IT pros cite pros and cons of two products that shield the network against DDoS attacks.
Distributed denial of service (DDoS) attacks present a major threat to businesses, both large and small. Cybercriminals have used DDoS as a weapon for years, and today's DDoS attacks are becoming more persistent and complex,
Protecting systems from DDoS attacks requires a multi-layer approach. For large organizations, that often means a combination of high-capacity, secure and stable internet channels with specialized software. The key is a making a proactive effort and investment to protect corporate information and assets.
In the DDoS protection software market, Arbor Networks, the security division of Netscout, and Kentik are popular, frequently compared options among IT Central Station users. Here's what these IT decision-makers had to say about the DDoS products from these vendors.
Arbor DDoS protection
An information security officer at a communications service provider described the value that Arbor provides his organization:
“Arbor has the ability to learn and self-create the appropriate profile for each customer. This ensures that false positives are kept to a minimum. It provides a much more efficient protection of our customers.”
Salinda L., IT security manager at a communications service provider, shared how his organization has benefitted from using Arbor:
“The Arbor Networks SP device allowed us to optimize the network traffic. For example, it helped us to find the best IP network route to reach certain countries with low latency.”
Salinda also sees room for improvement with Arbor:
“My opinion is that these Arbor devices should be scalable, in terms of the hardware. …Network bandwidth is rapidly increasing. Therefore, it is not practical to predict the network traffic as what it will be in five years' time and also, to accordingly plan the required hardware specifications.”
Devender K., cybersecurity analyst at a tech services company, suggested that Arbor make improvements to its auto-mitigation feature:
“The auto-mitigation feature is provided when DDoS is observed on any of the links/customers (configured under auto-mitigation). It automatically starts mitigation with the default filters. In the default filter mode, there could be an impact on a customer’s link.”
David B., network engineer at a university, said Kentik’s DDoS Alarming feature is helpful:
“DDoS Alarming allows us to get a feel for the bandwidth of an attack and determine if mitigation is needed to prevent collateral damage. Secondly, the flow analysis lets us look at how traffic is transiting our network. This allows us to optimize metrics to reduce cost.”
A network engineer at a tech services company described how Kentik has helped his organization beyond security:
“I find it very useful to see when traffic destined for a prefix that we prefer ingress on in the East Coast actually ingresses or egresses on the West Coast. It shows the difference between BGP paths vs. regional expectations.”
Swen W., network architect and security manager at a communications service provider, noted improvements he would like to see made to Kentik's product:
“I would like to see more granular user and security rights. Currently, a user can be a member or an administrator. I would like to limit what a user can see, be it IP or interface. I would like to be able to give my customers access to the data explorer with just their data.”
Dan K., network security engineer, described what would improve his unique use of Kentik:
“Right now, I can go in and look at all of the interfaces that they’re receiving the flow for and also sort/filter it, but there is no way for me to easily compare them between my nodes. I need to add, though, that’s really not a missing feature of their product; it is just a way to help troubleshoot my own (potentially broken) systems.”
Find out what other IT Central Station users say about DDoS protection solutions.