Arbor Networks APS - Detailed Review

Security Tools

Arbor Networks APS Website
Arbor Networks APS - Detailed Review Contents
    Add a header to begin generating the table of contents

    Arbor Networks APS - Product Overview



    Arbor Networks APS

    Arbor Protection System (APS) is a comprehensive solution for protecting against Distributed Denial of Service (DDoS) attacks, catering to the security needs of various organizations.



    Primary Function

    The primary function of Arbor APS is to detect and mitigate DDoS attacks, ensuring the continuity and availability of network services. It provides both on-premises and cloud-based protection, making it a hybrid solution that can handle a wide range of DDoS threats, including volumetric, state-exhaustion, and application-layer attacks.



    Target Audience

    Arbor APS is targeted at security and network engineers responsible for the administration, architecture, and operations of network traffic in enterprises, government institutions, financial services, and small to medium-sized businesses (SMBs).



    Key Features



    On-Premises Protection

    Arbor APS offers always-on, in-line protection against DDoS attacks, including application-layer attacks. It can mitigate attacks up to 40 Gbps on the appliance level.



    Cloud-Based Protection

    The solution integrates with Arbor Cloud, which has a network capacity of 7.6 Tbps distributed across nine worldwide scrubbing centers. This ensures protection against large, high-volume attacks that could overwhelm on-premises defenses.



    Cloud Signaling

    Arbor APS features Cloud Signaling, which automatically alerts upstream service providers or Arbor Cloud when larger attacks are detected, enabling faster mitigation.



    SSL Inspection

    The system includes built-in SSL inspection to detect and stop DDoS attacks hidden in encrypted traffic.



    Real-Time Reporting and Forensics

    Arbor APS provides real-time and historical traffic reporting, extensive drill-down capabilities, and packet visibility to help in analyzing and mitigating attacks.



    Multi-Layer Protections

    It offers protection against various types of DDoS attacks, including TCP/UDP/HTTP(S) flood attacks, botnet protection, and anti-spoofing measures. It also supports IPv4 and IPv6 attack detection and mitigation.



    Managed Services

    The Managed APS (mAPS) service allows organizations to rely on Arbor Networks’ expertise to manage and optimize their DDoS protection.



    Global Threat Intelligence

    Arbor APS is continuously updated with the latest global threat intelligence from Arbor’s ATLAS Intelligence Feed, ensuring it stays ahead of emerging threats.

    Overall, Arbor APS is a sophisticated and automated DDoS protection solution that combines on-premises and cloud-based defenses with real-time threat intelligence to protect critical network resources.

    Arbor Networks APS - User Interface and Experience



    User Interface of Arbor Networks APS

    The user interface of Arbor Networks APS is designed to be intuitive and user-friendly, particularly for security administrators and network operations personnel.

    Web User Interface (Web UI)

    The primary administrative interface for Arbor APS is the Web UI, which is accessed via a secure HTTPS connection. This interface is available through the Management LAN connections (port mgt0 or mgt1), but not through the internal (“int”) or external (“ext”) interfaces.

    Menu Structure

    The Web UI features a menu bar that indicates the active menu and allows users to navigate through various sections. The menus include Summary, Explore, Protection Groups, and Administration. Each menu provides specific functions, such as displaying the current health of the APS, traffic forensics, configuring protection groups, and maintaining the system.

    Security

    The Web UI uses SSL certificates, either from Arbor Networks’ Certificate Authority or the user’s enterprise certificate, to ensure secure sessions. Users must accept the SSL certificate during the initial access.

    Command Line Interface (CLI)

    In addition to the Web UI, Arbor APS also offers a Command Line Interface (CLI) for users who prefer or need to perform tasks through command-line commands.

    Authenticated Access

    The CLI requires authenticated user access, allowing users to enter commands and perform various administrative tasks.

    Customization

    While the CLI allows for creating customized roles, the Common Criteria evaluated configuration only includes the predefined roles described in the documentation.

