Big Data SaaS solution increases DDoS detection accuracy by over 30%; automates hybrid attack mitigation needed to deal with increasingly sophisticated and damaging attacks
SAN FRANCISCO – Oct. 25, 2016 **– **Kentik today announced a major advance in DDoS protection accuracy based on enhancements to Kentik Detect, the industry’s only big data-based SaaS network analytics solution, chosen by digital leaders like Yelp, Box, Neustar, Pandora and Dailymotion.
Transcending the static configurations and low-scale limitations of legacy detection devices, Kentik’s cloud-scale DDoS detection solution monitors and baselines using billions of network-wide traffic data records. Kentik Detect adds multi-dimensional anomaly detection for millions of individual IP addresses, auto-adaptive baselining, and orchestration of multiple attack mitigation methods. These new methods build on Kentik’s open APIs, and include Remote Triggered Black Hole (RTBH), and integrated support for Radware DefensePro and A10 Thunder Threat Protection Systems (TPS) mitigation platforms.
“Kentik is a game-changer for network operations. Since deploying Kentik’s big data-based detection and automated triggering of our Radware mitigation platform in May of this year, we have seen an over 30 percent improvement in catching and stopping DDoS attacks,” said Brian Mengel, CTO of PenTeleData. “Kentik helps us deliver better service to our customers, and has freed our engineers from constant firefighting so they can focus on projects that will move us forward.”
Transcending Legacy DDoS Detection Limitations
As DDoS attacks are increasing in frequency and size – now to Terabit scale, as evidenced by the recent far-reaching Mirai botnet attack on Dyn that affected Twitter and other sites – companies need accurate, instant detection and the ability to coordinate sophisticated response.
Legacy DDoS detection platforms suffer from low-scale compute and storage power, which forces engineers to make painful trade-offs regarding which set of IP addresses to baseline and monitor for traffic anomalies. Alternatively, they must lump large sets of IP addresses together for baselining, which reduces accuracy and leads to many false negatives–cases where attacks aren’t detected. Inaccuracies can also lead to false positives–where attacks are attributed incorrectly.
Since baselining must be statically configured, normal changes to network infrastructure such as the addition of new servers are often missed until an attack has already happened. Without scalable storage, legacy solutions must discard all traffic details and they can’t provide the deep analytics that engineers need to adjust and improve protection policies over time.
Kentik Detect’s big data scale and speed means that it can track traffic for millions of individual IPs. Auto-adaptive baselining tracks the organic changes to the set of top traffic receiving IP addresses and performs real-time intelligent baselining on any IPs that are in the current set. By removing the compute scale barriers to granular IP monitoring and by reducing the need for static configuration, Kentik Detect delivers far greater accuracy in detecting and orchestrating the mitigation of DDoS attacks.
Easy to Use SaaS Network Monitoring Goes Beyond DDoS
Kentik’s holistic anomaly detection capabilities go beyond just DDoS use cases. Users can create anomaly detection policies to baseline and detect anomalous network operations, performance, or security conditions, using multiple concurrent network traffic, routing, geolocation, performance and infrastructure data fields.
Kentik Detect also retains months of raw traffic, routing, and geolocation data, and offers unbounded, ad-hoc analytics so engineers can maintain an agile stance in the face of constantly changing network conditions and attack vectors.
Offered as an easy to use SaaS, Kentik Detect can be turned up and used in production in minutes. On-premises deployments are also available. Kentik’s enhanced DDoS and anomaly detection solution is available immediately.
Kentik provides Kentik Detect, a cloud-based network visibility and analytics solution that delivers unprecedented depth of insight into any network. Kentik processes tens of billions of data records per day, equipping service providers and enterprises network operations teams with actionable insights that enable them to make quick, cost-effective decisions. The company was founded by network and Big Data technologists and executives from companies like Akamai, CloudFlare, YouTube, and Netflix, with decades of experience in operations, architecture and distributed systems. Kentik is headquartered in San Francisco, California. Visit www.kentik.com or follow @KentikInc on Twitter.