We changed our name from IT Central Station: Here's why
Get our free report covering NETSCOUT, Cloudflare, Radware, and other competitors of Corero. Updated: January 2022.
564,643 professionals have used our research since 2012.

Read reviews of Corero alternatives and competitors

Manager IP Core and Transmission Networks at GO PLC
Real User
Top 5
You can be in a better position to mitigate and find alternatives when there is an attack
Pros and Cons
    • "When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives."

    What is our primary use case?

    My company is a quad-play operator service provider in Malta. We use it for our own internal infrastructure and clients, where we use both always-on and on-demand.

    Our partner has an in-house deployment and can upload it to the cloud as well. This helps to minimize the costs. With in-house deployment, the cost will increase significantly. So, this hybrid approach is advantageous.

    How has it helped my organization?

    When there was an attack, the attack was contained only on the IPs under attack. The rest of the network was not impacted, and that is the most important part.

    The solution has helped consolidate visibility and the actions that we have needed to take. Based on the reports which can be generated, one can be in a better position to mitigate and find alternatives when there is an attack. At the same time, we can limit impact on both the attacked IP ranges and customers as well as other services.

    Arbor DDoS has helped us achieve our network and application uptime requirements. Uptime has improved.

    What is most valuable?

    Arbor provides a full solution. They provide: 

    • The possibility of alarm triggering based on flow packets. 
    • Always-on and on-demand
    • Implementation of BGP Flowspec. 
    • Implementation with their cloud system.
    • Good reporting. 

    What needs improvement?

    When it comes to some false positives, we need to tweak the system from time to time. There is room for improvement when it comes to the actual mitigation because of some false positives.

    For how long have I used the solution?

    I have been using it for more than 10 years now. The solution has changed names over the years. The Arbor suite has evolved a bit over the years, so now we are using Sightline. In the past, it was called Peakflow.

    What do I think about the stability of the solution?

    It is quite stable.

    What do I think about the scalability of the solution?

    The scalability needs to handle going horizontally, apart from the cloud, rather than replacing boxes.

    Initially, the solution was not that mature. It has evolved and scaled better over the years.

    Being a service provider on a small island, our environment is small in scale. Our network is small compared to other operators. We have 20 users internally: our NOC, IP team, and commercial team.

    How was the initial setup?

    It took three months once our agreement was done.

    What about the implementation team?

    Our partner implemented and maintains the system. We use the system to activate mitigation, generate reports, and do some changes. It is self-service, so we are empowered to manage the system.

    We rely on third-party deployment. From this third-party and how they interconnect with us, there will always be some tweaking in relation to understanding which links to use and how to avoid possible loops. 

    We are also looking to implement BGP Flowspec, which is not yet available because we are not exactly interfacing directly with the Arbor platform, but via separate routers that we interface.

    What was our ROI?

    When it comes to DDoS, we are saving by not losing money or clients. Like any insurance, you cannot really quantify it, but you need to have it.

    Attacks are getting bigger and bigger. The cost to have proper DDoS mitigation is once a year insurance. It is getting too large to be sustainable. This is not just related to Arbor. DDoS mitigation is more expensive every year.

    What's my experience with pricing, setup cost, and licensing?

    You need to find a way to get a good offering from Arbor by negotiating a price. That is the challenge. 

    See if it is possible to scale using the cloud service.

    Which other solutions did I evaluate?

    With respect to the competition, I think that Arbor Sightline reporting is cutting-edge. It is significantly more robust than what the other competitors have, such as, Corero, Radware, and Voxility.

    When it comes to the other suppliers, like Corero, Voxility, and Radware, they have automatic mitigation. This will auto-tune to attack changes. With Arbor DDoS, it needs manual intervention. To be fair, I am not sure if that is just our implementation, but that is our understanding for now. 

    Another point is how to handle HTTPS encrypted traffic. On that front, there are some options from other vendors to handle HTTPS without the need to install the certificate, where Arbor might need to do some further development there.

    With other vendors, you might need third-party software for NetFlow or reporting. In my experience, this is what differentiates Arbor DDoS from the rest.

    What other advice do I have?

    Overall, I would rate this solution as an eight (out of 10), the reporting as a 10 (out of 10), and the mitigation as a five to eight (out of 10).

    Which deployment model are you using for this solution?

    Hybrid Cloud
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    Get our free report covering NETSCOUT, Cloudflare, Radware, and other competitors of Corero. Updated: January 2022.
    564,643 professionals have used our research since 2012.