    Ease of Use and User Experience

    The interface is structured to be straightforward and easy to use, even for those who are not highly technical.

    Predefined User Groups

    Users are organized into predefined groups (e.g., system_admin) that determine their access levels, making it easier to manage user permissions.

    Real-Time Information

    The Web UI provides real-time views of network traffic and DDoS attack statistics, which helps in quick decision-making and mitigation.

    Automated Functions

    The platform is self-running and does not require operator intervention to perform DDoS filtering functions, making it user-friendly for ongoing operations.

    Additional Features

    Arbor APS also integrates advanced features that enhance the user experience:

    Cloud Signaling

    This feature allows the APS to automatically alert upstream service providers, such as ISPs or Arbor Cloud, during larger attacks, facilitating faster mitigation.

    Centralized Management

    The APS Console enables centralized management of multiple APS devices, simplifying configuration, alerting, and reporting tasks. Overall, the user interface of Arbor Networks APS is designed to be clear, accessible, and efficient, making it easier for users to manage and mitigate DDoS threats effectively.

    Arbor Networks APS Website

    Arbor Networks APS - Key Features and Functionality



    Arbor Networks APS Overview

    Arbor Networks APS (Advanced Protection System) is a comprehensive DDoS protection solution that integrates several key features to provide robust and automated defense against various types of DDoS attacks. Here are the main features and how they work:

    Always On, In-Line DDoS Protection

    Arbor APS provides continuous, in-line protection against volumetric, state-exhaustion, and application-layer DDoS attacks. This means the system is always active and monitoring traffic in real-time, ensuring immediate detection and mitigation of attacks without any downtime.

    Cloud Signaling and Integrated Cloud-Based Protection

    The APS uses Cloud Signaling™ to automatically connect local on-premises protection with cloud-based DDoS services. When a large attack is detected, the system alerts upstream service providers, such as the ISP or Arbor Cloud, to mitigate the attack before it overwhelms local resources. This integration ensures seamless and rapid mitigation of large-scale attacks.

    Managed APS (mAPS) Service

    For organizations that prefer to outsource their DDoS protection, the mAPS service allows Arbor Networks to manage the on-premises APS products. This service can be used for on-premises-only deployments or as part of a fully managed Arbor Cloud DDoS Protection solution, leveraging industry-leading expertise to optimize DDoS protection.

    Inbound and Outbound Protection

    Arbor APS stops both inbound DDoS attacks and outbound malicious activity from compromised internal hosts. This dual protection ensures that the network is secure from both external and internal threats.

    Embedded SSL Inspection

    The system includes built-in SSL inspection capabilities, which allow it to detect and stop DDoS attacks hidden in encrypted traffic. This feature is crucial for protecting against attacks that might otherwise go undetected.

    ATLAS Intelligence Feed

    The APS is continuously updated with the latest global threat intelligence from Arbor’s Security Engineering & Response Team (ASERT) through the ATLAS Intelligence Feed. This feed provides real-time updates on DDoS and advanced threats, helping to prevent attacks from impacting the network.

    Support for IPv6 and Virtual & Hybrid-Cloud Environments

    Arbor APS detects and stops both IPv4 and IPv6 attacks, ensuring comprehensive protection. Additionally, the system supports virtual and hybrid-cloud environments, allowing for unified protection across different deployment scenarios, including private virtual environments and Amazon Web Services (AWS).

    Reporting and Forensics

    The system offers real-time and historical traffic reporting, including extensive drill-down capabilities by protection group and blocked host. This includes details on total traffic, passed/blocked traffic, top destination URLs/services/domains, attack types, and blocked sources. Packet visibility in real-time is also available, aiding in forensic analysis and incident response.

    DDoS Protection Capabilities

    Arbor APS protects against a wide range of DDoS attacks, including TCP/UDP/HTTP(S) flood attacks, botnet protection, hacktivist protection, host behavioral protection, anti-spoofing, and more. It also includes configurable flow expression filtering, payload expression-based filtering, and permanent and dynamic blacklists/whitelists.

