Most Helpful Review
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
We can reduce the bandwidth to minimize the attack level. If we see more than 2.5 GBs we drop it directly.
In the GUI, the packet capture is a very good option, as is the option to block an IP address.
It provides packet capture and we can block or whitelist whichever IPs we need to. Whatever traffic we want to block - and we get IPs from internal teams and from national teams - we block at the Arbor level only, because if it gets to the firewall then firewall bandwidth will be taken.
Valuable features include simple and centralized management of user access and capabilities, as well as Web 2.0 interactive attack alerting, traffic visualization, and mitigation service control.
Our customers are very happy when we provide them with the interface... They can check how many attacks they have faced and how many attacks have been blocked.
There are a number of valuable features in this product, like Cloud Signaling and Threat Intelligence feeds.
Arbor has a global ranking in reliability and credibility. They are very unique and can respond to a very wide scope of threats from their global deployment.
It's just one dashboard with mitigation. You decide which mitigation you want and at what threshold to do this or that. Its operation is pretty simple. It's easy.
One of the valuable features is the intuitive nature of building out reports, and then triggering actions based on specific metrics from those reports. It has a really good UI and the ability to surface data through the reporting functions is pretty good. That's helped a lot in the security space.
We're pretty happy with the API functionality. It's web, and it's very simple to set up queries. It has served us well and you don't need to be an expert on the API or the product to set these things up.
The most valuable features have been anything around traffic engineering: being able to determine the source or destination of a surge of traffic, whether it's DDoS-related, or a customer just happened to have a sudden uptick in traffic. Being able to tell where that's coming from or where it's going to enables us to do things based on that.
The most valuable feature is being able to pull traffic patterns; to and from destinations. We're able to understand where our traffic is going, our top talkers from an AS set, as well as where our traffic's coming from.
I am able to do a lot of work on the visualization end to create different visualizations and different ways to get information out of it.
The drill-down into detailed views of network activity helps to quickly pinpoint locations and causes. All the information is there.
Having the API access allows us to do a great deal of automation around a lot of our reporting and management tools.
We're also using Kentik to ingest metrics. It's a useful feature, and its response time, whenever we're pulling back the data, is higher than our on-prem solution.
If we want to see live traffic, we can see do so. But once an attack that lasts for five minutes is done, the data is no longer there. It would be an improvement if we could see recent traffic in the dashboard. We can check and download live traffic, but a past attack, with all the details, such as why it happened and how to mitigate and prevent such future attacks, would be helpful to see.
There is definitely room for improvement in third-party intelligence and integrations.
On the main page there are alerts that we are unable to clear, even though the issue has been resolved.
The following areas need improvement: opening and tracking support tickets, online support resources, software upgrades/updates and replacement media, and event management guidelines.
Because we had some routers that were somewhat old, they were not integrated with Arbor. They did not support the NetFlow version that Arbor was running. That was a challenge. We had to upgrade the routers. Some backward-compatibility would be helpful.
Sometimes it blocks legitimate traffic. If a legitimate user is trying to access the server continuously, the product suspects that this is a DoS traffic file. That is a case where it needs to improve. It needs machine-learning.
I think the diversity of protection is extremely limited. It must be expanded in future upgrades and versions.
For troubleshooting problems, it's not so intuitive. It's not straightforward. This is the core of their kernel, so they need to improve it a little bit... In F5 I have full control of everything.
I believe they're already working on this, but I would love for them to create better integrations from network flow data to application performance — tracing — so that we could overlay that data more readily. With more companies going hybrid, flow logs and flow data, whether it be VPC or on-prem, matched with application performance and trace data, is pretty important.
We asked for a way, regarding the potential networks that exist, to hook Kentik up with external tools like peering DBs to correlate things together and see what we can do... This is all in the [next] beta now.
They're moving more in a direction where they are saying, "Hey, here's information that you may be interested in or may a need," before the question has to explicitly be asked. Continuing to move in that direction would be a good thing.
The only downside to Kentik, something that I don't like, is that it's great that it shows you where these anomalies lie, but it's not actionable. Kentik is valuable, don't get me wrong, but if it had an actionable piece to it...
I would like to see them explore the area of cost analysis.
There is room for improvement around the usability of the API. It's a hugely complex task to call it and you need a lot of backing to be able to do it. I should say, as someone who's not in networking, maybe it's easier for people who are in networking, but for me that one part is not very user-friendly.
I've checked out the V4 version of the interface and it's still a little bit clunky for me to use. I still go back to the old interface. That's definitely one that they still need to work on. It doesn't seem like everything that you get in the V3, the older interface, is there. For instance, I was trying to add a user or do the administrative tasks in V4, and I couldn't figure out where I was supposed to do that.
Pricing and Cost Advice
Pricing is slightly on the higher side.
I'm a technical guy. But I know it's expensive compared to its competitors. After you have the on-premise solution, for your solution to be effective you have to subscribe to an "upper level," so there's another cost. There is also a subscription to cloud services, which is another cost.
Arbor's products are very expensive. Their competitors are cheap when compared with Arbor.
As far as I know, they are the best in this sector, in DDoS protection. They know it, I know, because their service prices are too high. They provide cloud DDoS protection for ISPs, but that is also too expensive.
Because the solutions from competitors are very different, it's not easy to compare. However, the licensing from Arbor is clear and understandable and the pricing is reasonable when looking at the market, in general.
We have an annual contract with Kentik that we renew each year for a set number of licenses. We also have some burstable licenses which we can spin up and spin down, and those are paid as they are used.
out of 36 in DDoS
Average Words per Review
out of 36 in DDoS
Average Words per Review
Compared 23% of the time.
Compared 13% of the time.
Compared 10% of the time.
Compared 22% of the time.
Compared 21% of the time.
Compared 14% of the time.
Also Known As
|Arbor Networks SP, Arbor Networks TMS, Arbor Cloud for ENT|
|Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand and solve the most complex and consequential security challenges facing their organizations.|
Kentik's AIOps Network Traffic Intelligence platform unifies network operations, performance, security, and business intelligence.
With a purpose-built big data engine delivered as public or private SaaS, Kentik captures a high-resolution view of actual network traffic data and enriches it with critical application and business data, so every network event or analysis can be tied to revenue & costs, customer & user experience, performance & risk.
Invest in better cybersecurity for your business. Find out how Arbor DDoS can help protect your network from DDoS threats.
Learn more about Kentik
Information Not Available
|Pandora, Yelp, Neustar, Box, University of Washington, Zoom, Tata, and Cogent.|
Comms Service Provider64%
Software R&D Company18%
Financial Services Firm9%
Comms Service Provider29%
Software R&D Company28%
Comms Service Provider43%
Software R&D Company14%
Software R&D Company37%
Comms Service Provider18%