View all news

New NETSCOUT DDoS Mitigation Platform for Terabit Attack Era

April 11, 2018

Arbor TMS Delivers Greater Scale, Intelligent Automation, and Advanced Threat Protections

WESTFORD, Mass.--(BUSINESS WIRE)--Apr. 11, 2018-- NETSCOUT SYSTEMS, INC., (NASDAQ: NTCT), a leading provider of service assurance, security, and business analytics, today announced a new Arbor TMS HD1000 DDoS mitigation solution that more than doubles mitigation capacity over the previous version, delivering a 40% reduction in the cost per gigabit of protection delivered.

NETSCOUT will be providing demos of the Arbor TMS solution at the RSA Conference in San Francisco next week. Visit us at booth #1801 in the South Hall of the Moscone Center for more information.

Enabling large-scale DDoS attack protection up to 400Gbps in a single appliance or up to 40Tbps in a single deployment, the new Arbor TMS HD1000 surgically removes layer 3-7 attack traffic from the network without disrupting key network services. The industry’s most advanced alerting, countermeasures, and end-to-end workflows provide comprehensive, real-time visibility into network traffic and threats, automatically mitigating denial of service attacks so operators maintain their services and network performance without compromise.

“DDoS attacks have evolved, using size, persistence and increasing sophistication – or any combination thereof – to achieve their objective. The volume of the largest ever seen DDoS attack doubled overnight in February, up to 1.72Tbps. For internet service, cloud, and hosting providers, attacks of this magnitude pose a significant risk to their business, and their customers. We’re focused on helping providers scale their mitigation capacity, using a combination of intelligence mitigation infrastructure and network capabilities, working with their teams through the application of intelligent automation whenever possible,” said Darren Anstee, NETSCOUT Arbor Chief Technology Officer.

Intelligent Automation

Not only are DDoS attacks getting larger, they’re also getting more frequent and complex. According to Arbor’s 13th Annual Worldwide Infrastructure Security Report, in 2017, Arbor’s ATLAS observed 7.5 million DDoS vs. 6.8 million in 2016. The report also showed a 30% increase in the proportion of enterprises experiencing application layer attacks, and a 20% increase in those experiencing multi-vector attacks. As DDoS attacks increase in frequency and complexity, organizations must rely upon intelligently automated DDoS attack detection and mitigation solutions for proper protection.

Intelligent Automation is the automatic application of specific protections against specific threats, customized for the business environment. New features include:

  • Automated protection against attacks targeting recursive and authoritative DNS servers; such as those executed by the Mirai IoT.
  • The ability to offload mitigations running in the Arbor TMS to the network infrastructure using automated BGP FlowSpec filters. This allows customers to preserve the finite amount of mitigation capacity in their Arbor TMS for more complex DDoS attacks that require more surgical mitigation.
  • The automated delivery of Arbor ATLAS Threat Intelligence Feed (AIF) mitigation templates, created from ASERT research. These templates can be used in the Arbor TMS to automatically stop new DDoS attack vectors.
  • Automated multi-layer protection via Arbor Cloud Signaling capability. Used in scenarios when a customer’s in-house mitigation expertise or Arbor TMS capacity is not enough to stop large or more complex attacks; using the Cloud Signaling feature, customers can automatically divert attack traffic to one of Arbor’s worldwide Arbor Cloud scrubbing facilities for protection.

Surgical Attack Mitigation

Arbor TMS supports a mitigation architecture called diversion/reinjection. Arbor TMS removes only the malicious traffic and forwards the legitimate traffic to its intended destination. This is highly advantageous for service providers, large enterprises, and large hosting/cloud providers because it enables a single, centrally located Arbor TMS to protect multiple links and multiple data centers. The result is more efficient use of mitigation capacity and fully non-intrusive security.

A Platform for Managed DDoS Services

The Arbor TMS solution enables internet service, cloud, and hosting providers to deliver managed DDoS protection services to their customers. Customized portal access, APIs and delegated management give Managed Service Providers (MSPs) the flexibility and control to tailor services to fit their customers’ needs. NETSCOUT Arbor TMS mitigation technology is the solution of choice for the majority of leading DDoS managed services.

Arbor TMS comes in a variety of mitigation platforms and capacities including: 2U appliances (500 Mbps–400 Gbps of mitigation), Cisco ASR 9000 Router embedded (10–60 Gbps of mitigation) and virtual / bare metal options (1–40 Gbps mitigation).

NETSCOUT Arbor’s entire SP/TMS portfolio can be 100% virtualized; enabling managed security service providers to deliver more cost effective, scalable, and agile DDoS attack protection services to their customers.


NETSCOUT SYSTEMS, INC. (NASDAQ: NTCT) assures digital business services against disruptions in availability, performance, and security. Our market and technology leadership stems from combining our patented smart data technology with smart analytics. We provide real-time, pervasive visibility, and insights customers need to accelerate, and secure their digital transformation. Our approach transforms the way organizations plan, deliver, integrate, test, and deploy services and applications. Our nGenius service assurance solutions provide real-time, contextual analysis of service, network, and application performance. Arbor security solutions protect against DDoS attacks that threaten availability, and advanced threats that infiltrate networks to steal critical business assets. To learn more about improving service, network, and application performance in physical or virtual data centers, or in the cloud, and how NETSCOUT’s performance and security solutions, powered by service intelligence can help you move forward with confidence, or follow @NETSCOUT and @ArborNetworks on Twitter, Facebook, or LinkedIn.

Safe Harbor

Forward-looking statements in this release are made pursuant to the safe harbor provisions of Section 21E of the Securities Exchange Act of 1934 and other federal securities laws. Investors are cautioned that statements in this press release, which are not strictly historical statements, including without limitation, the statements related to the benefits and features of Arbor’s portfolio of solutions, constitute forward-looking statements which involve risks and uncertainties. Actual results could differ materially from the forward-looking statements due to known and unknown risk, uncertainties, assumptions, and other factors. For a more detailed description of the risk factors associated with NETSCOUT, please refer to NETSCOUT’s Annual Report on Form 10-K for the fiscal year ended March 31, 2017 and NETSCOUT’s subsequent Quarterly Reports on Form 10-Q, which are on file with the Securities and Exchange Commission. NETSCOUT assumes no obligation to update any forward-looking information contained in this press release or with respect to the announcements described herein.

©2018 NETSCOUT SYSTEMS, INC. All rights reserved. NETSCOUT, the NETSCOUT logo, Guardians of the Connected World, Adaptive Service Intelligence, NETSCOUT Arbor, the NETSCOUT Arbor logo, ATLAS, InfiniStream, InfiniStreamNG, nGenius, and nGeniusONE are registered trademarks or trademarks of NETSCOUT SYSTEMS, INC., and/or its subsidiaries and/or affiliates in the USA and/or other countries. Third-party trademarks mentioned are the property of their respective owners.


Kevin Whalen, 781-362-4377
Senior Director, Corporate Marketing & Communications

View all news