    Modes of Operation

    The system can operate in various modes, including inline active (blocking mode), inline inactive (reporting mode), and SPAN port monitor mode. This flexibility allows for different deployment scenarios based on the organization’s needs.

    Notifications

    Arbor APS supports multiple notification methods, including SNMP traps, syslog, and email, ensuring that security teams are promptly alerted to any potential threats or system events.

    AI and Machine Learning Integration

    While the primary sources do not explicitly detail AI or machine learning integration within the traditional Arbor APS, it is worth noting that NETSCOUT, the parent company of Arbor Networks, has introduced machine learning-based Adaptive DDoS Protection in their newer products like Arbor Edge Defense (AED). This technology uses stateless packet processing, global DDoS threat intelligence, and ML algorithms to block inbound cyberthreats and adapt to dynamic DDoS attacks.

    Conclusion

    In summary, Arbor Networks APS is a powerful tool that leverages advanced technologies and continuous threat intelligence to provide comprehensive DDoS protection. Its features ensure that organizations can protect their networks from a wide range of threats with automated and integrated solutions.

    Arbor Networks APS - Performance and Accuracy



    Performance Highlights

    Arbor Networks APS has demonstrated exceptional performance in various tests and real-world scenarios. Here are some notable highlights:

    • The APS on-premise solution earned a “Recommended” rating and the highest Overall Security Effectiveness score in NSS Labs’ first DDoS Prevention Test Report. It achieved a 100% score for application-layer attacks, such as HTTP Get Flood, RUDY, LOIC, NTP Reflection, 10G DNS Reflection, and SIP Invite Flood attacks, significantly outperforming the 80% group average.
    • The solution scored 90.8% for overall attack mitigation across volumetric, protocol, and application-layer DDoS attacks, with a minimal 0.4% impact on the overall baseline traffic.
    • Arbor APS can handle mitigation capacities up to 40 Gbps as an appliance, and when combined with Arbor Cloud, it can scale to 7.6 Tbps across nine worldwide scrubbing centers.


    Accuracy and Effectiveness

    The accuracy of Arbor Networks APS is supported by its high scores in security effectiveness tests. Here are some key points:

    • The solution passed all stability and reliability tests conducted by NSS Labs, ensuring it can handle real-world attack scenarios without compromising network performance.
    • Arbor APS provides continuous protection against volumetric, state-exhaustion, and application-layer DDoS attacks, with features like Cloud Signaling that automatically connect local protection with cloud-based DDoS services when needed.


    Limitations and Areas for Improvement

    While Arbor Networks APS is highly effective, there are some areas that could be improved:

    • Users have reported issues with integration, particularly with other vendors’ technologies. Enhancing compatibility and openness to third-party systems, such as adopting standardized protocols like DOTS (DDoS Open Threat Signaling), could be beneficial.
    • There have been complaints about false positives, which sometimes block legitimate traffic. Implementing machine-learning or self-learning capabilities could help mitigate this issue.
    • Some users have noted the need for additional features like behavioral traffic analysis, SSL inspection (which has had some implementation issues), and more granular logging capabilities.
    • Hardware stability has been a concern, with frequent outages reported. Improving the reliability of the hardware is crucial.
    • The learning period for managed objects is considered too short, and users suggest implementing auto-profiling based on learning to improve the system’s adaptability.


    Additional Considerations

    Arbor Networks APS also benefits from continuous global visibility and threat intelligence through its ATLAS Intelligence Feed, which updates the system with the latest threats. This feed, combined with the expertise of the Arbor Security Engineering and Response Team (ASERT), enhances the solution’s effectiveness.

    In summary, Arbor Networks APS demonstrates strong performance and accuracy in DDoS protection, but there are areas where improvements can be made, particularly in integration, feature enhancement, and hardware reliability.

