my experience with pricing, setup cost, and licensing?

The appliance comes with a loaded hardware license, and additional options such as SSL can be purchased and enabled.

Which other solutions did I evaluate?

We evaluated a couple of solutions including Arbor DDoS and a product by F5. We found that Check Point was able to provide us superior capabilities and features on the basis we were evaluating.

What other advice do I have?

My advice for anybody who is considering this product is to evaluate based on the following points:

  • Where you want to place or installed your DDOS appliance.
  • What throughput mitigation is required.
  • Whether the device supports cloud signaling.
  • Determine whether the SSL decryption card is available with the box or needs to be purchased in addition.
  • License and port requirements in terms of whether you need copper or fiber. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
OP
Head of security of digital systems, electronic databases and networks at a financial services firm with 1,001-5,000 employees
Real User
Top 20
A good DDoS protection solution that comes at a good price and is easy to set up

Pros and Cons

  • "It is a good solution. Its vendor support is the most valuable. It is simple and works well if you have Juniper MX routers."
  • "Juniper is known in our country, but it is not very popular. There is also not enough information about Corero. Our enterprise and financial sectors don't know about this solution. They need to provide more information and do more marketing for this solution in our country."

What is our primary use case?

We used it for DDoS protection. I worked in a data center, and we tried it there for a pilot project. 

What is most valuable?

It is a good solution. Its vendor support is the most valuable. It is simple and works well if you have Juniper MX routers.

What needs improvement?

Juniper is known in our country, but it is not very popular. There is also not enough information about Corero. Our enterprise and financial sectors don't know about this solution. They need to provide more information and do more marketing for this solution in our country. 

For how long have I used the solution?

I used this solution for nearly one month.

Which solution did I use previously and why did I switch?

I have used Arbor. Both Corero and Arbor are good solutions, and I like both of them and their vendor support. I would recommend both of them. If you want a DDoS solution and you don't have a Juniper MX router, then either of them would work. If you have Juniper MX, then it is better and cheaper to buy Corero.

How was the initial setup?

The initial setup was easy. It took a day.

What's my experience with pricing, setup cost, and licensing?

Its price is normal.

What other advice do I have?

I would rate Corero an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering Radware, Cloudflare, Palo Alto Networks, and other competitors of Arbor DDoS. Updated: October 2021.
541,708 professionals have used our research since 2012.