Kentik provides real-time visibility into network infrastructure, focusing on monitoring, data visualization, and flow analysis to manage traffic patterns efficiently.
| Product | Mindshare (%) |
|---|---|
| Kentik | 1.8% |
| Zabbix | 3.9% |
| SolarWinds NPM | 3.6% |
| Other | 90.7% |
| Type | Title | Date | |
|---|---|---|---|
| Category | Network Monitoring Software | Jun 24, 2026 | Download |
| Product | Reviews, tips, and advice from real users | Jun 24, 2026 | Download |
| Comparison | Kentik vs Zabbix | Jun 24, 2026 | Download |
| Comparison | Kentik vs SolarWinds NPM | Jun 24, 2026 | Download |
| Comparison | Kentik vs Auvik Network Management (ANM) | Jun 24, 2026 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Cloudflare | 4.3 | N/A | 96% | 79 interviewsAdd to research |
| Datadog | 4.3 | 2.3% | 97% | 211 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 3 |
| Midsize Enterprise | 1 |
| Large Enterprise | 8 |
| Company Size | Count |
|---|---|
| Small Business | 116 |
| Midsize Enterprise | 57 |
| Large Enterprise | 150 |
With robust analytics capabilities, Kentik offers insights into BGP peering status, aids in DDoS detection, and allows for detailed telemetry through its intuitive interface. The platform's SaaS nature simplifies operations by eliminating server maintenance concerns. Multi-vendor support and synthetic testing enhance network security and performance by simulating customer scenarios, while its API offers automation for querying and reporting tasks.
What are the key features of Kentik?Industries implement Kentik for network monitoring, traffic management, and flow data analysis across both on-prem and cloud setups. It proves valuable for detecting DDoS events, managing peering relationships, and optimizing costs, besides managing CDN configurations and performing synthetic tests in diverse environments.
Pandora, Yelp, Neustar, Box, University of Washington, Zoom, Tata, and Cogent.
| Author info | Rating | Review Summary |
|---|---|---|
| Sales Manager at IFX NEtworks | 4.5 | I found Kentik to be an easy, scalable solution, excelling in client experience and cybersecurity, particularly for Cisco users. It deploys quickly and meets expectations, though it has room for improvement. I rated it 9/10. |
| BDM at a comms service provider with 11-50 employees | 4.5 | I find Kentik excellent for multi-vendor network and data center monitoring, excelling in BGP visualization and telemetry. It's stable and easy to deploy, but needs improved AI integration for troubleshooting, an area where competitors like Selector AI currently lead. |
| Network Engineer III at Fortanix | 4.5 | I use Kentik for synthetic tests and network monitoring, valuing its customer scenario simulation. Agent setup needs help, and support lags during outages, but it's a stable, improving, and recommended solution. |
| Consultant at Finther Tecnologica | 4.5 | I use Kentik for network monitoring and recommend it. It's stable, scalable, and affordable, helping with operational efficiency. While support across time zones can be complicated, its value is high compared to competitors. |
| Marketing Manager at a manufacturing company with 5,001-10,000 employees | 4.5 | I value Kentik for visualizing internet connectivity, offering great visibility and network monitoring. While it provides powerful application classification, I find its setup complex and pricing expensive, suggesting simplification and cost improvements. |
| Director, Backbone Engineering at a computer software company with 10,001+ employees | 5.0 | Kentik offers deep network visibility, proactively detecting anomalies, optimizing traffic, and improving DDoS response, saving us significant costs. While the new interface is clunky, its powerful analytics, real-time insights, and great customer service are invaluable. |
| Director - Site Reliability Engineering at a media company with 1,001-5,000 employees | 4.5 | I find Kentik excellent for network flow data, offering intuitive reporting and real-time visibility crucial for security and network uptime. Their customer service is phenomenal. My main suggestion is improved integration with application performance tracing to fully leverage its capabilities. |
| Area Controller at a computer software company with 5,001-10,000 employees | 4.5 | I use Kentik for traffic management and network performance, appreciating its ease of use, powerful drill-down, and API. Its cloud-based nature and ability to significantly reduce our mean time to remediation are major benefits. I’m extremely happy with the product and its continuous improvements. |
| Director, Interconnection Strategy at GTT | 4.5 | We gained unprecedented real-time network visibility with Kentik, enabling better traffic engineering, cost savings, and faster DDoS remediation. It surpassed previous solutions, is stable, scalable, and highly recommended for its comprehensive features. |
| Sr. Network Manager at Netskope | 5.0 | Kentik gives me crucial traffic visibility for informed decisions and faster troubleshooting of issues like DDoS attacks. My only wish is for it to include actionable mitigation, but its monitoring capabilities are excellent, and I highly recommend it. |
The solution is valuable for client experience, especially in the financial sector. The most important feature is cybersecurity. The pricing is good, but the functionality is the most important aspect for clients. The solution is easy to deploy and requires only one person to set up, making it easy and quick. Overall, the ease of use and the fact that it meets client expectations are major positives.
