Likelihood to Recommend Arbor has the propensity to deal with even the larger firms. I have been using it for a year span and I don’t have any such complaint which is affecting us in a bad way. I can recommend this to all the companies who want to have a good network behavior analysis and to monitor the problems if there is any chance of it to occur and which has the potential to affect the whole working environment of the company.
Read full review Palo Alto Networks Wildfire is well suited for pretty much anywhere that you need the latest and greatest network security. It is extremely good at protecting you from the latest malware threats that might pose a potential problem for your network/endpoints. We've been very please since we installed it and I would say cost of the Palo Altos is the only drawback. If money were no object I'd go with a Palo Alto with Wildfire every time. But unfortunately in some smaller branches it just doesn't make financial sense.
Read full review Pros Arbor's layer 7 countermeasures are very good out of the box, but it is very easy to reconfigure values and see the impact in real-time. Peakflow SP provides fairly detailed traffic analysis and breakdown for top-N data such as top talkers, top ASNs, top ports and so on. They offer "SP Insight" as a product to build in more powerful reporting on the already-collected metrics with an interface very similar to Kibana or one of its many forks. We are not licensed for that so I can't speak to its capabilities. Arbor allows for a good amount of automation. Fast flood detection ensures that if pre-determined thresholds are quickly exceeded, preconfigured mitigations can be started or in the event of an extremely large volumetric attack you can trigger an Arbor Cloud (sold separately) mitigation or a remotely-triggered blackhole announcement to drop traffic to the attacked destination IP address(es) upstream. ATAC (Arbor support) is very helpful. The level of support our organization maintains covers ATAC performing all update functions to all Arbor appliances - SP and TMS. Read full review This is could base and easily manageable for our collocation. While working within the could can review in live time potential treats that it has reported from other devices. Worked very well with existing Palo Alto devices. Another huge plus is the simplicity of managing and ease of scalability. Its cost is competitive with similar/like products available. Read full review Cons Arbor is a highly expensive company. this was the major reason behind not going for the Arbor sightline in the first place. Although its features are good but the cost is unjustifiable. The implementation and the understanding of this tool are full of complexity and perplexity. I am looking forward to having a new update on it. They used to update their versions quite frequently but it's been a long time they haven’t updated or maybe it is not in their priority lists right now. Read full review WildFire, like other sandboxes, has to stay up with malware sandbox evasion techniques, which necessitates larger file size limits. More file formats should be able to be submitted and scanned by WildFire, which needs improved initial administration and setup. It's quite pricey, and there's no warning choice for performance on the cloud. Read full review Likelihood to Renew It works very well and takes care of protecting us from threats new and well-known. It's been a game changer in terms of threat detection & prevention.
Read full review Usability Easy to use and works well. For the most part it's set it and forget it, but there's also some flexibility for high security environments and those with extra privacy concerns.
Read full review Support Rating PAN support is very good. You can get the reasonable and timely support on any conditions. When the product is already integrated with the PAN firewalls, you can choose the severity levels based on the effect. The customer service/TAC is very helpful, they even have additional recommendations of advises for product usability. Local partners are also assisting the cases and give their expertise.
Read full review Alternatives Considered We evaluated Corero and a number of external scrubbing services. In the POC, we found Corero's mitigation capabilities to extremely limited beyond blocking common traffic types at preconfigured rates. It's not impossible to configure custom mitigation methods and countermeasures, but it requires a deep understanding of BPF and bytecode, where Arbor is checkboxes, radio buttons, and dialog buttons that all sit next to a graph showing traffic dropped and permitted by the current settings. I'm not going to enumerate each of the cloud services evaluated because the decision came down to the same reasoning. The amount of traffic we receive is enough that it would be prohibitively expensive for our use case.
Read full review We wanted a single device to handle numerous jobs, such as antivirus, antimalware, vulnerability detection, url filtering, etc. Palo Alto provides this, while
TippingPoint IPS is a more dedicated product. Caveat: I used
TippingPoint over 5 years ago, so things may have changed.
Read full review Return on Investment Arbor is good in empower us to monitor the issues in the network. We can get better traffic analytics and reports are quite detailed. The price is quite high which makes it a little hard choice for us. Read full review As we all know the product of Palo Alto is little bit expensive but its performance is far better than any of its competitors. So as I previously mentioned, Palo Alto should not sell WildFire Licence seperately. If the firewall is internet facing then only we should buy WildFire Licence. WildFire Licence is not necessary for internal firewall. If you are planning to buy a firewall for internal network where your traffic is not going towards internet so no need to buy WildFire Licence. Read full review ScreenShots