September 2020

Over the summer of 2020, our product and engineering teams sustained a rapid pace of innovation, delivering on the pressing needs NetOps teams face to keep their hybrid networks running well and securely.

Headlining our new capabilities is the GA of Kentik Synthetic Monitoring. Only Kentik Synthetic Monitoring can deliver autonomous testing, fully integrated network traffic and synthetic analytics, and simple and affordable pricing. We also introduced Hybrid Map. With Hybrid Map from Kentik, NetOps teams gain an immediate and single, unified view of topology state, traffic flows, network performance, and device health status within and between multi-cloud, on-prem, and internet infrastructures.

Here is a complete list of new features delivered since June:

• Kentik Synthetic Monitoring
• Hybrid Map
• Device and Network Health
• Device Metrics
• A Joint Trial Offer for Cloudflare Magic Transit Users
• IBM Cloud VPC Flow Log support
• DDoS Improvements
• New IPFIX Fields for Silver Peak
• Interface Utilization Spike and Interface Utilization Drop Insights
• My Kentik Portal Custom Dimension Support
• Slack Notification Support for On-Prems
• A New v4 Settings Page
• Audit Log

Let’s take a closer look at some of the details.

Over the past two months, Kentik has been thrilled to roll out the industry’s first unified synthetic monitoring and network traffic analytics solution. As Kentik users will notice, we have just released Kentik Synthetic Monitoring, available directly from the top navigation menu. At launch, Kentik’s global synthetics network counts more than 200 public agents in all regions of all clouds and major internet cities.

Kentik synthetics allows you to:

• Easily monitor the performance of SaaS solutions (e.g. Salesforce, Office365), API gateways, public clouds (AWS, Google Cloud, Azure, IBM Cloud, Alibaba Cloud) and web properties
• Autonomously monitor the performance of CDNs, OTT services, ASNs, and geo/ISP digital experience towards subscribers
• Instantly setup Site Meshes to monitor intra- and inter-data center or PoP-to-PoP performance, and reduce time to resolution (MTTR) of detected problems with intelligent alerting and diagnosis
• Eliminate the typical intrinsic “noise” of synthetic test results, allowing problem-solving to be the primary focus
• Monitor everything that matters, frequently and autonomously, with simple and affordable pricing

In addition to these benefits, we have an exciting roadmap planned for synthetics — stay tuned! We invite all Kentik users (trial, new and existing) to take synthetics for a spin using your included free synthetic testing credits!

For new Kentik users, start your free Kentik trial, including synthetics credits.

Last month, Kentik introduced Hybrid Map, allowing teams to view the entirety of their network infrastructures, dive deep where needed, assess quickly, solve problems and gain insights immediately. You can now visualize and manage interactions within and between on-prem infrastructure, cloud infrastructure from Amazon AWS, Google Cloud, IBM Cloud and Microsoft Azure, as well as internet platforms and services — all in a single, unified view.

Kentik Hybrid Map allows you to simultaneously:

• Understand AWS, Azure, Google Cloud and IBM VPC flow logs and inter-service dependencies
• Observe site topology and architecture (spine/leaf and tiers), device metrics (CPU, memory, interface utilization), and north-south and east-west traffic
• Visualize SD-WAN overlay, and WAN underlay transport utilization and performance
• Quickly find and resolve problems by viewing network performance and utilization data from the data center to clouds, other sites/data centers and internet sites
• Visually interact with the network, dive deep, and quickly identify problems with instant insights
• React quickly to network conditions and discover which devices are experiencing CPU, memory, interface or traffic anomalies

Since the initial release of Hybrid Map, Kentik’s updated release now includes visual directionality. This latest release covers inter-block flows (i.e., flows between a VPC and the internet, or between an on-prem site and an internet AS, for example), and directionality between sites and devices in the arc and chord layouts.

Users can now go to the Hybrid Map to see their traffic in context with health across all devices. The backend service that collects, stores, and assesses the metrics also looks at a device’s CPU, memory, and interface utilization statistics to determine health. The device layout includes CPU and memory utilization views, and Healthy, Warning, or Critical status up to the site level.

Users can now drill into cloud infrastructure from the Hybrid Map. Users can quickly see traffic between regions, VPCs, and subnets and traffic from the cloud to on-prem infrastructure and origin networks for AWS, GCP, and Azure. We’ve also released an excellent backend service that makes these views blazing fast.

New features include:

• Cloud views that enable users to drill into their clouds and see traffic from the region, zone, and VPC down to the subnets inside
• Popover controls for all of the new views, including readability improvements
• Health indicators across the maps, consuming health data from the new health service
• Improvements to the algorithm that determines connections between the cloud/internet blocks and the on-prem block
• New popover views that allow users to view all traffic through sites, devices and interfaces

Kentik has introduced important new health features aimed at hybrid IT organizations. Site Health, Device Health and Interface Health provide an at-a-glance easy indicator of how your network, devices, and applications are performing. They are now a standard offering in the Network Management product.