The product could strive for more improvements to become closer to perfect.
I have used the solution for one month in a demo environment.
The solution is scalable.
The solution is more Cisco-oriented, which seems to better fit clients with a Cisco environment.
The initial setup is straightforward and easy. It takes approximately two days to deploy.
One person can make the installation, and it is easy and quick.
The pricing is good and aligns with the market target.
I would recommend Kentik to others as it is a good and easy solution for clients.
Overall, I would give the solution a rating of nine out of ten.
Positive
We are using Kentik mostly for synthetic tests, and from one last year, network monitoring as well.
We are using it for inter DC BGP tests and server monitoring as well.
The best part of Kentik is the synthetic test, which we use extensively in our environment since I'm working in a company that uses customer use cases.
It simulates the same scenario that customers use with our products.
It simulates the same things, and we see that the customer traffic pattern, the number of props, is coming from the disruptions on the link, the latency issues, the HTTP errors, and the number of props coming from each hub, which I can visualize to see where the latency is.
There's always room for improvements and better relations when using any kind of product.
We faced some issues with Kentik UI and alerting, which we asked them to fix, and they succeeded.
They have come up with a new product called NMS, which had many things needing improvement in the beginning, but they improved it in later versions.
They keep improving their product, but currently, I don't find anything causing issues in our environment.
I have experience using Kentik for almost two plus, or three plus years.
The graphical user interface setup of Kentik is easy.
However, if you are setting up the Kentik agents in your environment, you will need the Kentik team's help for setting up the Kentik agents because it requires a number of commands to set up, which people may not know.
Stability-wise, Kentik is good.
We rarely have something that breaks it down, but they have some maintenance windows where they make the product down for reasons such as EMR or EU maintenance.
That happens with every company, but stability-wise, it is good.
I don't find any issues; it was only once that I felt it had some impact, but that got resolved very soon.
Based on stability, I would give Kentik a nine.
The scalability of Kentik depends on the credits and the packs you have with the Kentik team.
You can scale as much as you can with devices and tests, but you should have a good number of credits in your account, so that is dependent.
The Kentik support team is good.
If you want me to rate them on a scale, I would give them eight.
I had a call with the Kentik support team for fifteen minutes, so I'm going to give them eight for now.
The reason for giving them an eight is that they are good and address our issues.
They have monthly calls and discuss the product roadmap with us, including what is needed and what is not.
However, when we are working on some real issues with Kentik, I sometimes feel there's a delay due to the busyness of their teams.
We faced some outages and were not able to get the desired results from Kentik tools, so that took a little time to resolve.
Positive
To some extent, Kentik is easy to use.
It is easy to setup.
It is easy to make it better or integrate.
You can do it by yourself, so I don't find any need for help on setting it up.
I would say Kentik's pricing is not cheap.
From my perspective as part of the technical team, I would not categorize it as expensive, but I know it is not cheap.
We are customers of Kentik.
Kentik is worth the money to have as a tool.
We have started using Kentik's AI capabilities.
We are not using it extensively, but they provided us a demo that was great.
We need to start using it more frequently, so currently, we know how to use it, but we are not heavy users yet.
I would recommend Kentik to other people.
If someone is looking for a synthetic tool that can also conduct other tests plus network monitoring using SNMP and older versions, and with them coming up with syslog, Kentik is a central tool for the whole monitoring of the infrastructure.
They can go for it, especially if they are looking for some synthetic tests and want to work with a great team.
Overall, I would give Kentik nine stars.
The solution is used for network monitoring. My clients monitor the performance of networks using Kentik.
To find the most valuable features of the solution, I need to drill down into the solution to see how the dashboard captures everything and then look at areas like network monitoring, the switches, and how the product digests the data and consumes them in terms of the metrics.
Sometimes, the tool has complications, so we must deal with the additional support from the tool's end. We have the L3 and L4 support, but we have to get expertise in a different time zone, which is a problem.
I have never experienced any stability issues or downtime when using the tool.
The tool is scalable. It can be used in small, medium, and large-scale businesses.
My company deals with enterprise-sized businesses using the tool.
The solution's technical support helps our company with our queries related to the tool. I rate the technical support a ten out of ten.
Positive
The solution is deployed on the cloud.
The time required to deploy the product is something that defects on how big an environment is, okay but I know that even for a small scale business, it may take a few hours.
Monitoring operational efficiency is easy. The tool also helps manage users' spending and perform analysis, specifically business impact analysis.
The tool is cheaply priced.
Compared to its competitors, Kentik offers tools at a much cheaper price, with a difference of around 20 to 30 percent.
If there is any integration, it will apply back to the source of information that was creating the delay, for example, a legacy system or because the network's configuration is not correct.
My company has not yet used any AI features of the product, but we do plan to use it in the future.
I recommend the tool to others.
I rate the tool a nine out of ten.
Kentik is used to visualize Internet connectivity, particularly for network connections. It's an "as-a-service" solution.
We have clients such as NTT and KDD, major telecom providers in Japan.
I believe the company is satisfied with the product, but there have been some changes and challenges.
Kentik primarily addresses the need for information from NetFlow data. It offers a simple yet powerful feature of classifying applications, going beyond basic statistics. There is more focus on track ID and basic static applications.
Before using this solution, there was a lack of good visibility. So, our clients had to use workarounds to gain insights. With Kentik, they have better planning and programmability in the network.
The flexibility for creating reports and gaining more visibility. Also, the ability to monitor network performance is the most valuable feature.
Customers usually need more information to effectively use this solution. So, simplifying it could be an area of improvement.
Moreover, I consider the pricing model as an area for improvement. The product is expensive. It could be more cost-effective.
I started studying Kentik as part of my job to prepare a proposal for the customer. So I was familiarizing myself with the product. It's been six years and the customer is still with the solution.
We mainly used Arbor. And also, we worked with local vendors in Japan and China as well. Basically, when we work with customers, we choose the product based on their requirements.
Arbor required big appliances at that time, whereas Kentik was more advanced and software-based.
The initial setup can be complex. The installation process is unique, based on a container-like environment. While we offer it as a service, some customers choose to deploy it on-premises. In those cases, we replicate the container environment at the customer's site, which requires a thorough installation process. This process may involve configuring the server and potentially programming it.
Customers need to have a big budget for this product. It can be quite expensive.
Overall, I would rate the solution a nine out of ten.
The primary need is to really understand where our traffic is going, not just the transit ASNs — we know that — but where else is it going? How much traffic are we sending to those other ASNs?
Of course, DDoS is also another use case for us. We have identified DDoS.
And we're also using alerting now to help us understand when service owners are perhaps utilizing more than they should.
We had an event with one of our service centers, internally, and we were able to get them to understand that they were causing adverse effects for our customers on our circuits because they were over-utilizing circuits when they should not have been doing so. Kentik allowed us to peel back the entire network aspect of what they were doing and it allowed us to get an agreement from them that they would police themselves regarding their traffic, so that we did not have to do so for them.
And it allowed us to continue to have shared resources rather than duplicating everything. We were able to continue to allow them to utilize our transit, or our shared network connections, rather than saying, "Okay, you can't use this anymore. You have to duplicate everything." As a result, we're saving, in this case, about $40,000 a year, because we're not duplicating the network. If you understand what's happening, you can say, "Okay, this is what you can do, this is what you can't do." You can't get to that point unless you understand what's happening first, and Kentik allowed us to do that.
The solution has proactively detected network performance degradation or anomalies. For instance, right now I'm tracking another service center that is trying to provide a backup solution going to one of the cloud providers. What's happening is that their traffic is not hashing, it's not load-balancing over multiple circuits. I can easily prove that because I can pull up the circuits and see all of the flows from this particular service owner going over one circuit. That's an anomaly Kentik detected and I can go back to the service center and tell them. And it alerts me when it's happening, when it's getting too high, when it's about to saturate the circuit. It then tells me, "Oh, by the way, they're doing it again." That is very helpful.
