We just raised a $30M Series A: Read our story
2018-06-14T07:58:00Z

What advice do you have for others considering Arbor DDoS?

12

If you were talking to someone whose organization is considering Arbor DDoS, what would you say?

How would you rate it and why? Any other tips or advice?

ITCS user
Guest
2323 Answers

author avatar
Real User

Go for the latest appliances. We do have plans to increase our usage of this type of solution, but now there are a lot of other services coming up so we are looking in parallel at other stuff, for other functionalities and features from Arbor itself. I rate Arbor DDoS at eight out of ten. They have done a considerable amount of development in the last few years when it comes to features. However, there is a restriction when the environment is hosted in the cloud and it is on-prem, so there a challenge there: The full-fledged features don't comply with certain requirements. There are always challenges.

2019-04-18T09:59:00Z
author avatar
Real User

Go for it. It's one of the best solutions you can get for DDoS. It doesn't matter what services you're going to use. As long as you have the whole solution, the TMS and everything in-house, it's the best solution. We have a team of 12 to deploy and monitor the solution; we have three shifts running around the clock. They monitor the system alerts. They monitor the websites using the controls that we have to protect the clients. If one of them catches an attack, there is a high-alert flag and we focus on the attack to see if it has been mitigated or not. If it needs anything, if it needs some tweaking, we have two resources on each watch, a senior resource and a junior. The junior one keeps on monitoring. The senior one comes in whenever there is something to correct or if something needs to be changed in the system. For ISPs, Arbor DDoS would be the best solution. For smaller organizations, we can buy the services from Amazon for DDoS protection, and there's Cloudflare. But for ISPs, it's better to have Arbor DDoS because we have everything in-house. ISPs like ours have almost 120 gig bandwidth. For throughput, it's the best one. We don't have plans to increase usage currently because when we brought the solution four years ago, we measured it a lot. We bought more than what we needed. The plan is to improve the human operability on the system itself. Things look smooth, but you cannot rely on two or three people. We have to have redundancy in the human workforce. We're planning to expand the team so that we don't need to hire any fresh resources and train them from the start. These services are very expensive and our customers are expecting a perfect solution.

2018-12-19T10:49:00Z
author avatar
Real User

I rate Arbor DDoS an eight out of ten.

2021-09-10T11:32:00Z
author avatar
Top 5LeaderboardReal User

I would advise others to do a proof of concept. That's a good way to choose a solution. We did a proof of concept, and it gave us a good idea, so I would advise others to do that. I would rate Arbor DDoS a nine out of ten. I am really happy with this solution.

2021-05-14T21:31:28Z
author avatar
Top 20Real User

Arbor's hybrid approach to DDoS protection is both an advantage and a disadvantage. Sometimes it is not able to filter traffic adequately because of the hybrid approach. It only takes action after a bit of time. It starts acting on malicious traffic a little bit late because of the hybrid approach. On the other hand, after seeing all the aspects, the analysis is sensible and perfect. So it depends on from which side we look at this feature. Network layer DDoS attacks are absolutely big. DDoS attacks cannot be mitigated instantly, it takes time. You have to be very aware of your network and about which machine an attack has reached, and what the network architecture is. All those aspects are responsible for the impact of DDoS attacks. Arbor is not absolute but, comparatively, I find it to be an effective solution. Overall, it's a great product. It is a very effective product in terms of dealing with DDoS attacks, whether it is network layer attacks or application layer attacks. But it is better in network layer DDoS attacks. It is among the best.

2021-02-10T21:19:00Z
author avatar
Top 5LeaderboardReal User

It is not just about the features alone, it is about how smoothly you will be able to deploy the solution, e.g., the availability of the product and how the OEM is maintaining the relationship with its customer. There are multiple factors that need to be considered. "This is not just a one-time sale. It's about how easily the systems are available, and how well your partner is able to support you and provide lifecycle management."

2021-01-27T21:55:00Z
author avatar
Top 5LeaderboardReal User

Overall, I would rate this solution as an eight (out of 10), the reporting as a 10 (out of 10), and the mitigation as a five to eight (out of 10).

2021-01-27T12:36:00Z
author avatar
Top 20Real User

I would advise potential users to try the NETSCOUT Arbor DDoS system but also to check on other solutions. On a scale from one to ten, I would give Arbor DDoS a seven.

2021-01-19T03:11:00Z
author avatar
Top 20Real User

I would recommend using Arbor DDoS. We will buy the next version on virtual machines. We will buy a server separately with the on-premise solution, then install it on our servers where it would be virtual. We have been thinking about creating our own DDoS solution using firewalls from other vendors. We are looking to buy two distributed servers this year that we will need to test locally. I would rate this solution as an eight (out of 10). Arbor DDoS is a stable solution that fulfills our requirements for DDoS protection services.

