Kentik - Network Flow Analytics

Run Every Network

See every network, all the time, in real time. Network visibility for the networks you own and the ones you don’t. Kentik delivers insight into all of your networks, whatever the type, across cloud and traditional networks, and across internal and external networks.

Internet and Edge

In an interconnected world, the internet is the key glue that binds your company, users, applications, and partners. Whether you are providing or consuming internet access or transit, you need direct visibility into exactly how much and what types of traffic are traversing the network edge, and who is driving the activity. This understanding is essential for troubleshooting problems, optimizing capacity and performance, and protecting assets and services from misuse and attack.


  • Get deep, rich visibility into edge network traffic activity, by source and destination address, geo, service type, ASN, and more.
  • Recognize internet route issues and their impact on performance and customer quality of experience.
  • Understand drivers of access and transit costs.
  • Accurately identify attacks and malicious activity, and automatically invoke mitigating responses.

Data Center

Gain deep, direct insights into east-west traffic and changes to applications or infrastructure. Leverage real-time, granular visibility to quickly investigate issues, drill down to root causes, and inform your response. Integrate with data center and microservices integration to gain visibility into the traffic dynamics of your traditional and cloud-native network deployments.


  • Proactively detect congestion, hot-spots, outages, and other traffic anomalies
  • Quickly uncover root cause by drilling down on top contributors and understanding how they map to physical or logical infrastructure
  • Optimize VM, container, and service placements to minimize network load

Hybrid Cloud

Gain an immediate and single, unified view to understand topology state, traffic flows, network performance, and device health status within and between multi-cloud, on-prem, and internet infrastructures.


  • Quickly find and resolve problems by viewing network performance and utilization data from the data center to clouds, other sites/data centers and internet sites
  • React quickly to network conditions and discover which devices are experiencing CPU, memory, interface or traffic anomalies
  • Easily plan and troubleshoot traffic patterns in data center traffic


Gain deep insight into actual WAN / SD-WAN traffic delivery to optimize end-to-end performance, defend against DDoS attacks, and drive network automation.


  • Improve user experience
  • Ensure success of new SD-WAN implementations

“Kentik has given us a breakthrough level of visibility that puts us in far better control of the
complex network and internet traffic delivery factors that impact our service delivery.”

Scott Martin, VP Technical Operations, AppNexus

Firewalls and Other Network Infrastructure

Kentik’s Universal Data Records (UDR) architecture is the key to bringing together a broad and ever-growing range of data sources and data types that aren’t present in traditional network flow data. From firewalls, to containers and other network components, wherever they might reside.

Kentik UDRs give visibility into container technologies such as Kubernetes and Istio as well as firewalls including Palo Alto Networks, Cisco ASA and others. Firewalls, in particular, can carry deep insights into network traffic—based on their ability to perform deep packet inspection and authentication, and add attributes (such as user names and application types) to flow data—adding both security and application context to network activity.


  • Forensic investigation of current and past threat activity.
  • Real-time verification that firewall policies are not over- or under-blocking applications.
  • Cross-correlation between source countries and firewall events with a map view.
  • Visibility into pod-to-pod and service-to-service traffic flows.
  • Visualize container orchestration and service meshes.

Amazon Web Services

Kentik combines AWS VPC Flow Logs with AWS tags, and Amazon EKS Kubernetes service mappings, to provide visibility into your AWS infrastructure.

See traffic to, from, and in between your VPCs, corporate networks, and the internet. Get notified of performance, cost, and security issues, and drill in via UI or API to debug and resolve.

Kentik also integrates with virtual cloud routers, firewalls, load balancers, and host agents to provide real-time flow data and can be easily used in addition to or instead of Flow Log-based visibility.

Find Kentik in the AWS Marketplace


  • Understand network performance of applications and workloads hosted in AWS
  • Recognize network cost drivers and unexpected usage that will result in surplus networking charges
  • Detect attack, mis-configured, and malicious traffic in and between VPCs

Microsoft Azure

Kentik collects Microsoft Azure Network Security Group (NSG) Flow Logs to provide real-time visibility and traffic analytics into your Azure infrastructure.

NSG Flow Logs allow Azure users to view detailed information about IP traffic associated with an NSG, including byte and packet counts and session state on a per-flow basis, with “allowed” and “denied” traffic patterns, to equip the organization with solid awareness of security and network activity.

Kentik also integrates with virtual cloud routers, firewalls, load balancers, and host agents in Azure, providing a comprehensive real-time traffic view beyond flow log-based visibility.


  • Detailed understanding of NSG traffic in Azure
  • Detect attacks, misconfigurations, and abnormal traffic in and between NSGs
  • Recognize network cost drivers and unexpected usage that could impact Azure networking charges

Google Cloud Platform

Stop flying blind. Streamed to Kentik’s analytics-as-a-service platform in real-time every five seconds, Google VPC Flow Logs provide powerful insights into all network activity to, from, and between VMs within GCP projects without having to instrument VMs or services individually. Add in GKE Kubernetes service and pod data, or Istio as a data source, to see a full view of the dynamics of your container mesh.

Integrating data from GCP-deployed virtual cloud routers, firewalls, load balancers, and host agents can provide even greater visibility.


  • Understand which application dependencies drive traffic between zones, regions, and locations
  • Recognize network cost drivers in time to correct them, not after they become billable
  • Proactively monitor application latencies to get ahead of service quality problems

Container Networking Insight

Containers are changing the way applications are designed, deployed, and operated. Orchestration like Kubernetes abstracts away the underlying network and infrastructure types — yet application operation still depends on reliable infrastructure.

Kentik integrates with traffic sources from the lower level (Flow Logs and physical and logical flow sources from data centers), service mappings from Kubernetes and orchestrators, and service meshes like Istio, to provide a complete real-time map of traffic dynamics within and between your applications and services.


  • Understand service and pod dependencies within container orchestration environments
  • See and detect service-to-service latency events to optimize overall application performance within container clusters
  • Tie network traffic loads and costs to specific application components, rather than nodes
We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.