Arbor DDoS Room for Improvement

Roman Lara
Sr. Security Engineer at Rackspace
Their RESTful API is still a work-in-progress. They're pushing out different versions of the API with each code upgrade. I would also like more visibility into their bad actor feeds, their fingerprint feeds. We try to be good stewards of the internet, so if there are attacks, or bad actors within our networks, if there were an easier way for us to find them, we could stop them from doing their malicious activity, and at the same time save money. View full review »
General Manager - Cloud Business at a comms service provider with 10,001+ employees
There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered as a VNF in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus. If we could decouple the hardware and software, making it more easily available for the customers with the exact robustness of the functionality, then that would be beneficial. At the same time, it would bring in cost efficiencies, which eventually is the end goal of most CXOs within an organization. View full review »
Erik Nordquist
Product Manager, MSx Security Services at TPx Communications
I struggle with where the product could improve because it's pretty great the way it is. I would just say more granular reporting, down to our customer level, would be helpful. If we could somehow import customer information in their networks, it would be able to generate reports. It might actually be able to do that right now, and we have just never used it. I've dealt with other solutions where I said, "I wish it did this," but it didn't. We have tried some other solutions that do what Arbor does and I would often go back to them and say, "Well, I want it to do this," because we already have that now with the Arbor solution. I've dealt with other vendors and I don't see things that they're doing that Arbor doesn't do. View full review »
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,655 professionals have used our research since 2012.
Manohar Rajoria
Sr. Manager at a energy/utilities company with 10,001+ employees
On the application layer, they could have a better distributed traffic flow. They could improve that a bit. For network data it is very effective, but the application layer can be improved. In today's era, attackers are also developing their skills. Daily, new threats are coming into the environment. View full review »
Network Security Architecture at a financial services firm with 501-1,000 employees
I haven't found anything to complain about or anything that they need to improve on. View full review »
Engineer at a comms service provider with 10,001+ employees
We would like the ability to decrypt APS traffic. We need a SaaS model for the solution. I opened a ticket with Arbor for the ability to localize numbers of our customers in BGP sessions. This has not been resolved. View full review »
Manager IP Core and Transmission Networks at a comms service provider with 501-1,000 employees
When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives. View full review »
Traffic Management skill center at a comms service provider with 10,001+ employees
I think Arbor DDoS should be more open to other systems, in the sense of coordination between mitigation centers, like for example the capacity to ask the upstream transit provider for mitigation. Netscout's Arbor allows it, but between Arbor systems only. It should be more open to Third party systems, that's what I mean by "openness" : evolution from Netscout signaling protocol to standardized DOTS protocol (DDOS Open Threat Signaling) Implementation could also be improved regarding distribution of mitigation directly on network elements. View full review »
Technical Lead - DEVSECOPS with 1,001-5,000 employees
If we want to see live traffic, we can see do so. But once an attack that lasts for five minutes is done, the data is no longer there. It would be an improvement if we could see recent traffic in the dashboard. We can check and download live traffic, but a past attack, with all the details, such as why it happened and how to mitigate and prevent such future attacks, would be helpful to see. View full review »
Steve Puluka
Network Architect at DQE Communications
The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underlying OS to the application version can be easily missed. Linking the white list designation on managed objects into the alert detection mechanism would be a welcome improvement. Currently, white lists to prevent dropping any traffic on important resources only apply to the mitigation process. If the white list could be used during alert detection this would prevent some false positive alerts that are coming from these known good sources. View full review »
Information Security Analyst at a financial services firm with 1,001-5,000 employees
There is definitely room for improvement in third-party intelligence and integrations. I would like to see more threat intelligence and internal traffic monitoring for C & C communications. View full review »
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,655 professionals have used our research since 2012.