    Arbor Networks APS Website

    Arbor Networks APS - Pricing and Plans

    The pricing structure for Arbor Networks APS is based on several factors, including the physical capacity of the environment, the type of protection needed, and the licensing model chosen. Here are the key points to consider:

    Licensing Models

    Arbor Networks offers different licensing models:
    • DDoS or Throughput License: This is a one-time purchase that does not expire after the initial buy. You can use the appliance until its end of life.
    • Subscription License: This is purchased for one, three, or five years and includes additional features and services. This license must be renewed periodically.


    Plans and Features



    On-Premise Protection

    • Arbor APS Appliances: These come in various models with different mitigation capacities (e.g., 100Mbps to 40Gbps). Each appliance provides always-on, in-line protection against volumetric, state-exhaustion, and application-layer DDoS attacks.


    Cloud-Based Protection

    • Arbor Cloud Services: These include several tiers such as:
    • Arbor Cloud Connect: Standby attack mitigation support.
    • Arbor Cloud Essentials: Real-time attack mitigation support up to 12 times per year.
    • Arbor Cloud Essentials : Unlimited real-time attack mitigation support.


    Managed Services

    • Managed Arbor APS (mAPS) Service: This is a fully managed combination of on-premise and in-cloud DDoS protection. It includes features like baseline tuning, alert policy configuration, Cloud Signaling, and lifecycle maintenance of Arbor APS appliances.


    Additional Features

    • Cloud Signaling: Automatically alerts upstream service providers, such as the ISP or Arbor Cloud, when larger attacks threaten availability.
    • ATLAS Intelligence Feed: Provides real-time updates with actionable intelligence on DDoS and advanced threats.
    • SSL Inspection: Stops DDoS attacks hidden in encrypted traffic.


    Pricing Considerations

    • The pricing is dependent on several parameters, including the physical capacity of the environment. It is not a straight-line price and can be considered fairly competitive in the market, though it is generally on the higher side compared to some competitors.
    • There are no free options available for Arbor Networks APS. The solution is typically offered through annual licenses or one-time purchases with ongoing maintenance and support costs.


    Conclusion

    Arbor Networks APS pricing is structured around the specific needs of the customer, including the type of protection required, the capacity of the environment, and the preferred licensing model. While the pricing can be high, it reflects the comprehensive and advanced features provided by the solution. For precise pricing details, it is recommended to contact Arbor Networks directly or consult with their sales team.

    Arbor Networks APS - Integration and Compatibility



    Integration with Cloud Services

    Arbor APS integrates well with cloud-based services, particularly through its Cloud Signaling feature. This feature allows the APS to automatically alert upstream service providers, such as your ISP or Arbor Cloud, when larger attacks threaten your network’s availability. This collaborative approach ensures that volumetric attack traffic can be redirected to in-cloud scrubbing centers for mitigation, providing a layered defense mechanism.



    Support for Virtual and Hybrid-Cloud Environments

    Arbor APS is compatible with virtual environments, including private virtual environments and cloud platforms like Amazon Web Services (AWS). The virtual version of the APS appliance, known as vAPS, can be run on VM hypervisors such as KVM and VMware vSphere 5.5 , ensuring unified protection across different deployment scenarios.



    Multi-Platform Compatibility

    The APS solution supports a range of platforms, including Arbor appliances and virtual machines. It can be managed through the APS Console, which supports multiple hypervisors and cloud services. For instance, vAPS can run on AWS EC2, and the APS Console can manage both hardware and software health, system and security alerts, and other critical metrics across various platforms.



    Threat Intelligence and Reporting

    Arbor APS leverages the ATLAS Intelligence Feed, which provides real-time updates containing actionable intelligence on DDoS and advanced threats. This feed helps in preventing attacks by blocking threats based on IP reputation, geoIP tracking, and domain and IP reputation. The solution also offers extensive reporting and forensics capabilities, including real-time and historical traffic reporting, which can be accessed through a web-based GUI that supports multiple languages.



