With the advent of Spring 2019, our product team continued to work relentlessly to deliver new Kentik capabilities to solve our customers’ hardest problems. Here is the list of new features that landed in April: Azure NSGv2 Flow Logs Integration, VRF Support Phase 3, High Volume Flow Sources, Custom Applications and Application Dimension, New DSCP Dimension, Email Notification Enhancements, and My Kentik Templates. Let’s take a closer look at what’s new…
Kentik is on the fast track to expand cloud visibility for both on-prem infrastructure and public clouds. After completing integrations with Google Cloud Platform and Amazon Web Services VPC Flow Logs last year, Kentik now also turns Azure NSG Flow Logs into powerful real-time traffic insights. For more detail, read our new Solution Brief about Azure NSG Flow Logs for Kentik.
Azure NSG Flow Logs allow you to get information about ingress and egress IP traffic through a Network Security Group (NSG) on a per-rule basis. The onboarding workflow is straightforward—to export Azure NSG Flow Logs to the Kentik platform, just follow these seven steps:
For detailed configuration information, please see the Kentik for Azure topic in the Kentik Knowledge Base.
With the integration of all three major public clouds (GCP, AWS, Azure), you can now have a single-pane view of traffic that flows in/out of each cloud platform. The following example shows an egress traffic overview for all the clouds in one graph so you can see your business footprint for each cloud and compare.
In the last couple of months, we announced VRF Support Phase 1 and Phase 2.
Now in Phase 3, we’ve added a new capability that really sets Kentik apart: per-VRF correlation of traffic with BGP routing data. This gives customers complete visibility into end-to-end traffic flows across L3VPN topologies, including BGP paths and Ultimate Exit attributes.
A quick recap on Kentik’s patented Ultimate Exit technology: Ultimate Exit enables end-to-end network visibility by tagging traffic at the point of ingress with egress attributes like Site, Device, Interface and more. This enables engineering, architecture and product teams to cut costs (e.g., peering) and to more accurately estimate the cost of carrying any set of traffic for any given customer. For more information about Ultimate Exit, please refer to this blog post, or the Using Ultimate Exit topic in Kentik Knowledge Base.
The following examples show how traffic in the VRF named “acme” enters and exits the network. VRF dimensions can be combined with any other dimension to uncover additional detail.
We have implemented a significant improvement in our data ingest layer that dramatically increases the flow volume that Kentik can accept from each source. This is a milestone achievement that provides the ability for Kentik to receive and store every single flow record without sampling.
Our capability to consume high volumes of unsampled flow is critical for many security and forensic use cases, application dependency and visibility use cases, and corporate network end-to-end use cases.
For more information on high volume flow source options and pricing, contact our Customer Success Team.
Labeling network traffic with application names provides a way to contextualize network insights with application and security and security metadata which is a huge value for Ops teams. Kentik now supports Custom Application labels as well as an “Application” Dimension to standardize support for application names and labeling.
Custom Applications provide the ability for customers to define their own custom application names based on combinations of Protocol, Port, IP Address, and ASN. The “Custom Applications” configuration options are found in the Admin >> Enrich Your Data menu.
The example below shows how you can define Google Hangouts as an application using Protocol/Port Number/ASN matching criteria.
We’ve also added an “Application” dimension in the “Application Context & Security” Group:
In the example below, you can see application names associated with various traffic sources. Built-in application names include:
For more on Custom Applications and the Application Dimension, refer to the Custom Application topic in our Knowledge Base.
Differentiated services or DiffServ is a simple and scalable mechanism for classifying and managing network traffic and providing quality of service (QoS) on IP networks. DiffServ can be used to ensure performance for applications that require low-latency such as voice or streaming media, while providing simple best-effort service to non-critical services such as web traffic or file transfers.
Kentik now supports two dimensions for QoS attributes, “ToS” and “DSCP”.
For complete IP and BGP Routing Dimension support information, please see the IP and BGP Routing Dimension reference topic in the Knowledge Base.
When an alert is raised, it can be sent via notification channels including Email, Slack, PagerDuty and more. We now embed the “Dashboard” and “Data Explorer” links that are associated with that alarm in the Alerting Email Notification as shown below.
This allows the user to quickly jump to the appropriate view and reduce problem resolution times, rather than manually pulling up the needed reports. Dashboard and view links will soon be integrated into other alerting channels as well.
The My Kentik Portal is a built-in feature of the Kentik platform that enables curated, self-service network traffic visibility for downstream customers (learn more in the My Kentik Solution Brief).
To enhance the experience of creating tenants in a scalable way, Kentik now allows you to group views and alert policies into a template which can be assigned to tenants. For example, you could build a set of tenant settings that are then applied to multiple, similar tenants while still being able to add individual settings that are specific to each tenant.
From the Admin > Customize menu, choose My Kentik Portal. Here you will find the Templates UI on the right. It lists all existing Templates with an Add Template option to create a new one.
Once you’ve added a template, you can then apply it as new Tenants are created: