Arbor DDoS Initial Setup

Usman Khan
Team Lead for DDoS Protection at a comms service provider with 10,001+ employees
The initial setup is kind of complex because it requires peering. We have to design it from scratch, which makes it a little bit complex. It depends on whether we want to get it inline or if we want to apply offloading, and whether the company can afford a TMS of its own or we need to send traffic to a remote TMS, hosted by Arbor itself. The last deployment I was involved in took almost a month-and-a-half, with another 15 days for documentation. It took about eight to 12 people to get the deployment operational. We had people from the core who were engaged with us for the integration and bringing up the systems. After that, we had to hire some fresh resources, because, honestly, it's a new product and it's not very common. We can't really find experienced people for DDoS. It was not much of a challenge when we were developing it and when we were deploying it because we had a resident engineer who was planning everything, who was leading everything. But after that, when we were mitigating the attacks, there were challenges because we didn't have experienced people over here and the attacks were coming day and night, 24 /7. I had to come to the office after midnight and at midday. But now, the system stable and the people that I'm managing are more experienced. They know stuff and it's pretty smooth now. View full review »
Security1a8a
Security Consultant with 51-200 employees
The complexity of the initial setup depends. If you have a simple network, the deployment will be easy, but if you have something more complex and you are trying to inject Arbor, it won't be easy. Most likely, you'll do it as Layer 2, and you have VRFs and VLANs. After the design is complete, the configuration will be straightforward, but the design part is not easy. That's not about Arbor itself, it's about how big networks work. The implementation strategy also depends. Every service provider and big enterprise has its own type of networks and its own type of logical flow. So there's no standard strategy. The last implementation I did took about two months. But again, it's not about the deployment itself, it's about the meetings, the design part, meeting with other teams. After two months it was up and running. Before that, the first one I did, took three months, but we had two SPs and eight TMS's in different data centers, so it was quite a big implementation. When it's a service provider, multiple teams handle multiple things, so you have to have one person from every team to sit in a meeting; everyone has his own concept or his own ideas. After a couple of meetings, after a couple of suggestions, and after checking if what was discussed is possible, if it is the better option, it can go well. In terms of staff for deployment, it's mostly a one-person job. For day-to-day administration, it takes three to four people. They would need security backgrounds, SOC or security device managers. View full review »
CloudSece7fe
Cloud Security Specialist at a tech services company with 11-50 employees
The setup is very straightforward, once the final architecture is decided. However, the decision regarding the final architecture was not very simple because the carrier environment is very complex. In addition, at the time, the carrier I was working for bought another small carrier and was doing the integration between both their installations and backbones. That was very complex. But once all those details were decided, the placement of the Arbor solution was very straightforward. The setup work and testing of the Arbor solution took about three to four weeks, not including all the pre-planning and architecture discussions. View full review »
Find out what your peers are saying about Arbor Networks, Radware, F5 and others in DDoS. Updated: December 2019.
384,324 professionals have used our research since 2012.
SnrProjEng081
Senior Project Engineer at a tech services company with 10,001+ employees
I did the initial setup. It's not complex. We have a default admin and password where we need to set a management IP. Once management IP is set, if we connect it through a comm port, we need to set our system IP tools in the same subnet so that we can connect to Arbor. After that, we can set up usernames, passwords, and an IP access list. We can even change the group password. If you have some knowledge, the implementation will only take between a half-hour and an hour. The only scenario where it takes time is when we put it into inline mode; when we mount the devices into the network. One person is enough for deployment, if they have knowledge of how to implement it. There is no need for two or three. The number of people required to maintain it depends on the automation. One person is often enough. View full review »
SecExp99
Security Expert at a comms service provider with 10,001+ employees
The setup is very straightforward, not too complex. Their tech team is very helpful. View full review »
ManagerI46d2
Manager IP Services at a tech company with 10,001+ employees
Initial setup is a bit complex because it is a Linux based working environment for configuration. A bit of expertise is required to configure the setup. It requires an expert level assistance from Arbor to complete the configuration or to apply any new system. Deployment took around 3-4 months because we had two sites nationwide on which peak flow was deployed. View full review »
Securityebea
Security Architect with 1,001-5,000 employees
It is easy to deploy. You can easily configure the interface, connect your network, and easily do the BGP configuration from the menu. If you're deploying the TMS product, it takes about one hour for the physical deployment and configuration requirements. The Collector is easily done in TMS. Their inline solution, APS devices, is also easily done. It takes about a half an hour for an APS device. We don't have a specific deployment strategy. For deployment, the minimum staff required is one security guy and one network guy. View full review »
Ashutosh
Technical Lead - DEVSECOPS with 1,001-5,000 employees
The initial setup is complex. Deployment took about four months. After getting vendor support for installation, we then configured IP ranges for different clients. Then we set up the bandwidth and enabled logins. There has not been much to deploy and maintain since then. View full review »
AbuFaizal
Security Consultant at a tech services company with 10,001+ employees
The initial setup is straightforward. It's very simple. I have deployed the product for multiple clients. Implementation takes less than three to four hours, but the fine-tuning takes some time, based on the organization's needs. That can take more than a month. Our implementation strategy is based on how many servers and groups there are and what kind of traffic is coming to/from the internet. These are the factors that affect how we deploy it. Deployment requires two to three consultants who are security architects. For maintenance, one administrator is fine. View full review »
Informat7f04
Information Security Analyst at a financial services firm with 1,001-5,000 employees
Although I was not involved in the initial setup, I understand that it is easy. In terms of the specifics of our implementation, it's sensitive information so it can not be made public. Because of the criticality, I cannot comment on configuration or how is it implemented. Regarding the simple setup, it is because of the out-of-the-box configurations which Arbor provides you with. I don't think there is another way to implement it as such. It was per Arbor's standards, so there was nothing that was done differently. View full review »
TabbrezBalbbale
Security Advisor at a comms service provider with 10,001+ employees
The setup follows a project plan based on a PIP (Performance Improvement Plan) document and the LLD. A process is created to cover site preparation, hardware staging, hardware installation, and link activation and needs the involvement of the Operations team. Deployment takes three to four months. Our implementation strategy is as follows: * Assign a project manager to be onsite when needed during the implementation until signoff * Understand customer’s policies, requirements, and procedures * Discuss and agree on the general prerequisites for the proposed solutions * Conduct site survey * Site preparation for the proposed solutions * Design the proposed solutions * Provide detailed project plan for the entire assignment * Provide Low-Level Design * Delivering the proposed SW and HW to the site * Configure the solutions based on best practices * Complete integration, fine-tuning, testing, and knowledge transfer to provide templates and guidance on use of templates to team members * Finalize the deliverables along with the client View full review »
NetCon37561
Network Consultant at a comms service provider with 51-200 employees
The initial setup is complex, but experts are involved. Even with experts from both the vendor and the operator side, the initial set up can take some time, though it is essential. View full review »
Find out what your peers are saying about Arbor Networks, Radware, F5 and others in DDoS. Updated: December 2019.
384,324 professionals have used our research since 2012.
Sign Up with Email