The Stakes Have Changed:

How Arbor’s DDoS Solutions

Are Rising to the Challenge

​ Andrew Kramer Darren Anstee

​ VP, Investor Relations CTO
​ NETSCOUT SYSTEMS, INC. Arbor Networks
©2017 ARBOR® CONFIDENTIAL & PROPRIETARY 1
AGENDA

◦ NETSCOUT and Arbor

◦ DDoS Market Dynamics

◦ Arbor DDoS Solutions & Capabilities

◦ Q&A

©2017 ARBOR® October 2017 2

SAFE HARBOR

Forward Looking Statements: Forward Looking Statements: Forward-looking statements in this communication
are made pursuant to the safe harbor provisions of Section 21E of the Securities Exchange Act of 1934 and other
federal securities laws. Investors are cautioned that statements in this communication, which are not strictly
historical statements, including without limitation, the statements related to the Company’s outlook for Arbor
Networks, statements related to new and modified products and solutions, and the timing of introduction and the
capabilities and market acceptance of such products and solutions, statements regarding shifts in the market and in
customer actions, expectations and demand for products, including the Company’s ability to gain traction based on
these changes, constitute forward-looking statements which involve risks and uncertainties. Actual results could
differ materially from the forward-looking statements due to known and unknown risk, uncertainties, assumptions and
other factors. Such factors include slowdowns or downturns in economic conditions generally and in the market for
advanced network and cybersecurity solutions specifically; the Company’s relationships with strategic partners;
dependence upon broad-based acceptance of the Company’s solutions; the presence of competitors with greater
financial resources than we have and their strategic response to our products; our ability to retain key executives
and employees; and lower than expected demand for the Company’s products and services. For a more detailed
description of the risk factors associated with the Company, please refer to the Company’s Annual Report on Form
10-K for the fiscal year ended March 31, 2016 and subsequent Quarterly Reports on Form 10-Q, which are on file
with the Securities and Exchange Commission. NetScout assumes no obligation to update any forward-looking
information contained in this communication or with respect to the announcements described herein.

©2017 ARBOR® October 2017 3

NETSCOUT and Arbor Networks

◦ NETSCOUT acquired Arbor in July 2015 as part of the Danaher Communications

Business transaction
• Security is a natural adjacency for NETSCOUT
• Arbor has been an undisputed leader in DDoS since its inception
◦ Arbor has thrived as part of NETSCOUT
• Strong, consistent top-line growth and healthy profitability
• Robust investment to drive innovation
• Healthy talent retention
◦ Increasing collaboration between NETSCOUT and Arbor
• DDoS cross-selling
• Advanced Threat integration between Arbor Spectrum and NETSCOUT
InfiniStreamNG

©2017 ARBOR® October 2017 4

History of Arbor Networks
Acquires Arbor Acquires DHR Communications
(including Arbor)
SALES
TIER 1 & 2 TIER 1, 2 & 3 CLOUD PROVIDERS & EXECUTION
SERVICE PROVIDERS SERVICES & CLOUD LARGE ENTERPRISE ENTERPRISE
PROVIDERS
GROWTH

2001 - 2007 2007 - 2013 2014 2015 - 2017

PARTNERS

NETSCOUT

BEST
TRAFFIC & DDoS DDoS DDoS PROTECTION ADVANCED THREAT PEOPLE
VISIBILITY PROTECTION SOLUTIONS & DDoS SOLUTIONS

©2017 ARBOR® October 2017 5

Arbor’s Best-In-Class Customers
95% of the world's Tier 1
service providers who
are Arbor customers Do we have the
potential to add
some logos?

8 of 10 Largest Cloud
Services Providers are
Arbor customers

4 of the top 6 US banks,

3 of 5 largest social
media platforms are
Arbor customers

©2017 ARBOR® October 2017 6

 DDoS Market Dynamics:
The Stakes Have Changed

©2017 ARBOR® October 2017 7

THE CONNECTED
WORLD IS
BUSINESS
©2017 ARBOR® October 2017 8 8
The Stakes Have Changed

SIZE FREQUENCY COMPLEXITY

©2017 ARBOR® October 2017 9

Why? Weaponisation

Cost of Impact to
DDoS Victim
Service

©2017 ARBOR® & PROPRIETARY

©2017 ARBOR® CONFIDENTIAL October 2017
The Stakes Have Changed

11 ©2017 ARBOR® October 2017 11

IoT Botnet Attack Success Story: ISP in Brazil
International
IoT Botnet (Observed) Sporting Event
600G
Initial DDoS Activity
500G

400G

300G

200G

100G

Sept Oct Nov Dec 2016 Feb Mar Apr May June July Aug

©2017 ARBOR® October 2017 12

Arbor Networks DDoS Portfolio

DDoS Managed Services

Detection & Mitigation Products
Industry Leading Threat Intelligence

©2017 ARBOR® October 2017 13

Visibility is the Foundation of All

Smarter Data
1
Smarter Analytics
Comprehensive
Network Telemetry 2

Ubiquitous Visibility
& Security

Enabling Business Value & Agility Through Managed Risk

©2017 ARBOR® October 2017 14 14

Active Threat Level Analysis System

ASNs: 44,570
Unique IPv4 2.63B
Addresses:

“Dark” IPv4 1.76M

Addresses:
Daily Malware 200k
Samples:

Global Traffic One Third

Visibility
©2017 ARBOR® October 2017 16 16
Traffic Visibility Arbor SP

SERVICE PROVIDER

©2017 ARBOR® CONFIDENTIAL

©2017 ARBOR&®PROPRIETARY October 2017 17 17
17
Traffic Visibility Arbor SP

DDoS Mitigation Arbor TMS

SERVICE PROVIDER

©2017 ARBOR® October 2017 18 18

18
Traffic Visibility Arbor SP

DDoS Mitigation Arbor TMS

Cloud Services Arbor CLOUD

ENTERPRISE

SERVICE PROVIDER

©2017 ARBOR® October 2017 19 19

19
Traffic Visibility Arbor SP

DDoS Mitigation Arbor TMS

Cloud Services Arbor CLOUD

DDoS Protection Arbor APS

ENTERPRISE

SERVICE PROVIDER

©2017 ARBOR® October 2017 20 20

20
 Traffic Visibility Arbor SP

DDoS Mitigation Arbor TMS

Cloud Services Arbor CLOUD

DDoS Protection Arbor APS

Adv Threat Analysis Arbor Spectrum

with ISNG
ENTERPRISE

SERVICE PROVIDER

©2017 ARBOR® October 2017 21 21

21
Arbor’s Multi-Layer DDoS Approach
1 Arbor Cloud
Scrubbing
Center

3
Cloud
Signaling

2
Attacks
Arbor SP/TMS Arbor APS

The Internet ISPs On-Prem

4

©2017 ARBOR® October 2017 22

 Arbor Networks, Why We Win

Network DDoS Hardware Cloud Managed

Performance
Visibility Mitigation Capacity Scrubbing Services

Radware
NASDAQ: RDWR

A10 Networks
NASDAQ: ATEN

Akamai
NASDAQ:AKAM

©2017 ARBOR® October 2017 23

Q&A / Thank You
For more info, please contact:

Darren Anstee, CTO

Arbor Networks
danstee@arbor.net

24
©2017 ARBOR® October 2017
24
Q&A

◦ The DYN attack in the fall of 2016 was a high-profile, watershed event that resulted in outages at
major sites like Twitter, NetFlix and scores of other highly trafficked websites and it created a spike in
demand from both existing and prospective customers? What happened there and what did Arbor
learn from that attack?

◦ DDoS is a major security threat to customers of all sizes. What are Arbor’s development priorities
going for customers going forward?

◦ Earlier this spring, Arbor announced a major commitment to significantly expand its scrubbing
capacity for its DDoS cloud service, Arbor Cloud. How is that progressing?

◦ One of Arbor’s offerings for its service providers, SP Flex, converted from a subscription offering to a
more conventional, perpetual license. Can you tell us a little about that product and what happened
to cause that change? How was that transition received by customers and how far along is that
conversion?

©2017 ARBOR® October 2017 25