Kentik - Network Observability
Solution Brief

Network Traffic Intelligence and DDoS Protection with Kentik and Cloudflare Magic Transit

THE CHALLENGE: DDoS attacks are growing in size, frequency, and complexity, presenting a major threat to organizations unprepared to respond.

DDoS attacks continue to hit the front lines of network security. It’s an asymmetrical war against a growing IoT army, where $30 attacks can cost companies thousands, or be a smokescreen for something worse. False positives have historically made reliable automatic mitigation impossible in large networks, while missed attacks cause costly application and service disruption. And on-premise mitigation solutions cannot solve capacity limitations during a volumetric DDoS attack.

Kentik’s network traffic intelligence platform delivers the industry’s most accurate, fully automated DDoS detection, while also providing security and operations teams real-time and historical network traffic forensics across months of raw data. Cloudflare Magic Transit, on the other hand, provides best-in-class network infrastructure protection against DDoS attacks of all kinds and sizes. With data centers in 200 cities, traffic is not re-routed to centralized ‘scrubbing centers’ and threats are mitigated closest to the source of attack for faster mitigation and lower latency. With no hardware or software to install and maintain, the combined solution of Cloudflare Magic Transit and Kentik can be deployed quickly and requires no ongoing maintenance by operations staff.

Kentik and Cloudflare Magic Transit

The Kentik Platform inspects network traffic and detects DDoS attacks in real-time. Notification of the attack is sent to operations or security staff via one or more configured methods: email, JSON, Syslog, OpsGenie, PagerDuty, Slack, ServiceNow, or Syslog. Integrated with Cloudflare Magic Transit, Kentik signals Cloudflare to automatically shift traffic destined for the target IP into their cloud mitigation data centers. Cloudflare filters the malicious traffic and delivers only the legitimate traffic back to the end user. Mitigation actions can be fully automated, or the user can choose to require an acknowledgment from security or operations staff before the mitigation is activated.

By combining best-in-class monitoring technology with best-in-class cloud mitigation, Kentik and Cloudflare put you in control of your DDoS protection strategy. Download the brief to learn more.



  • Over 35 Tbps of DDoS mitigation capacity with Cloudflare Magic Transit
  • Accurate and flexible DDoS and anomaly detection
  • Powerful, ad-hoc forensic analytics on months to years of granular network traffic details
  • Easy integration via REST APIs


  • Increases operational agility with a completely cloud-native solution
  • Eliminates false positives and negatives
  • Provides a single platform for network traffic intelligence, attack detection, mitigation, and investigation
  • Protects against DDoS attacks with built-in performance benefits
  • Reduces Total Cost of Ownership (TCO)
We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.