Arbor Edge Defense

First and Last Line of Automated Defense from Advanced Cyber Threats

Contact us Arbor Cloud DDoS Protection Services

NETSCOUT’s Arbor Edge Defense

Arbor Edge Defense's unique position on the network edge (i.e. between the router and the firewall), its stateless packet processing engine and the continuous reputation based threat intelligence it receives from Arbor's ATLAS Threat Intelligence feed enable it to automatically detect and stop both inbound threats (e.g. DDoS attacks, malware) and outbound communication from internal compromised hosts – essentially acting as the first and last line of defense for organizations.

Arbor Edge Defense

Benefits of Arbor Edge Defense

  • Automatically detect and stop inbound DDoS attacks as large as 40 Gbps. In the event of larger DDoS attacks, Cloud Signaling automatically reroutes traffic to Arbor Cloud or a MSSP’s cloud based mitigation center.
  • Automatically detect and stop application-layer DDoS attacks that impact availability of critical business services and TCP-state exhaustion attack protecting availability of stateful devices such as firewalls, IPS and load balancers.
  • Stateless technology enable it to take pressure off stateful devices (e.g. NGFW/IPS) which struggle to adequately detect and block reputation based IoCs.
  • Armed with reputational threat intelligence (IP addresses, domains and URLs), Arbor Edge Defense can detect and block outbound communication to known bad sites to help stop the further proliferation of malware with an organization or data breach.
  • A set of robust REST API’s can integrate into existing security processes and systems.
  • Being SDN/NFV ready allows integration with OpenStack, Heat, Tacker, Ansible, Nokia Cloudband, Cisco NSO, and other ONAP or ETSI NFV management and orchestration technologies.
  • First & Last Line of Defense
    Arbor Edge Defense’s unique location on the network edge, its stateless packet processing engine and ATLAS® global threat intelligence feed allow it to stop inbound threats and outbound communication from compromised hosts.

  • Always On, In-Line, Advanced DDoS Protection
    Out of the box, on-premise protection from all types of advanced DDoS attacks including volumetric, state-exhaustion, application-layer and SSL.

  • Intelligently Automated, Hybrid DDoS Protection
    The intelligently automated, fully managed combination of in-cloud (via Arbor Cloud) and on-premises (via Arbor Edge Defense) is continuously armed with ATLAS global threat intelligence; offers the most comprehensive form of protection from the modern-day DDoS attack.

  • Outbound Threat Communication Detection and Blocking
    Arbor Edge Defense’s ATLAS derived, reputation based threat intelligence allow it to detect and block outbound communication from internal compromised hosts; helping to stop further proliferation of malware or data breach.

  • Support for Virtual & Hybrid-Cloud Environments
    vAED is a virtual version of the Arbor Edge Defense appliance that can be run in your private virtual environment like Amazon Web Services, providing unified protection for your hybrid-cloud environments.


  • Data Sheets

Arbor Edge Defense

Arbor Edge Defense is an inline security appliance deployed at the network perimeter that can automatically detect and block inbound threats and outbound malicious communication using highly scalable, stateless technology and unique, global threat intelligence.

Download PDF

ATLAS Intelligence Feed (AIF)

The ATLAS Intelligence Feed, or AIF from Arbor, arms customers with policies and countermeasures that enable them to quickly address attacks as part of an advanced threat or DDoS attack. The AIF is a service of the Arbor Security Engineering and Response Team (ASERT), and enables customers to directly benefit from the depth and breadth of Arbor’s research capability.

Download PDF