Arbor DDoS Protection Features & Pricing

eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

See our complete list of top DDoS vendors.

Company Description

Arbor Networks was founded in Burlington, Massachusetts, in 2000. Tektronix Communications acquired the company in 2010, and it acquired an Australian company named Packetloop in 2013. In 2015, NETSCOUT acquired Arbor, and it is now considered the security division of NETSCOUT. Its products focus on distributed denial of service (DDoS) prevention, global threat intelligence and network visibility.

Product Description

The Arbor APS product comes as an appliance providing mitigation capacity up to 40Gbps or as a virtual offering supporting cloud environments such as Amazon Web Services. Arbor utilizes hybrid, multi-layer defenses to protect against all types of DDoS threats. This includes cloud-based protection to defend against large, high-volume attacks. On-premises protection also protects against complicated application-layer and TCP state-exhaustion attacks. The hybrid solution of Arbor APS and Arbor DDoS Protection Service incorporates detection and mitigation technology, providing a view of network activities and enabling fast, automatic blocking of attacks before they impact critical applications and services.

Markets and Use Cases

Enterprise, government, financial services and SMBs.


Arbor APS has an appliance attack mitigation capacity up to 40 Gbps. Arbor Cloud has a network capacity of 7.6 Tbps, distributed across nine worldwide scrubbing centers. All Arbor products and servies are continuously armed with Arbor’s ATLAS Intelligence Feed, which boasts visibility into 140 Tbps of the world’s internet traffic.

Security Qualifications

FIPS 140-2 Level 2 and 3 support; Separate “Trusted-Path” Administration for FIPS 140-2 Level 3; Secure tamper-proof enclosure; Keys cleared if enclosure breached; Power:


NETSCOUT Arbor has the ability to handle volumetric, TCP and application-layer DDoS attacks. In addition to the standard techniques for DDoS attack prevention, NETSCOUT Arbor uses its ATLAS global threat intelligence feed, and reputation data from the Arbor Security Engineering and Response Team (ASERT). It also extends, automates and integrates protection to the cloud using Cloud Signaling technology to connect on-premises protection with cloud-based DDoS services. The APS can be set to alert upstream service providers, such as the customer’s ISP or Arbor Cloud, when larger attacks threaten availability, ensuring the rapid mitigation of DDoS attacks before they overwhelm local resources.


Hybrid: combination of in-cloud DDoS protection and on-premises protection offered as appliance or virtual form factors.


No agents used.


Arbor Networks does not disclose pricing information, and offers multiple CapEx and OpEx purchasing options.

Get the Free Cybersecurity Newsletter

Strengthen your organization’s IT security defenses by keeping up to date on the latest cybersecurity news, solutions, and best practices. Delivered every Monday, Tuesday and Thursday

Drew Robb Avatar

Subscribe to Cybersecurity Insider

Strengthen your organization’s IT security defenses by keeping abreast of the latest cybersecurity news, solutions, and best practices.

Top Cybersecurity Companies

Top 10 Cybersecurity Companies

See full list

Get the Free Newsletter!

Subscribe to Cybersecurity Insider for top news, trends & analysis