We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Using standard BGP, NetFlow and SNMP ensure wide compatibility. There are also peering traffic reports that can help identify upstream peering opportunities. The ATLAS aggregation service allows us to contribute to the global DDoS data and benefit from overall trends."
"We use it not only for DDoS detection and protection, but we also use it for traffic analysis and capacity planning as well. We've also been able to extend the use of it to other security measures within our company, the front-line defense, not only for DDoS, but for any kind of scanning malware that may be picked up. It's also used for outbound attacks, which has helped us mitigate those and lower our bandwidth costs..."
"The auto-mitigation, that signaling feature, where it automatically raises an alarm that a line is under attack, is important. The upstream service provider will then do something to reduce the load on our internet lines. The fact that it's automated means I don't have to sit and always be looking at threats coming through. It does it almost automatically, without any intervention by me."
"I like all the features together as a whole."
"There were huge attacks in October, around 62 attacks at 30 gigabits per second, at one of our banks. We used Arbor DDoS to mitigate these attacks, and it performed great."
"We have taken on the Arbor Cloud subscription, which is really useful because you secure yourself for anything beyond your current mitigation capacity. This is a really good feature of Arbor that is available."
"The most valuable features include the traffic categorization and control of the traffic. The filtering of the traffic is very precise. When you want to stop some traffic, you precisely stop that traffic."
"It is fully mitigating the attacks. We've dealt with other ones where we didn't necessarily see that. The detection is very good. It's also very simple to use. Arbor is a single pane of glass, whereas with other solutions you might have a detection pane of glass and then have to go to a separate interface to deal with the mitigation. That single pane of glass makes it much simpler."
"Filters can be customized depending on the characteristics of the attack traffic. This feature has made it easier for Nexusguard's SOC team to further isolate any specific attack that can't be blocked by pre-configured mitigation."
"The upgrade process is mildly complex requiring treatment of the custom embedded OS separately from the application. The correlation of the underling OS to the application version can be easily missed."
"I would also like more visibility into their bad actor feeds, their fingerprint feeds. We try to be good stewards of the internet, so if there are attacks, or bad actors within our networks, if there were an easier way for us to find them, we could stop them from doing their malicious activity, and at the same time save money."
"Implementation could be better."
"We need a SaaS model for the solution."
"When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives."
"There is always room for improvement for any product or service. If we can bring in more agility when deploying services, that is definitely a scope which we can work towards. Nowadays, everything is being offered as a service model. It is not that we have to deploy the physical hardware, many things move up to the cloud, or even can be delivered in the VNS form in the customer's environment as well. So, in that space, if we can add more features to make it more seamless for customers to use and make it available through some marketplace, not only at the hyperscalers, but also for any on-prem deployment, that definitely would be a big plus."
"On the application layer, they could have a better distributed traffic flow. They could improve that a bit. For network data it is very effective, but the application layer can be improved."
"They should improve the reporting section and make it a little bit more detailed. I would like to have much better and more detailed reports."
"One thing that we would like to improve from them is to provide more training to SOC team for them to have a deep understanding of the solution so that they would always be ready to answer anything without the need to escalate queries to senior personnel."
"Arbor is striking a good balance between pricing and what they deliver."
"The solution is a bit costly if you're a small organization, but I think it's worth the price that they are charging."
"Arbor DDoS is quite expensive, but all these solutions are expensive because they deal with confidential information."
"We do not use the Arbor Cloud DDoS solution because it is too costly."
"You need to find a way to get a good offering from Arbor by negotiating a price. That is the challenge."
"There is room for improvement with the pricing. It is an expensive solution. The issue with the pricing is more the way it is built. Right now we're paying per router, and there's a limitation there. I would like to see bundle-pricing where there is an overall solution cost."
"The licensing of a complete Arbor solution, including fire-walling and unified site management, can get expensive."
"The price of this solution is a little high in the African market, it should be lower."
Earn 20 points
Arbor Networks, the security division of NETSCOUT, is driven to protect the infrastructure and ecosystem of the internet. It is the principle upon which we were founded in 2000; and remains the common thread that runs through all that we do today. Arbor’s approach is rooted in the study of network traffic. Arbor’s suite of visibility, DDoS protection and advanced threat solutions provide customers with a micro view of their network enhanced by a macro view of global internet traffic and emerging threats through our ATLAS infrastructure. Sourced from more than 300 service provider customers, ATLAS delivers intelligence based on insight into approximately 1/3 of global internet traffic. Supported by Arbor’s Security Engineering & Response Team (ASERT), smart workflows and rich user context, Arbor’s network insights help customers see, understand and solve the most complex and consequential security challenges facing their organizations.
Founded in 2008, Nexusguard is the global leader in fighting malicious internet attacks. Nexusguard protects clients against a multitude of threats, including distributed denial of service (DDoS) attacks, to ensure uninterrupted internet service. Nexusguard provides comprehensive, highly customized solutions for customers of all sizes, across a range of industries, and also enables turnkey anti-DDoS solutions for service providers. Nexusguard delivers on its promise to maximize peace of mind by minimizing threats.
Arbor DDoS is ranked 1st in Distributed Denial of Service (DDOS) Protection with 12 reviews while Nexusguard is ranked 24th in Distributed Denial of Service (DDOS) Protection with 1 review. Arbor DDoS is rated 8.8, while Nexusguard is rated 10.0. The top reviewer of Arbor DDoS writes "With automatic flow specs we're able to drop that traffic before it even enters into our network". On the other hand, the top reviewer of Nexusguard writes "Attack protection is flexible and customizable ". Arbor DDoS is most compared with Radware DefensePro, Cloudflare, Palo Alto Networks WildFire, Corero and Imperva Incapsula, whereas Nexusguard is most compared with Cloudflare, Cloudflare DDoS, Imperva Incapsula, F5 Silverline Managed Services and Fortinet FortiDDoS.
See our list of best Distributed Denial of Service (DDOS) Protection vendors.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.