    Managed Services

    For organizations that prefer outsourced management, the Managed Arbor APS (mAPS) Service is available. This service includes expert implementation, on-premise attack mitigation, post-attack reports, and daily maintenance. It ensures that the APS appliance is always up-to-date and armed with the latest threat intelligence, further enhancing its integration with other security tools and services.



    Notification and Alert Systems

    Arbor APS supports various notification methods, including SNMP traps, syslog, and email alerts. This ensures that security teams can be promptly informed of any security events or changes in the network, facilitating quick response and mitigation actions.



    Conclusion

    In summary, Arbor Networks APS offers a highly integrated and compatible solution that works seamlessly across different platforms, cloud services, and management tools, providing comprehensive DDoS protection and enhanced security capabilities.

    Arbor Networks APS Website

    Arbor Networks APS - Customer Support and Resources



    Customer Support

    The primary point of contact for all service and technical assistance is the Arbor Technical Assistance Center (ATAC). Here are the key aspects of ATAC support:



    24/7 Support

    ATAC operates on a 7×24, follow-the-sun service model with service centers in Burlington, Massachusetts; Ann Arbor, Michigan; and Bangalore, India. Each center is equipped with local technical support labs for issue replication and traffic simulation.



    Contact Methods

    For urgent matters, customers can call ATAC using the toll-free number 1 877 ARBOR A1 (1 877 272 6721) in the USA or 1 781 362 4300 internationally. For non-urgent issues, customers can submit service requests through the ATAC Customer Portal.



    Support Team

    The ATAC team includes Customer Support Specialists for general queries, Technical Support Engineers for resolving technical issues, and Senior Technical Support Engineers for handling highly complex issues. If necessary, issues can be escalated to the Arbor Product Development team, with ATAC continuing to manage the issue and provide status updates.



    Service Requests and Tracking



    Service Request Process

    When you contact ATAC, a service request (SR) is opened, containing details such as the customer’s name, description of the event, tracking number, severity of the issue, and the date and time the problem began. The SR is updated in the tracking system, and customers receive periodic email notifications regarding the status.



    Severity Levels

    The severity of the issue determines the update interval and problem resolution goal. For example, Severity 1 issues have hourly updates and a 4-hour resolution goal, while Severity 4 issues have updates every 48 hours and a resolution goal of 72 hours.



    Additional Resources



    ATAC Customer Portal

    This portal provides secure access to a range of resources, including software, user guides, technical documentation, frequently asked questions, and other product support information. Customers can request an account using their contract ID or the serial number of their Arbor appliance.



    Documentation and Knowledge Base

    The portal includes comprehensive documentation and a knowledge base that customers can reference for non-urgent matters. This helps in troubleshooting and resolving issues quickly.



    Advanced Services

    Arbor offers additional services such as Product Implementation, Product Staging, Dedicated Support Engineer, and Resident Support Engineer. These services can be arranged through your Arbor account manager.



    Event Management Guidelines

    For events identified by Arbor products, such as those covered by the Arbor Feed Service, there are guidelines for internal/external notification and issue-resolution activities. This includes real-time actionable intelligence from the ATLAS Intelligence Feed (AIF) to help prevent attacks.

    By leveraging these support options and resources, customers can ensure their Arbor Networks APS and other security tools are effectively managed and maintained to protect against DDoS attacks and other advanced threats.

    Arbor Networks APS - Pros and Cons



    Advantages of Arbor Networks APS

    Arbor Networks APS offers several significant advantages that make it a strong contender in the security tools category, particularly for DDoS protection:

    Comprehensive Protection

    Arbor Networks APS provides a complete solution for protecting against various types of DDoS attacks, including volumetric, TCP state-exhaustion, and application-layer attacks. This comprehensive protection ensures business continuity and availability.

