Anonymous UserInformation Security Officer at a financial services firm
Basil DangeSenior Manager at a financial services firm
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Using standard BGP, NetFlow and SNMP ensure wide compatibility. There are also peering traffic reports that can help identify upstream peering opportunities. The ATLAS aggregation service allows us to contribute to the global DDoS data and benefit from overall trends."
"We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs..."
"The auto-mitigation, that signaling feature, where it automatically raises an alarm that a line is under attack, is important. The upstream service provider will then do something to reduce the load on our internet lines. The fact that it's automated means I don't have to sit and always be looking at threats coming through. It does it almost automatically, without any intervention by me."
"I like all the features together as a whole."
"There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great."
"We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available."
"The most valuable features include the traffic categorization and control of the traffic. The filtering of the traffic is very precise. When you want to stop some traffic, you precisely stop that traffic."
"It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler."
"The is a really low level of the false-positive alerts (when the clean traffic is marked as DDoS) due to some advanced techniques used by Check Point under the hood."
"This product uses auto-learning and behavioral analysis to establish baselines for legitimate traffic, and automatically detects and blocks traffic behavior that does not conform."
"The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underling OS to the application version can be easily missed."
"I would also like more visibility into their bad actor feeds, their fingerprint feeds. We try to be good stewards of the internet, so if there are attacks, or bad actors within our networks, if there were an easier way for us to find them, we could stop them from doing their malicious activity, and at the same time save money."
"Implementation could be better."
"We need a SaaS model for the solution."
"When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives."
"There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered in the VNS form in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus."
"On the application layer, they could have a better distributed traffic flow. They could improve that a bit. For network data it is very effective, but the application layer can be improved."
"They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports."
"For a long time, there was no software version of R80.10 available for the Check Point DDoS Protector software appliances, and we had to stay on the quite outdated R77.30 version."
"It does not provide the capability to upload data for blacklisting/whitelisting in bulk."
"Arbor is striking a good balance between pricing and what they deliver."
"The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."
"Arbor DDoS is quite expensive, but all these solutions are expensive because they deal with confidential information."
"We do not use the Arbor Cloud DDoS solution because it is too costly."
"You need to find a way to get a good offering from Arbor by negotiating a price. That is the challenge."
"There is room for improvement with the pricing. It is an expensive solution. The issue with the pricing is more the way it is built. Right now we're paying per router, and there's a limitation there. I would like to see bundle-pricing where there is an overall solution cost."
"The licensing of a complete Arbor solution, including fire-walling and unified site management, can get expensive."
"The appliance comes with a loaded hardware license, and additional options such as SSL can be purchased and enabled."
Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand and solve the most complex and consequential security challenges facing their organizations.
Modern DDoS attacks use new techniques to exploit areas that traditional security solutions are not equipped to protect. These attacks can cause serious network downtime to businesses who rely on networks and Web services to operate. DDoS Protector Security Appliances and Cloud DDoS Protection Services block destructive DDoS attacks before they cause damage
Learn more about Ddos Protector.
Arbor DDoS is ranked 3rd in DDoS with 11 reviews while Check Point DDoS Protector is ranked 15th in DDoS with 2 reviews. Arbor DDoS is rated 8.8, while Check Point DDoS Protector is rated 7.6. The top reviewer of Arbor DDoS writes "With automatic flow specs we're able to drop that traffic before it even enters into our network". On the other hand, the top reviewer of Check Point DDoS Protector writes "Good support and effective against SSL attacks, but the dashboard is complicated". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Palo Alto Networks WildFire, Corero and Imperva Incapsula, whereas Check Point DDoS Protector is most compared with Radware DefensePro and Fortinet FortiDDoS.
See our list of best DDoS vendors.
We monitor all DDoS reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.