Trying to advise client who's considering Prolexic, but it's cost-prohibitive compared to Arbor Networks.
Any feedback on both is welcome.
Both Prolexic and Arbor are OK solutions.
Both have a very limited number of PoPs (Only 4-6 global locations, adds significant latency) and both have trouble reacting to attacks quickly and automatically (without human intervention). Also both will have trouble handling Application layer attacks over TLS. Arbor will also requires on-premise equipment which is a lot of hassle and doesn't scale.
I would highly recommend checking out Impreva Incapsula, which is a more modern solution that's more equipped to deliver a premium service (at reasonable prices).
Disclosure: I work for Imperva.
There are two aspects for this query:
1) if the client has multiple applications that needs to be considered for DDos protection I will prefer to go with Prolexic, but
2) if the client has multiple network devices and those devices are front facing for being a security appliances then I recommend to go with Arbor network for DDos protection, because it has the capability to handle large size of packet length as well as the volume of the packets.
It's has been a great experienced for me by evaluating arbor networks which is very well when considering the protection of network devices (core, edge) having a virtualized environment and on site solutions .
For prolexic they have a wide verity of solution for applications that are custom develop or using a vendor based application. It's function
From experience between Akamai prolexic and Arbor to me is the mitigation techniques and integration to your network. Prolexic uses Netflow in order to detect an attack and then switch traffic to their solution in order to mitigate the attack. The most effective technique to mitigate attacks according to them is an always-on solution, meaning that you're routing your traffic to their network, which adds a hop and depending on your geographical location, can increase network latency.
Arbor solutions usually work with On-Premise Equipment which does mitigation of low and slow, layer 7 or low yield volumetric attacks. The advantage of Arbor solutions lies in a hybrid solution providing this on-prem technology and cloud scrubbing center capabilities for volumetric attacks which your network cannot handle.
I'm researching DDoS solutions, and have been looking at F5 and Radware. Are there any other solutions I should be considering? Please also share insights from Gartner.