We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Using standard BGP, NetFlow and SNMP ensure wide compatibility. There are also peering traffic reports that can help identify upstream peering opportunities. The ATLAS aggregation service allows us to contribute to the global DDoS data and benefit from overall trends."
"We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs..."
"The auto-mitigation, that signaling feature, where it automatically raises an alarm that a line is under attack, is important. The upstream service provider will then do something to reduce the load on our internet lines. The fact that it's automated means I don't have to sit and always be looking at threats coming through. It does it almost automatically, without any intervention by me."
"I like all the features together as a whole."
"There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great."
"We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available."
"The most valuable features include the traffic categorization and control of the traffic. The filtering of the traffic is very precise. When you want to stop some traffic, you precisely stop that traffic."
"It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler."
"F5 technical support is really good."
"The most important feature is that they have seven firewall protection, to protect our web servers."
"The most valuable feature is flexibility."
"Its flexibility is the most valuable because it is a managed service. The good part is that you don't need to set it up. It just needs DNS routing, which is the easiest thing. Our client had Akamai for certain websites because they were using CDN features. They had NetScaler on the internal zone, F5 AWAFs on the data centers, and no WAF at all in the cloud. One of the main activities of the project was to move all these policies into a single WAF so that we could control and use that as a choke point. That exercise itself was very easy because it was a managed service and F5 Silverline Web Application Firewall does that for you. That's the best thing about F5 Silverline Web Application Firewall. It is easy to apply policies on-premises. If you have AWAF on-premises and you want to replicate some policies on F5 Silverline Web Application Firewall, other than the policies that it applies by itself, it is easy because you have a team that supports it. F5 Silverline Web Application Firewall works perfectly fine. It pretty much does everything that an Advanced WAF on-premises should do."
"The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underling OS to the application version can be easily missed."
"I would also like more visibility into their bad actor feeds, their fingerprint feeds. We try to be good stewards of the internet, so if there are attacks, or bad actors within our networks, if there were an easier way for us to find them, we could stop them from doing their malicious activity, and at the same time save money."
"Implementation could be better."
"We need a SaaS model for the solution."
"When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives."
"There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered in the VNS form in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus."
"On the application layer, they could have a better distributed traffic flow. They could improve that a bit. For network data it is very effective, but the application layer can be improved."
"They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports."
"In terms of the scalability, this part is always so confusing because they are checking for packet count. Also, after an attack, they said that the throughput must be from gigabits but then I check my bandwidth and it is already done in gigabits. So it is a little bit confusing."
"I just hope the price can be cheaper."
"We need to have support for cloud protection, which is not offered by this solution."
"F5 Silverline Web Application Firewall, being a new product in the market or comparatively related to a new product, currently supports less number of PoPs. They should introduce more PoPs. The current number of PoPs that they have is around 10 or 12, which is still relatively less as compared to 2,400 plus PoPs that Akamai offers. The user latency or the number of hops a user needs before reaching the actual web application is less in Akamai because it has its internal fabric to route the traffic. They need to spin up more data to increase its traffic handling capability. They can also include the bot detection capability, though it is a pretty advanced functionality. If they could include DataDome like functionality, that is, bot prediction, then F5 Silverline Web Application Firewall will be top-notch in the market."
"Arbor is striking a good balance between pricing and what they deliver."
"The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."
"Arbor DDoS is quite expensive, but all these solutions are expensive because they deal with confidential information."
"We do not use the Arbor Cloud DDoS solution because it is too costly."
"You need to find a way to get a good offering from Arbor by negotiating a price. That is the challenge."
"There is room for improvement with the pricing. It is an expensive solution. The issue with the pricing is more the way it is built. Right now we're paying per router, and there's a limitation there. I would like to see bundle-pricing where there is an overall solution cost."
"The licensing of a complete Arbor solution, including fire-walling and unified site management, can get expensive."
"The price of this solution is a little high in the African market, it should be lower."
"F5 Silverline Web Application Firewall works based on your bandwidth. They look at the clean bandwidth and do the pricing. 20% of a total pipe would be a clean bandwidth. The list price or a non-negotiated price for F5 Silverline Web Application Firewall would be around $2,200 per application per year for everything that you need. When you get into an enterprise kind of a setup, they negotiate this to the last bit. I would easily take 20% on that, which would be the cost, but it should cover all your Advance WAF features, bot protection, tech campaign, etc. It is built as a package and gives you most of the capability. You don't get the mobile SDK, which is an additional license. Mobile SDK is required only if you're buying or if you have a mobile application, and you are going to instrument F5 or Imperva into your mobile appliance. This anyways would be an additional module. It doesn't come within the WAF, but it is a WAF feature."
Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand and solve the most complex and consequential security challenges facing their organizations.
F5's Silverline Managed Services is a SaaS solution delivering DDoS protection, managed Web Application Firewall (WAF) services, and managed Shape Security Fraud and Anti-bot solutions.
Silverline services include 24x7 access to F5's Security Operations Center (SOC). F5's expert security professionals use F5 products with state-of-the-art security tools to ensure the best protection possible. As an add-on to Silverline DDoS or WAF services, Silverline Threat Intelligence integrates dynamic lists of threatening IP addresses to give context for policy decisions.
Arbor DDoS is ranked 1st in Distributed Denial of Service (DDOS) Protection with 12 reviews while F5 Silverline Managed Services is ranked 8th in Distributed Denial of Service (DDOS) Protection with 4 reviews. Arbor DDoS is rated 8.8, while F5 Silverline Managed Services is rated 7.8. The top reviewer of Arbor DDoS writes "With automatic flow specs we're able to drop that traffic before it even enters into our network". On the other hand, the top reviewer of F5 Silverline Managed Services writes "It is flexible and lets you easily apply policies, but it needs to support more PoPs". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Palo Alto Networks WildFire, Corero and Fortinet FortiDDoS, whereas F5 Silverline Managed Services is most compared with Cloudflare, Microsoft Azure Application Gateway, AWS WAF, F5 BIG-IP Local Traffic Manager (LTM) and Akamai Kona Site Defender. See our Arbor DDoS vs. F5 Silverline Managed Services report.
See our list of best Distributed Denial of Service (DDOS) Protection vendors.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.