For customers that monitor all their global hybrid IT infrastructure, it is vitally important to separate what is healthy from what is not healthy. Engineers simply do not have enough time in the day to look at all the metrics. Kentik’s new health capabilities classify a base layer of metrics into Healthy, Warning, or Critical status and display the status in our next-generation Network Maps and Network Explorer.

We are monitoring network devices and interface metrics via SNMP. Health values available include:

• Site Health - derived from the devices and interfaces in the site
• Device Health - derived from the device metrics and interface metrics on this device
  • Device Availability - whether metrics are available for this device
  • Device Metrics:
    • CPU Utilization
    • Memory Utilization
• Interface Health - derived from the interface metrics for this interface
  • Interface Availability - whether metrics are available for this interface
  • Interface Metrics
    • Input Interface Utilization
    • Output Interface Utilization

Kentik now supports vendor-specific MIBs via SNMP device metrics. We are discovering the vendor, then polling the right OIDs and applying the right algorithms to construct a normalized dataset. This capability will allow us to poll a growing list of vendor-specific metrics in the future.

Device metrics are available in the following areas: Site, Network Device, Interface Health via the Hybrid Map, Dashboards, Data Explorer, and Custom Insights (alerting).

For a limited time, access the Kentik Network Intelligence Platform with Cloudflare Magic Transit at no cost, for up to 4 months. Protect your networks with a joint solution powered by enterprise-class DDoS mitigation from Cloudflare and high-precision DDoS detection from Kentik.

For new Kentik users, start your free Cloudflare and Kentik trial.

We’ve launched a new agent-based approach for IBM flow logs that allows customers to directly export cloud flow logs to Kentik without also requiring changes to security authentication policies.

We have identified and improved several DDoS features as requested by our customers, with more to come. Here is a summary of the recent enhancements:

• We’ve added 1-minute interval polling for our threshold queries, ensuring that users can trust the data represented on the screen when configuring policies
• Users can now customize DDoS policies to include different dimensions or metrics to create a more tailored detection system or experience for their network
• The workflow to set up DDoS policies now includes user-friendly options for quicker configuration
• Users can now create ad-hoc policy metrics and dimensions
• We now support “Greek prefixes” (Gbits/s, Mbits/s, etc.) for policy configuration
• We now illustrate accurate max values over a time series data set, ensuring that we don’t steer users towards configuring artificially low thresholds
• The mouseover no longer blocks the useful data displayed in the threshold window
• Amplification policies are now simplified
• Disabled policies remain visible

Over the summer, Kentik announced a new partnership with Silver Peak, a market leader in SD-WAN solutions. The two companies offer advanced SD-WAN visibility to keep businesses and their networks operating optimally through the new partnership. For many enterprises, SD-WAN enables organizations to meet the network connectivity, performance and security demands of distributed and increasingly remote workforces. At the same time, enterprise network teams must overcome the visibility gaps across different parts of their distributed infrastructures, whether on-premises or in one or multiple clouds.

Since the announcement, Kentik has continued to expand support for Silver Peak, adding support for new IPFIX fields, including:

• Dimensions
  • Application Name
  • Business Intent Overlay
  • Application Category
  • From Zone and To Zone
  • Firewall Event
• Metrics
  • Network To Server Delay
  • Network To Client Delay
  • Client To Server Response Delay

• As suggested by several users, we’ve added the AWS Interface ID back into the platform for use in the Data Explorer, Dashboards and Alerting. This is useful for users that want to filter their views to zoom in traffic that flows through specific Elastic Network Interfaces (EINs), such as load balancers, ingest nodes or VPN/Internet gateways.
• We’ve added support for the AWS V4 VPC Flow Log format. This log format allows users to specify new fields and create customized export templates.

Interface Utilization Spike and Interface Utilization Drop Insights are Kentik Insights that automatically analyze interface utilization changes via the SNMP interface input bit rate. An Insight is fired when it detects a particular pattern of utilization.

Additionally, we have developed an algorithm that processes flow data associated with this interface and finds the best fitting root cause of the spike/drop. This Kentik Insight brings together SNMP interface metrics with Flow traffic. And our first Insight that does two layers of algorithms.

My Kentik Portal tenants are now able to partition flows across their tenants, leveraging custom dimensions. For example, this can be useful for tenants, provisioned on a layer two network, where their port’s MAC address uniquely identifies them.

Any number of Custom Dimensions are supported. Each Custom Dimension selection is OR’ed. This is supported via a User Filter. You can automatically replace filters in dashboards that match tenants’ custom dimension definitions to provide inbound and outbound dashboarding capabilities.

Slack notifications are now supported for on-prems.

Kentik Settings is now natively supported in Kentik’s v4 API with an all-new Cloud, Sites, Devices, Interface setting pages, and more.

This feature exposes the current audit log, with some minor enhancements, to administrators of Kentik. Audit Log helps avoid configuration errors or confusion between administrators as they make changes to the various configurations in Kentik. Audit Log also provides a layer of accountability to prevent unauthorized changes that may impact the customer’s security posture. The ability to zero-in on changes, find misconfigurations, and find root cause are typical benefits of Audit Log.