2021-01-17T15:30:00Z
author avatar
Top 20Real User

My advice is "Go for it." It's a great tool. If you're concerned about the availability of your services, I highly recommend it, without any hesitation. If you regard your brand or organization as valuable, then Arbor is the tool for you.

2020-12-22T11:30:00Z
author avatar
Top 20Real User

Talk with their sales engineers and understand the different uses of Arbor. If you're just looking just for a pure DDoS product, there may be other solutions within Arbor that are better to use, or different feeds that may be beneficial. Maybe you're more into capacity planning or peering analysis, and there are other things in addition to those that you can do with Arbor. If you're buying it for DDoS, you still do capacity planning and peer evaluation for the same cost using the same license. But what I've found with other people that use the product is they're single-use. Some buy it for DDoS and only use it for DDoS. They don't take into account the other information that they could be pulling from it. The sheer amount of traffic that's out there in the network is one of the biggest things I've learned from using the solution. Looking at north-south traffic, traffic coming into our data centers and out of our data centers, it's a lot higher than what we had thought we would see when we first started using Arbor. It helped us to provide an infrastructure that was future-proof. Before we started understanding the different uses of Arbor, we would upgrade our routers on the edge, only to have to upgrade two or three years later when the actual router was still viable but it just wasn't able to control or handle the capacity. Now, we're able to put devices in place that are future-proof and that reduces our costs by not having to replace those devices every so often because they ran out of bandwidth. Another thing we found was the number of bad actors that were living within our environment. When cloud first started popping up, everybody rushed to get their own clouds up and running. What wasn't taken into account was that there was a lot of malicious traffic that was being generated by these types of environments. They gave us a better understanding of cloud computing and the security issues that we would be facing as we tried to expand that environment. Sightline with Sentinel does not yet communicate information upstream to our service provider around attacks, so that they can stop the attack closer to the attacker. It's something that we've been working on with Arbor for many years. There are some programs out there that Arbor is working on where we can communicate with other deployments that have Arbor. From the engineering perspective, we're all for it, not only at my company but even at the major Tier-1s. It's when you get up to higher management that we hit the roadblocks. Everybody in security wants to share information, but nobody wants to say anything either. More and more people are coming around to the idea that they need some type of DDoS protection as part of their security posture. We tell customers that there's no one silver bullet out there that's going to do it all. Arbor does a great job of mitigating DoS attacks but we don't want to do all the blocking with Arbor devices, so further down the stack you want load balancers and firewalls to help you out. The fact that Arbor has been in DDoS visibility and protection for more than 10 years definitely affects our confidence in it. I've been with other providers that use Arbor as well and that's one of the things that is always brought up, the confidence level. Deploying this on my network and the visibility it's going to give me is hands-down better, compared to an up and coming cheaper product that may claim to have better abilities to mitigate DDoS attacks. But they don't have the visibility that you really need. That's the key asset that Arbor has because they've been in the business for so long and have these great relationships with these big Tier-1 providers. They're not only able to provide the necessary equipment but, more importantly, the knowledge that comes with it. At the root of things, all DDoS vendors basically do the same thing, they drop traffic. It's the knowledge of what type of traffic to drop that is extremely important, to me and others who are in the same business. When you have visibility into one-third of the global internet, you have great visibility into what's going to happen in the future as well. I would give Arbor DDoS a nine out of 10. There's always room for improvement. With DDoS products, there's always an evolving merry-go-round of different attacks. For me, giving it a 10 would be that silver bullet where it is going to handle all your attacks. Arbor will be straightforward with you and let you know that it's not that silver bullet and that there are times when its system is not the best system for the use that you have. One of the downfalls, at least on our site, has been that its visibility into the application layer in the monitoring mode is not the best, and that's because it's sampling traffic. Once it's in a mitigation and seeing packet-for-packet, it's devastating to see the amount of information you can pull. That's why we've gone ahead and implemented different Arbor devices lower down, closer to the application, to give us even more visibility.

