skip to Main Content

Diverse Data Support

Every day Kentik Detect® takes in hundreds of billions of new network flow records. By collecting network data from routers, switches, packet brokers, probes, servers, and load balancers, we extend your visibility across the entire infrastructure that carries your traffic. Every record is enhanced with a diverse set of related data including BGP, SNMP, GeoIP, and threat feeds. The result is a rich, unified dataset that enables timely, informed decisions.

Flow in Every Flavor

Kentik Detect doesn’t box you into a single flow protocol or device supplier. Instead we support flow data — NetFlow (v5, v9), sFlow, IPFIX, VPC Flow Logs, RFlow, J-Flow, cflowd, etc. — from every major brand of router or switch. We also support traffic data from devices like firewalls, load balancers, and network packet brokers. To correlate flows to devices and interfaces, we also poll SNMP.

Learn about Kentik’s comprehensive support for flow protocols and devices.
Diverse NetFlow Support

BGP and GeoIP

Peered with edge or internal routers, Kentik Detect gets live eBGP/iBGP routing updates that include source, destination, path, and AS (next hop, 2nd hop, 3rd hop). Each flow record is matched against the BGP RIB and enhanced with both BGP (community, route, next hop IP/CIDR, etc.) and GeoIP (city, region, and country). These fully indexed BGP and GeoIP fields tell you where and how each flow is going.

Read how BGP peering analytics help you optimize transit and lower costs.

Network Performance Metrics

Kentik’s kprobe software agent runs on hosts or sensors to produce enhanced flow records containing application-layer details and performance metrics derived directly from live traffic. With measurements like latency and TCP retransmits, kprobe makes Kentik Detect a powerful NPM solution. And unlike traditional probe appliances, kprobe is cloud- and container-friendly, ready to deploy wherever your applications live.

Find out more about Kentik’s cloud-ready NPM.
Network Performance Metrics
Threat Feeds

Threat Feeds

Without you knowing it, your network may be carrying traffic for botnets or compromised hosts, diverting your resources toward malicious activity that puts your reputation at risk. Using continuously updated feeds from world leaders in threat intelligence, Kentik Detect correlates threat information with every flow, enabling you to rapidly identify and respond to unauthorized or malicious use of your network.

Read how Kentik uses threat feeds to identify botnet-compromised hosts.

Data Transit and Security

Kentik supports multiple deployment modes, so you’re the one who chooses how your data gets to Kentik Detect. Send it directly from network devices. Use our proxy agent to encrypt data for transit over SSL. Or deliver the data over a private cross-connect at an Equinix data center. If regulatory or security constraints rule out the cloud, we can also deploy on premises in your own data center.

Learn more about sending flow to Kentik Detect.
Data Transit And Security
Back To Top