    Hybrid Defense

    The APS solution combines on-premises and cloud-based protection. On-premises appliances offer always-on, in-line protection, while cloud-based services, such as Arbor Cloud, handle larger attacks that could overwhelm local resources. This hybrid approach ensures that both small and large-scale attacks are effectively mitigated.

    Intelligent Automation

    Arbor APS features Cloud Signaling technology, which automatically alerts upstream service providers, such as the ISP or Arbor Cloud, when larger attacks are detected. This automation ensures faster mitigation times and reduces the risk of service disruption.

    Advanced Threat Intelligence

    The ATLAS Intelligence Feed provides real-time updates with actionable intelligence on DDoS and advanced threats. This feed includes data from IP reputation, geoIP tracking, and domain and IP reputation to block threats effectively.

    Support for Various Environments

    Arbor APS supports both physical and virtual environments, including cloud environments like Amazon Web Services (AWS). This flexibility allows organizations to deploy the solution in a way that best fits their infrastructure.

    High Mitigation Capacity

    The APS appliance has a mitigation capacity of up to 40 Gbps, and Arbor Cloud has a network capacity of 7.6 Tbps distributed across nine worldwide scrubbing centers. This high capacity ensures that even large-scale attacks can be handled effectively.

    Enhanced with AI and ML

    Recent updates to the Arbor solution include the use of AI and machine learning within the ATLAS Threat Intelligence system, enhancing threat identification and providing dynamic, real-time protection.

    Disadvantages of Arbor Networks APS

    While Arbor Networks APS is a powerful tool, there are some considerations to keep in mind:

    Cost

    Arbor Networks does not disclose pricing information publicly, which can make it difficult for potential customers to budget for the solution. However, multiple CapEx and OpEx purchasing options are available.

    Deployment and Management

    While the solution is designed to be easy to deploy, managing and optimizing the APS products may require specialized expertise. However, Arbor Networks offers a managed APS (mAPS) service to help with this.

    Security Qualifications and Compliance

    While the solution meets high security standards such as FIPS 140-2 Level 2 and 3, ensuring compliance with specific regulatory requirements may still require additional effort and verification. In summary, Arbor Networks APS offers a highly effective and comprehensive solution for DDoS protection with advanced features and high mitigation capacities. However, the cost and potential need for specialized management should be carefully considered.

    Arbor Networks APS Website

    Arbor Networks APS - Comparison with Competitors



    When Comparing Arbor Networks APS

    When comparing Arbor Networks APS with other security tools in the category of DDoS protection and AI-driven security solutions, several key features and distinctions become apparent.



    Unique Features of Arbor Networks APS

    • Always On, In-Line DDoS Protection: Arbor APS provides continuous, in-line protection against volumetric, state-exhaustion, and application-layer DDoS attacks. This ensures that the system is always ready to detect and mitigate threats without any downtime.
    • Embedded SSL Inspection: Arbor APS includes built-in SSL inspection, which allows it to detect and stop DDoS attacks hidden in encrypted traffic. This is a critical feature for protecting against sophisticated threats.
    • Intelligently Automated Cloud Signaling: When on-premise protection is overwhelmed, Arbor APS can signal upstream to Arbor Cloud or the ISP to stop large-scale attacks. This hybrid approach ensures comprehensive protection.
    • ATLAS Intelligence Feed: The system is continuously updated with the latest global threat intelligence from Arbor’s Security Engineering & Response Team (ASERT), ensuring it stays ahead of emerging threats.
    • Support for Virtual & Hybrid-Cloud Environments: Arbor APS offers a virtual version (vAPS) that can be run in private virtual environments or in Amazon Web Services (AWS), providing unified protection for hybrid-cloud setups.


    Potential Alternatives and Comparisons



    Fortinet

    • Zero-Day Threat Prevention: Fortinet’s AI security solutions, such as FortiGuard, are particularly strong in preventing zero-day threats. While Arbor APS focuses on DDoS protection, Fortinet’s solutions offer a broader range of threat prevention capabilities, including content security and SOC-as-a-service functionality.
    • Global Threat Intelligence: Like Arbor APS, Fortinet leverages global threat intelligence, but it also integrates with a broad portfolio of security solutions across Fortinet’s products.


