We performed a comparison between Cloudflare and Neustar UltraDDoS based on real PeerSpot user reviews.
Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection."The most valuable feature is the web application firewall."
"The web application firewall brought us good security and a view of the accesses/blocks of the entire domain and subdomain that were accessed both by region (country) and IPs."
"Cloudflare is a security SaaS provider that provides security and protects us from any application layer attack."
"I like Cloudflare's application gateway and DDoS protection."
"There are key things that are used for our enterprise customers, such as Lambda and DNS."
"DDoS attacks target unprotected machines. Cloudflare detects and stops these attacks using internal systems. It identifies incoming DDoS attacks, issuing challenges or blocking them immediately."
"Smaller businesses have seen great ROI due to the low investment and strong performance."
"From what I've seen so far, there are no negatives to report as of yet"
"In the DDoS it's difficult to validate what is a genuine request from an end user. We've started being able to do that with the logistics that they have set up. With the protection that they have provided, they are able to identify what is valid and what is not valid. We see that a person who is getting DDoS Neustar service is able to block that particular user. However, while they are doing that it doesn't affect other customers on the server."
"I think the APIs are a little bit hard for us to work with. The APIs could be more open so that we could integrate better with our SolarWinds or our monitoring solution."
"It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration."
"Even if I wanted to, I wouldn't be able to buy Cloudflare in my country."
"One area of improvement is in the Access Rules. Hypothetically, if we wanted to block or challenge traffic outside of the United States, the only way to currently do that (as far as I know) is to enter every single country outside of the United States. That could be a labor intensive job. A solution could be to enable users to create a rule where traffic is only allowed within a certain country."
"For the free and Pro plans, Cloudflare could use a simple bot to provide information to users. This would improve support, especially for less advanced users who utilize the free components."
"Sometimes their more advanced caching tools can cause higher first-byte times and problems with JavaScript."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"Cloudflare could offer a better view or maybe dashboards of the main resources used in the client."
"I would like to see a dashboard that shows you the data that is transferred from which end. It's where people start looking at abuse management. People keep questioning when the mitigation is on what service it is and how many GBs are passing through. An end user dashboard that will help you identify all of these questions and that can be visible in your entire organization is something that would make sense."
Earn 20 points
Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 56 reviews while Neustar UltraDDoS is ranked 29th in Distributed Denial of Service (DDOS) Protection. Cloudflare is rated 8.4, while Neustar UltraDDoS is rated 8.0. The top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". On the other hand, the top reviewer of Neustar UltraDDoS writes "Identifies a request that comes up multiple times, block holds that particular IP, and lets the genuine traffic pass through". Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, Microsoft Azure Application Gateway and AWS Shield, whereas Neustar UltraDDoS is most compared with Arbor DDoS.
See our list of best Distributed Denial of Service (DDOS) Protection vendors.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Imperva Incapsula is the solution to have for DDoS at L7, L3 and L4. This effective solution also provides CDN, LB, ADR, DNS protection, SIEM integration and of course has an awesome WAF! Cloud based, OPEX only - no HW!! Easy to use - done and done!
i think it's not just a DDoS on the DNS issue but the resiliency you need to provide for your Internet services. So, to better answer your questions, you have to provide some sizing of the traffic per site, the kind of internet services and number of concurrent users, the source where most traffic is coming from (West coast, East coast). It's always a balance of efficiency and practicality.
Hi,
Actually we (Radware) are one of the market leaders in both of the requested solutions.
We offer ISP load balancing and Hybrid DDoS protection.
Radware’s Linkproof (first in the industry) to ensures optimal application service level.
We optimize in real time application performance in normal WAN state for both inbound and outbound traffic, when a service is disrupted we will divert traffic from highly-utilized links and ensure service-level for real time application or business related ones (for instance VoIP , voice or just cloud applications like office 365), In addition we maintain high WAN (ISP) availability at all times and steer the traffic to the operational links when failure occurs, compared to BGP protocol we will do it instantly with no impact on the applications.
Unlike most of the competition Radware user total round trip time mechanism to ensure best user experience at all time, Radware owns a patent for this technology.
LinkProof is application aware and will use smart prioritization mechanism to ensures bandwidth management and overall bandwidth for latency-sensitive apps.
Our APM will monitors all transaction end-to-end as experienced by end user to show user friendly graphs statistics and dashboards.
Load balancing different data centers can be easily achieved with our GSLB license, our Global server load balancing (GSLB) allows Web hosters, portals and enterprises to distribute content and services geographically.
For the DDos part, we can offer protection up to L7 and SSL encrypted attacks both on prem and in the cloud, or a hybrid solution, Radware uses the same technology both on-prem and in the cloud which means when a signature was created it can apply instantly the signature in the cloud and save the le-learning process.
In addition we use our patented "user behavior" mechanism and not only rate limiting.
Reach out for more options and fine tuning the solution.
Vadim
Radware
How may I help? I mean do you need help in suggesting a working solution, design or some hands-on configuration of existing equipment to work around the threat.
For your load balancing requirement, www.cloudflare.com
For your DNS requirements, www.cloudflare.com
Hope the information provided would be useful for your consideration.
If you need more info, please feel free to email me.
Already many good suggestions listed. I'll add another DNS provider to look into: NS1 (ns1.com). They have options for private managed DNS, dedicated DNS, and a control layer for load balancing based on any number of policies you set.
All of the DNS providers listed can provide a layer of defense against DDoS, with the CDNs (Cloudflare, Incapsula, Akamai) also offering WAF. Given the nature of infrastructure attacks, many enterprises are looking to have redundant providers at the DNS level in addition to your use of separate ISPs for internet traffic. That may be an additional factor to consider in your RFP process.
Take a look at DOSarrest. www.dosarrest.com They offer a low cost quick and effective Proxy solution to mitigate DDoS attacks across their global POP's as well as a BGP/GRE option if preferred called Data Center Defender. They include Load balancing and a WAF as standard features.
for DNS DDoS Protection you may use Incapsula DNS Protection OR move your DNS services to a big DNS player with DDoS protection OR have a combination of both.
For your webservices you may use a Balancer to balance the load between your ISPs and provide High Availability also (one ISP goes down). For this you should also use your DNS to amend the dns entries.
In case you are using Incapsula you can have both your websites active at the same time (load balance) and have a WAF,CDN and DDoS protection.