Confirmed: NETSCOUT Arbor DDoS Protection Solution Has a 223% ROI and Reduces MTTR by 85%

For more than 20 years, most of the world’s internet service providers, cloud providers, large enterprises, and governments have relied on the industry-leading technology in NETSCOUT’s Arbor distributed denial-of-service (DDoS) attack protection products to protect their services and customers from DDoS attacks. Without a doubt, the Arbor DDoS attack protection solution is the industry’s most advanced, intelligently automated, adaptive DDoS protection solution. We have countless success stories and awards to back this up.

But when deciding on a DDoS attack protection solution, organizations must evaluate both its technical and financial merits before making a final decision.

To justify the purchase to executive management, a business case is required. This business case is unique to every organization's business model, risk profile, and so on.

To support the justification and business case, third-party validation and case studies can play a vital role in the approval process.

With that in mind, NETSCOUT commissioned Forrester Consulting to conduct a Forrester Total Economic Impact (TEI) study on the Arbor DDoS attack protection solution—more specifically, the Arbor Sightline, Threat Mitigation System (TMS), and Insight products.

Note: All charts, tables, and quotes in this blog are from the Forrester Total Economic Impact study on the Arbor DDoS attack protection solution.

Technical and Financial Benefits
Let’s cut to the chase: The results were stellar. 

• 223 percent return on investment (ROI)
• One-year payback
• $17.44 million worth of benefits over three years
• Benefits included a reduction in service downtime for the service provider and its customers, revenue generation, and improvements in NetSecOps productivity

To arrive at these final numbers, Forrester conducted a rigorous exercise that included interviewing NETSCOUT subject matter experts and four NETSCOUT customers (shown in the table below) who were actively using the Arbor Sightline, TMS, and Insight products.

Forrester independently interviewed these customers separately and asked questions related to the following:

• Their experience with product purchase, deployment, and technical support.
• The challenges they were facing prior to the Arbor product purchase.
• The benefits they received after the purchase of the Arbor solution.

Based on the customer interviews, Forrester then constructed a composite company comprising the following assumptions:

Also based on the customer interviews, Forrester conducted an exhaustive financial analysis that resulted in the three-year financial benefits shown in the table below:

A few things to point out regarding the financial benefits:

• A bulk of the benefits (approximately $13 million) come from the reduction in downtime associated with DDoS attacks. This downtime can be on the part of the service provider’s customers (see Ref. Atr in table) or the service provider’s core services (see Ref. Btr in table). The benefits were attributed to the solution’s automated DDoS attack detection and surgical mitigation capabilities, which were credited with a 75-80 percent improvement in the mean time to resolution (MTTR).
• The solution improved the productivity of security and ITOps teams as they mitigated DDoS attacks (see Ref. Dtr in table).
• The ability to monetize the solution and generate additional revenue (approximately $7.2 million) from a managed DDoS attack protection service was another large key benefit (see Ref. Dtr in table). 

In Their Own Words: Customer Response

In addition to the very positive financial analysis, the study also contains many notable quotes that add color to and back up the rigorous calculations. For example:

 “With the auto mitigation capability, 90 percent to 99 percent of the attacks are just soaked up by the platform automatically without any human intervention at all. Think of all the workload that’s gone away.” — Network Specialist, Telecom Services 

“With Arbor Insight, [Arbor] Sightline, and [Arbor] TMS together, it helps us to identify the exact type of DDoS attack. I can get it to the granularity of what signature was used in the attack and then decide what method of mitigation will be actually the most effective. If I am able to automatically orchestrate that to TMS, that helps me with the time-to-mitigate portion. Within a maximum of 1 minute, I am able to mitigate that attack. Effectively, the institution doesn’t even feel the impact of DDoS attacks anymore.” — Security Operations Manager, Regional ISP

“It [premium service enabled by Arbor Insight] is a revenue stream, [and] it’s quite a strong and lucrative revenue stream because it’s a specialist service.” — Network Specialist, Telecom Services

But I think this quote summarized it best:

“As an ISP, it’s mandatory you have DDoS protection so that you can meet legal and contractual requirements with your customers as well as the in-depth analytics that allow us to do capacity planning. So, I think any CFO would certainly see that [Arbor DDoS Protection solutions are] a worthwhile investment.”  — Network Security Engineer, Satellite Telecom

Learn More

As mentioned earlier, if you’re considering the purchase of a DDoS attack protection solution, you will no doubt be required to evaluate both its technical and financial merits. We at NETSCOUT have always known that the Arbor DDoS attack protection solution is a technically superior solution. Now with the help of this report, it can be financially justified as well. 

Download the Forrester Total Economic Impact study to learn more about the technical and financial benefits of NETSCOUT’s Arbor DDoS attack protection solution.  

To learn more about the details of the Forrester Total Economic Impact study, listen to the webinar.

For more information regarding the Arbor Sightline, Threat Mitigation System, and Insight products that were used in this study, check out our service provider DDoS protection solution.