    Darktrace

    • Novel Threat Detection: Darktrace is known for its ability to neutralize novel threats using AI-driven anomaly detection. Unlike Arbor APS, which is specifically tailored for DDoS protection, Darktrace offers a more general approach to detecting and mitigating unknown threats.


    Vectra AI

    • Hybrid Attack Detection: Vectra AI specializes in hybrid attack detection, investigation, and response. While it does not have the same level of DDoS-specific features as Arbor APS, it provides comprehensive protection against a wide range of threats in hybrid environments.


    Key Differences

    • Specialization: Arbor APS is highly specialized in DDoS protection, offering advanced features like in-line protection and cloud signaling. In contrast, other solutions like Fortinet, Darktrace, and Vectra AI offer more generalized threat protection capabilities.
    • Integration: Arbor APS integrates well with cloud services and can be managed through the Arbor Cloud, whereas other solutions might integrate more broadly with various security products and services within their respective ecosystems.

    In summary, while Arbor Networks APS stands out for its specialized and advanced DDoS protection features, other AI-driven security tools like Fortinet, Darktrace, and Vectra AI offer broader threat protection capabilities that might be more suitable for organizations with diverse security needs.

    Arbor Networks APS - Frequently Asked Questions

    Here are some frequently asked questions about Arbor Networks APS, along with detailed responses to each:

    What is Arbor Networks APS and what does it do?

    Arbor Networks APS (Advanced Threat Protection System) is a comprehensive solution for protecting against Distributed Denial of Service (DDoS) attacks. It provides always-on, in-line protection against volumetric, state-exhaustion, and application-layer DDoS attacks, ensuring business continuity and availability of critical applications and services.



    What are the key features of Arbor Networks APS?

    Key features include:

    • Always On, In-Line DDoS Protection: Out-of-the-box protection against various types of DDoS attacks.
    • Inbound and Outbound Protection: Stops inbound DDoS attacks and outbound malicious activity from compromised internal hosts.
    • Intelligently Automated Cloud Signaling: Automatically signals upstream to Arbor Cloud or your ISP to mitigate large attacks.
    • Embedded SSL Inspection: Detects and stops DDoS attacks hidden in encrypted traffic.
    • Support for Virtual & Hybrid-Cloud Environments: Provides unified protection for hybrid-cloud environments, including virtual versions of the APS appliance.
    • ATLAS Intelligence Feed: Continuously updates protection with the latest global threat intelligence from Arbor’s Security Engineering & Response Team (ASERT).


    How does Arbor APS handle large-scale DDoS attacks?

    Arbor APS uses Cloud Signaling to intelligently and automatically connect local protection with cloud-based DDoS services. When a large attack is detected, it signals upstream to Arbor Cloud or your ISP to redirect volumetric attack traffic to in-cloud scrubbing centers for mitigation, ensuring that the attack does not overwhelm on-premise protection.



    What is the Managed APS (mAPS) Service?

    The Managed APS (mAPS) Service allows you to rely on the industry-leading expertise of Arbor Networks to manage your on-premise Arbor APS products. This service includes expert implementation and provisioning, on-premise attack mitigation, comprehensive post-mortem reports, and daily maintenance to ensure your APS appliance is up-to-date and running properly. It also includes configuration of Cloud Signaling and regular capacity audits.



    Can Arbor APS protect against both IPv4 and IPv6 attacks?

    Yes, Arbor APS is capable of detecting and stopping both IPv4 and IPv6 attacks, ensuring comprehensive protection across different network protocols.



    How does Arbor APS integrate with cloud environments?

    Arbor APS supports virtual and hybrid-cloud environments through its virtual version, vAPS, which can be run in private virtual environments or in Amazon Web Services (AWS). This provides unified protection for your hybrid-cloud setup.