2020-08-10T07:32:00Z
author avatar
User

“Every employee should be educated in best practice procedures, starting with basics like clever password combinations and then going into details of how different attacks work, emphasising ways to recognise social engineering tactics. Businesses must also demonstrate the potential impact of a breach occurring, which can help establish personal responsibility. Crucially, businesses shouldn’t just focus on prevention. Employees also need to understand best practice in minimising the damage should a breach occurs

2020-06-03T20:30:21Z
author avatar
Top 20MSP

Work with Arbor. They have great people to help you make sure it's implemented correctly. And they also have a great training team to help you understand the solution and use it to its fullest advantages. The biggest thing I have learned from using the solution is seeing all the different types of denial of service attacks that are out there. I have come to understand that they will come in waves and that certain types of customers are more prone to attack than others. It also lets us understand traffic flows on our network, as far as the usual traffic goes. We can understand what our network looks like. What it looks like at 1:00 pm is very different then what it looks like at 3:00 am. The solution helps us understand that. The users of Arbor DDoS in our company are only a handful of technicians. Our NOC and some of our security people, engineers, are in there, but it protects tens of thousands of customers for us. For deployment and maintenance of this solution we require two security engineers. They maintain the system and make any configuration changes, if necessary. They handle regular maintenance, if necessary, although it's pretty minimal. I would rate this product as an eleven out of 10.

2020-03-15T08:08:00Z
author avatar
Real User

We have seven people who directly access Arbor DDoS, mostly project engineers.

2018-12-30T11:29:00Z
author avatar
Consultant

Implementation is very easy but making the product work optimally is more difficult. It's the best product. I would rate it at eight out of ten. There are some minor issues with blocking legitimate traffic and that's why it's not a ten.

2018-12-19T09:19:00Z
author avatar
Real User

It's an excellent product DDoS protection against attacks. We have more than 7,000 users at all levels of access.

2018-12-19T09:00:00Z
author avatar
Reseller

I would recommend Arbor's solution. I like it. In terms of increasing the usage of Arbor, when we expand our networks, we open new sites or data centers, we always use Arbor. In the future, if expand out, we will use it again. I rate it a nine out of ten because I have been using it for about eight years and it's very user-friendly, troubleshooting is good, and the reporting side is also good. It's easy to deploy and our customer feedback has been good. It's just that the pricing is very expensive, so I give it a nine.

2018-12-10T08:29:00Z
author avatar
Consultant

Try to design it properly for injecting it into a network. If not, it could be that when you deploy it you will cause a "black hole" in your network and everything will go down. That has happened. In the case where it happened, it had something to do with routing. Arbor was injecting traffic to the TMS's but the TMS's were not able to forward the traffic to its original source. I rate Arbor DDoS at eight out of ten. For me, that's a pretty high rating because nothing is a nine. It's still a new solution and they're developing it. Every couple of months there's a new release with bug-fixes or some new way to do stuff. They're investing in the solution. Symantec Blue Coat is good, for example, but for quite some time there has been no development. Even with the recent version, there is nothing that different in Blue Coat. For a dynamic environment, you have to have a vendor that you can trust.

2018-12-10T08:29:00Z
author avatar
Real User

We have two teams that work with it. There is the maintenance team and we are the team that takes action. I would rate Arbor DDoS at eight out of ten. It's stable, it's scalable, and it can handle complex environments.

2018-12-02T07:45:00Z
author avatar
Real User

Arbor is very good at what it does. If you have enough budget you can apply it to your infrastructure and use its flexibility and reporting features very well. But if you don't have the budget and you don't expand the budget for the coming next years, I suggest not getting in touch with Arbor. Five or six engineers can log in to devices, but in our company two people are managing infrastructure. There are always ways to optimize it, but we have been working for two years to optimize it and it's in a good situation compared to two years ago. I would rate it a seven out of ten. My rating is based on the general problems that we had and the solutions for them, as well as the daily stability of these devices. We are using nearly all the features of Arbor. Currently, they are enough for us, but in the future, if there are different kinds of DDoS attacks I believe that Arbor DDoS will also take action against them.

2018-12-02T07:45:00Z
author avatar
Real User

Arbor has a global ranking and global recognition. Whenever you do a search on Google, you can find Arbor on the top three or top five DDoS protection vendors. Obviously, Arbor is very reliable.

2018-12-02T07:45:00Z
author avatar
Real User

Don't worry that it is complex because, out-of-the-box, it protects you from the basics. Just open it and connect, that's all you have to do. But if you are making an investment of this type because you have to be protected against all scenarios, you have two options: close support from Arbor or a specialized engineer. If you have those resources, all the rest is very straightforward. It becomes a simple solution that can give you good results. I give the solution a nine out of ten. I try to put myself in the shoes of our company's owner. If a solution is simple to operate and gives good results, it's good for me. The solution needs to do what it's supposed to do and be simple to manage.

2018-10-29T15:46:00Z
author avatar
Consultant

Most important important criteria when selecting a vendor: * How the offering covers the business needs. * The reputation of the vendor.

2018-06-14T07:58:00Z
Learn what your peers think about Arbor DDoS. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
554,529 professionals have used our research since 2012.