Detect and Mitigate DDoS Attacks with NETSCOUT Arbor Insight

Red lines with black background
Andrew Green

The threat surface within internet service provider (ISP) networks has expanded as more external connectivity and service infrastructure has pushed to the edge. With distributed denial-of-service (DDoS) attack traffic continuing to exceed pre-pandemic levels, a complete picture of all network traffic and threat activity is essential for service providers to optimize the defense of their networks and the expanding threat surface.

The vast majority of ISPs the world over use NETSCOUT Arbor Sightline for DDoS protection and managed service delivery. Arbor Sightline, combined with Arbor Insight, delivers a new level of visibility, correlating multiple sources of network telemetry with NETSCOUT’s patented Adaptive Service Intelligence (ASI) flow technology, global intelligence, and local configuration to deliver a more than 80-facet record for each monitored network communication.

Arbor Insight provides operations teams with the optimal data set for every security and network use case—including time-series analysis of critical traffic dimensions and annotated flow data for in-depth investigations, forensics, and retrospective analysis. Using configurable, optimized data sets, Arbor Insight delivers instant access to high-fidelity data with minimal storage and compute requirements.

Arbor Insight takes advantage of Arbor Sightline’s powerful concept of managed objects and workflows and adds the following benefits:

  • Liberates the user from the confines of predefined reports and graphs
  • Enables multiple traffic dimensions to be viewed simultaneously
  • Provides new rich, interactive visualizations that help users arrive at answers faster and more easily

New Powerful, Advanced Traffic Reports

Arbor Insight delivers flexible, multidimensional time-series threat and traffic analytics via new customizable Advanced Traffic Reports (ATRs). ATRs augment users’ operational workflows with immediate multidimensional visibility into key areas of interest, facilitating speed-of-thought drill-downs and sub-filtering to quickly expose network dynamics such as top attack targets and vectors, top talkers/services/protocols, historical anomalies and threat signatures, and more. Once ATRs are defined, they automatically maintain the desired data fidelity and granularity, allowing instant response to any query, supporting long- and short-term visibility needs, and optimizing total cost of ownership (TCO).

Arbor Insight’s capabilities help network operators tune their defenses, design and scale their mitigation capabilities, and more quickly onboard new service customers, all while reducing costs and increasing revenue.

Arbor Insight extends all Arbor Sightline DDoS and traffic analytics capabilities, maintaining investment in both infrastructure and operational processes. It also enables ISPs to better understand their risks, tune their detection capabilities, design their mitigation capabilities, and defend their customers with the lowest TCO.

NETSCOUT has been the worldwide market leader in layer 3/4 ISP threat detection for more than 15 years via Arbor Networks, NETSCOUT’s security division. With tight integration of technologies from NETSCOUT and Arbor, Arbor Insight offers a unique layer 3/4/7 visibility solution for networks of any scale, leveraging your existing investment in Arbor Sightline and further optimizing your DDoS detection, mitigation, and managed service capabilities.

For more information, please see our Arbor Insight page