    What is the ATLAS Intelligence Feed and how does it benefit APS?

    The ATLAS Intelligence Feed provides real-time updates containing actionable intelligence on DDoS and advanced threats. This feed is continuously updated with the latest global threat intelligence from Arbor’s Security Engineering & Response Team (ASERT), helping to prevent attacks from impacting your networks or services.



    Can Arbor APS be managed remotely?

    Yes, the Managed APS (mAPS) Service includes remote management of the on-premise Arbor APS appliance. This service ensures the appliance is up-to-date, running properly, and armed with the latest threat intelligence. It also includes remote configuration and health check reports.



    How does Arbor APS handle encrypted traffic?

    Arbor APS includes embedded SSL inspection, which allows it to detect and stop DDoS attacks hidden in encrypted traffic, ensuring that even encrypted attacks are mitigated.



    Are there different models of Arbor APS available?

    Yes, there are various models of Arbor APS available, each with different bandwidth capacities, such as 2002 (500Mbps), 2003 (1Gbps), 2104 (2Gbps), and others, allowing you to choose the model that best fits your network requirements.

    Arbor Networks APS Website

    Arbor Networks APS - Conclusion and Recommendation



    Final Assessment of Arbor Networks APS

    Arbor Networks APS is a comprehensive and advanced solution for protecting against Distributed Denial of Service (DDoS) attacks, making it a strong contender in the security tools category, particularly for those relying on AI-driven products.



    Key Features and Benefits

    • Always On, In-Line Protection: Arbor APS provides continuous, in-line DDoS protection against volumetric, state-exhaustion, and application-layer attacks, ensuring business continuity and network availability.
    • Integrated Cloud-Based and On-Premise Protection: The system combines on-premise protection with cloud-based services through Intelligent Cloud Signaling, allowing for the mitigation of large attacks by redirecting traffic to cloud-based scrubbing centers.
    • Embedded SSL Inspection: This feature enables the detection and mitigation of DDoS attacks hidden in encrypted traffic, a critical capability in today’s encrypted internet environment.
    • ATLAS Intelligence Feed: Continuous updates from Arbor’s Security Engineering & Response Team (ASERT) ensure the system is armed with the latest global threat intelligence, helping to prevent and mitigate known and emerging threats.
    • Managed APS (mAPS) Service: For organizations that prefer expert management, the mAPS service offers implementation, ongoing maintenance, and post-attack analysis, ensuring optimal DDoS protection.


    Who Would Benefit Most

    Arbor Networks APS is particularly beneficial for:

    • Enterprises: Large organizations with critical online services that cannot afford downtime due to DDoS attacks.
    • Government Networks: Government entities that require high levels of security and availability for their networks and services.
    • Hybrid-Cloud Environments: Organizations using both on-premise and cloud infrastructure, as APS supports virtual and hybrid-cloud environments.


    Overall Recommendation

    Arbor Networks APS is highly recommended for any organization seeking comprehensive DDoS protection. Here are a few reasons why:

    • Comprehensive Protection: It offers a complete solution that includes in-line protection, cloud signaling, and SSL inspection, making it a robust defense against various types of DDoS attacks.
    • Expert Management: The option for managed services ensures that the system is always optimized and up-to-date, even for organizations without extensive in-house security expertise.
    • Real-Time Mitigation: The real-time DDoS mitigation reporting and forensics capabilities help in quick response and analysis of attacks, minimizing the impact on business operations.

    In summary, Arbor Networks APS is a reliable and advanced solution for DDoS protection, suitable for organizations that require high levels of network security and availability. Its combination of on-premise and cloud-based protection, along with continuous threat intelligence updates, makes it an excellent choice for safeguarding against the growing threat of DDoS attacks.

    Arbor Networks APS Website
    Back to Detailed Reviews Main Page
    Scroll to Top