PROS / Neustar has collaborated with Arbor, another DDoS mitigation provider, to provide hardware that you can use in conjunction with Neustar’s cloud-based protection.
CONS / The service does not offer content delivery network methods like caching static content, which improves the performance of a site for the end user.
VERDICT / By combining equipment with Arbor, this hybrid mitigation service offers both hardware and cloud-based protection against all types of DDoS attacks.
Neustar is a denial of service provider that uses a hybrid approach to block the three major categories of DDoS attacks: volumetric, application layer and protocol. While the company is a cloud-based DDoS protection service, it has partnered with Arbor, who is also a contender on our lineup, to provide onsite service and hardware to its clients. The company offers always-on protection, but you pay extra for this protection. Still, if your site and networks are at risk of a DDoS attack, this service is one worth considering.
With four data centers spread out globally, Neustar offers 1.15TB per second of scrubbing power and a fully redundant network for failover. In other words, should a data center become compromised in any way, other data centers can pick up traffic and continue to mitigate any attacks.
To protect against hackers, this DDoS service offers filtering, rate limiting and IP blocking. The service employs two techniques: first, it filters incoming traffic, preventing harmful attacks from ever reaching the network; and, second, it uses rate limiting to control the rate of traffic during a DDoS attack. With IP blocking, yet another line of defense, Neustar allows you to customize your own IP list, but it also uses Arbor’s geographical IP list to whitelist and blacklist IPs. However, this technique is used as a last resort so that valid IPs are not eliminated.
Neustar also supports deep packet inspection and takes active counter measures toward attackers. Aside from inspecting both the header and body of a packet to determine if the traffic is safe, the service uses behavioral identification to see if traffic acts malicious. If there are indications it is, it leads to a query challenge, such as a CAPTCHA, for example, that requires verification before allowing the traffic to pass. Most of the time, though, these challenges are invisible to the user.
While all of these methods are helpful, this DDoS service does not include content delivery network methods or caching to optimize web content to end users. Instead, the network uses web proxies for fast, reliable data analysis and routing. The service offers unlimited mitigation, but it comes with a fee. Clients can choose unlimited mitigation when they purchase the service and pay more, or they can wait until they need more mitigation and then pay the fees. If you have a high-profile or high-risk business, you may want to consider unlimited mitigation.
Neustar does not have a centralized management dashboard. You can log in and see a portal, but you can only view limited activity. There are no viewable reports, with the exception, however, of general reports the company releases on internet security trends. The company offers constant monitoring with service-level agreements in place to guarantee quick response times promising mitigation beginning between five and 15 minutes, as well as a 99.99 percent platform availability guarantee.
Neustar Site Protect Hybrid offers hardware and cloud-based protection against DDoS attacks. The company’s combined approach helps Neustar identify any potential malicious threats and escalate defense measures as needed during an attack. While the service charges more for unlimited DDoS protection, it monitors, detects and responds to all potential threats against you and your network.