Kentik - Network Flow Analytics
More Product Updates

April 2019

With the advent of Spring 2019, our product team continued to work relentlessly to deliver new Kentik capabilities to solve our customers’ hardest problems. Here is the list of new features that landed in April: Azure NSGv2 Flow Logs Integration, VRF Support Phase 3, High Volume Flow Sources, Custom Applications and Application Dimension, New DSCP Dimension, Email Notification Enhancements, and My Kentik Templates. Let’s take a closer look at what’s new…

Azure NSGv2 Flow Logs Integration

Kentik is on the fast track to expand cloud visibility for both on-prem infrastructure and public clouds. After completing integrations with Google Cloud Platform and Amazon Web Services VPC Flow Logs last year, Kentik now also turns Azure NSG Flow Logs into powerful real-time traffic insights. For more detail, read our new Solution Brief about Azure NSG Flow Logs for Kentik.

Azure NSG Flow Logs allow you to get information about ingress and egress IP traffic through a Network Security Group (NSG) on a per-rule basis. The onboarding workflow is straightforward—to export Azure NSG Flow Logs to the Kentik platform, just follow these seven steps:

  1. Gather Azure Information: This might include Azure Role, Azure Subscription ID, Resource Group and Location from your Azure instance. The main goal is to make sure that you have the essential information handy and have the right permissions granted for the exporting.
  2. Add Azure Cloud in Kentik and Complete the Settings for Azure Flow Log Export:

    • Authorize Access to Azure: Enter the Subscription ID of the Azure instance from which Kentik’s NSG Flow Exporter application will export flow logs and authorize access for the app.
    • Specify Azure Resources: Enter the Resource Group Name and Location, as well as the Storage Account where flow logs will be generated.
    • Configure Flow Log Export to export flow logs to a Storage Account from the specified Resource Group and Location. (Kentik auto-generates a script for this.)
    • Validate the Configuration.
    Azure Flow Log Export
  3. Use Azure Dimensions in Kentik and get insights into your cloud resources.

For detailed configuration information, please see the Kentik for Azure topic in the Kentik Knowledge Base.

With the integration of all three major public clouds (GCP, AWS, Azure), you can now have a single-pane view of traffic that flows in/out of each cloud platform. The following example shows an egress traffic overview for all the clouds in one graph so you can see your business footprint for each cloud and compare.

Cloud Egress Traffic by Average Bits per Second Kentik

VRF Support Phase 3: VRF and BGP Correlation

In the last couple of months, we announced VRF Support Phase 1 and Phase 2.

  • Phase 1 enabled VRF awareness for Cisco L3VPN, Cisco VRF-lite, and Juniper L3VPN. There are eight new dimensions associated with phase 1 VRF support: source and destination VRF Name, VRF Route Distinguisher, VRF Route Target, and VRF Extended Route Distinguisher.
  • Phase 2: Enabled VRF dimensions in alerting policies, and an API for managing VRF attributes.

Now in Phase 3, we’ve added a new capability that really sets Kentik apart: per-VRF correlation of traffic with BGP routing data. This gives customers complete visibility into end-to-end traffic flows across L3VPN topologies, including BGP paths and Ultimate Exit attributes.

A quick recap on Kentik’s patented Ultimate Exit technology: Ultimate Exit enables end-to-end network visibility by tagging traffic at the point of ingress with egress attributes like Site, Device, Interface and more. This enables engineering, architecture and product teams to cut costs (e.g., peering) and to more accurately estimate the cost of carrying any set of traffic for any given customer. For more information about Ultimate Exit, please refer to this blog post, or the Using Ultimate Exit topic in Kentik Knowledge Base.

Examples of VRF Support

The following examples show how traffic in the VRF named “acme” enters and exits the network. VRF dimensions can be combined with any other dimension to uncover additional detail.

Kentif VRF Support Example 1 Kentif VRF Support Example 2

For more VRF visibility support information, please see VRF Dimensions in the Knowledge Base, or contact our Customer Success team.

High Volume Flow Sources

We have implemented a significant improvement in our data ingest layer that dramatically increases the flow volume that Kentik can accept from each source. This is a milestone achievement that provides the ability for Kentik to receive and store every single flow record without sampling.

Our capability to consume high volumes of unsampled flow is critical for many security and forensic use cases, application dependency and visibility use cases, and corporate network end-to-end use cases.

For more information on high volume flow source options and pricing, contact our Customer Success Team.

New Custom Applications and Application Dimension

Labeling network traffic with application names provides a way to contextualize network insights with application and security and security metadata which is a huge value for Ops teams. Kentik now supports Custom Application labels as well as an “Application” Dimension to standardize support for application names and labeling.

Custom Applications

Custom Applications provide the ability for customers to define their own custom application names based on combinations of Protocol, Port, IP Address, and ASN. The “Custom Applications” configuration options are found in the Admin >> Enrich Your Data menu.

The example below shows how you can define Google Hangouts as an application using Protocol/Port Number/ASN matching criteria.

Kentik Custom Applications Support

The “Application” Dimension

We’ve also added an “Application” dimension in the “Application Context & Security” Group:

Kentik Application Dimension

In the example below, you can see application names associated with various traffic sources. Built-in application names include:

  • Well-known service names
  • OTT applications
  • Cisco NBAR and other vendor-specific applications (e.g., Palo Alto FW APP ID, Silver Peak, Gigamon, and more coming soon)
  • Custom Applications you’ve defined (as described above)
Kentik Custom Applications Support

For more on Custom Applications and the Application Dimension, refer to the Custom Application topic in our Knowledge Base.

New DSCP Dimension

Differentiated services or DiffServ is a simple and scalable mechanism for classifying and managing network traffic and providing quality of service (QoS) on IP networks. DiffServ can be used to ensure performance for applications that require low-latency such as voice or streaming media, while providing simple best-effort service to non-critical services such as web traffic or file transfers.

Kentik now supports two dimensions for QoS attributes, “ToS” and “DSCP”.

DSCP Dimension Kentik

For complete IP and BGP Routing Dimension support information, please see the IP and BGP Routing Dimension reference topic in the Knowledge Base.

Email Alert Enhancements: Embedded Dashboard and Data Explorer Links

When an alert is raised, it can be sent via notification channels including Email, Slack, PagerDuty and more. We now embed the “Dashboard” and “Data Explorer” links that are associated with that alarm in the Alerting Email Notification as shown below.

This allows the user to quickly jump to the appropriate view and reduce problem resolution times, rather than manually pulling up the needed reports. Dashboard and view links will soon be integrated into other alerting channels as well.

Email Alert Enhancements, Embedded Dashboard and Data Explorer Links

My Kentik™ Tenant Templates

The My Kentik Portal is a built-in feature of the Kentik platform that enables curated, self-service network traffic visibility for downstream customers (learn more in the My Kentik Solution Brief).

To enhance the experience of creating tenants in a scalable way, Kentik now allows you to group views and alert policies into a template which can be assigned to tenants. For example, you could build a set of tenant settings that are then applied to multiple, similar tenants while still being able to add individual settings that are specific to each tenant.

From the Admin > Customize menu, choose My Kentik Portal. Here you will find the Templates UI on the right. It lists all existing Templates with an Add Template option to create a new one.

Template Support in My Kentik Portal

Once you’ve added a template, you can then apply it as new Tenants are created:

Applying Templates to New My Kentik Tenants

For more information, see the Tenant Templates topic in the Knowledge Base, or contact our Customer Success Team.

We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.