Kentik - Network Flow Analytics

K/Ingest and K/Enrich

Kentik lets you ingest all types of network traffic: Not just network flow data (NetFlow, etc.), but also metrics and even log data—at scale—via our K/Ingest and our SaaS/on-prem platform. Using K/Enrich, that data can be further enriched with infrastructure and business context, during ingestion or at query time, to meet many advanced network analytics use cases. Every day, Kentik takes in hundreds of billions of new network flow records and enrichment data points. By collecting network data from routers, switches, packet brokers, probes, servers, load balancers and components, we extend your visibility across the entire infrastructure that carries your network traffic. Every record is enhanced with a diverse set of related data including BGP, SNMP, GeoIP, and threat feeds. The result is a rich, unified dataset that enables timely, informed decisions.

Flexible and Extensible

Traditional monitoring tools are static, often boxing you into a fixed list of capabilities. But Kentik is designed to adapt to your needs as they evolve. We’re constantly adding support for new data types, and we make it easy to apply your own tags, labels, groups, and custom data fields. With its built-in flexibility, you can tailor Kentik to your business and network context while keeping insights relevant in a world of constant change.

Network Flow in Every Flavor

Kentik supports every major type of flow data—NetFlow (v5, v9), sFlow, IPFIX, RFlow, J-Flow, cflowd, etc.—from every major brand of router or switch. We also support VPC Flow Logs and NSG Flow Logs from public cloud providers, as well as traffic data from other devices like firewalls, load balancers, and network packet brokers.

BGP and GeoIP

Peered with edge or internal routers, Kentik gets live eBGP/iBGP routing updates that include source, destination, path, and AS (next hop, 2nd hop, 3rd hop). Each flow record is matched against the BGP RIB and enhanced with both BGP (community, route, next hop IP/CIDR, etc.) and GeoIP (city, region, and country). These fully indexed BGP and GeoIP fields provide deep insight on traffic paths, sources and destinations that can drive network optimization.

Network Performance Metrics

Kentik’s kprobe software agent runs on hosts or sensors to produce enhanced flow records containing application-layer details and performance metrics, derived directly from live traffic. With measurements like latency, jitter, and TCP retransmits, kprobe makes Kentik a powerful, application-aware network performance monitoring solution. And unlike traditional probe appliances, kprobe is cloud- and container-friendly, ready to deploy wherever your applications live.

Threat Feeds

Without you knowing it, your network may be carrying traffic for botnets or compromised hosts, diverting your resources toward malicious activities that put your reputation at risk. Using continuously updated feeds from world leaders in threat intelligence, Kentik correlates threat information with every flow, enabling you to rapidly identify and respond to unauthorized or malicious use of your network.

Universal Data Records (UDRs)

Kentik’s Universal Data Records architecture is the key to bringing together a broad and ever-growing range of data sources and data types. UDRs make it possible to apply Kentik’s powerful ML and analytics across a rich, correlated schema for translation into actionable insights that include business, service, and application context.

We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.