The drill-down into detailed views of network activity help to quickly pinpoint locations and causes, especially if you set it up properly so you have all your routers and your interfaces. It's super-easy. In this case, it sends me an alert. I pull up the dashboard and it's all right there. It tells me everything. For example, when I pull up the alert that I got this morning it gives me a traffic overview and tells me, before I've done anything in the source or destination ASNs, which service center it is, if I have a separate ASN for them. It shows where it's going and how much traffic is spiking. It gives me the total traffic hits per second and packets per second, as well as source country, destination country, subnet — everything. It's telling me exactly who, what ports, and everything that is causing the anomalous traffic. If you have it pre-set-up, it just takes you through to the dashboard with everything already there. That's super-helpful because I can go back to the service center and tell them that they're saturating the link and this is how they're saturating it. I have proof.
I have also used Kentik's months of historical data for forensic work, especially with my old job. I was at a service provider previously and we got DDoS'd all the time, constantly. It was much easier for me to go back in time and look at some of these DDoS events and look at the signatures so I could just figure out which buckets most of them fit into. I could say, "Okay, I had these many incidents, these are the different types of issues I saw, and maybe if we take these actions we might be able to stop this kind and that kind of DDoS." It was much easier for me to go back and look at it as a holistic view.
In addition, it has decreased our mean to time remediation for anomalous traffic moments. For instance — and I'm not in the operations team — it has certainly allowed the operations team to detect and figure out what's happening much more quickly than they previously were.
At my previous company, it probably went from about a 30-minute detection to about a ten-minute detection, and that included making sure we understood which IP address was being attacked. As a service provider you can see what the interface is, but the question is which IP address on the interface is being attacked. That's the thing that you get much faster and you're able to surgically black hole that IP address, as opposed to shutting down the entire port for the customer. That kind of thing is huge.
Kentik has also improved our total network uptime. We're able to check the customer-effecting incidents much faster than we previously were. And at my previous company I can say wholeheartedly that it improved uptime because when you can detect so that you're not shutting down ports, you can get to the router faster, and the router is not falling over anymore because it's being attacked.
In terms of improving on the number of attacks we have to defend, at the previous company I would say it did because I did all the analytical work, and we were able to determine a couple of different types of attack that we might be able to defend a little bit better. Here, it has reduced the number of internal incidents we've had. Service owners are not really thinking properly about how they're using the network and have service-effecting incidences that they didn't know about. If you point it out, they stop doing it, if you have data for that. Before, we weren't really able to point it out in a way that they understood. Now, it's much easier for us to detect it, clearly determine that it was them, and then say, "Could you stop this? Don't do that."
The analytics part is really important for me. I have seen some things pop up periodically that I did not expect, so it is important for me to dig into them. The ability for me to look at the traffic and see where it's going to is extremely important.
I really love the Data Explorer. I use it all the time to go in and craft exactly what I need to see. I'm able to then take that story and explain it to the executives. I've done that a couple of times and it is helpful.
And I'm really liking the alerting. It's super-helpful.
In terms of the solution’s real-time visibility across our network infrastructure, I have not been able to find any other monitoring or netflow visualization tool that gives me the kind of information I get from Kentik. If I need to take a deep-dive into something that I see, it's really easy for me to do that. Whereas with most other things, I have to use five or six other tools to get that kind of data, with Kentik, I have it all in one place. Data visualization is extremely important.
I've checked out the V4 version of the interface and it's still a little bit clunky for me to use. I still go back to the old interface. That's definitely one that they still need to work on. It doesn't seem like everything that you get in the V3, the older interface, is there. For instance, I was trying to add a user or do the administrative tasks in V4, and I couldn't figure out where I was supposed to do that. The interface just wasn't working for me so I went back to V3 to do that stuff.
Also, with the alerting page, that traffic overview page, sometimes I really want to share it with someone. Usually, you can get a quick URL on most of the other pages to share that particular view, but I can't do that on the traffic overview page that is given to me from an alert. That would be really helpful.
Generally speaking, I have found it to be fairly stable. Do they have periodic outages? Yes. But almost never is the whole thing down, it's just one aspect that is down. I haven't really had an issue with it.
At my previous company we probably had one of the largest installations ever. I would say Kentik is fairly scalable. That company is one of the biggest ISPs in the world. They had 200,000 netflow flows per second. So it's pretty scalable. The scale I'm dealing with now is so minimal in comparison. It's a different world.
I have used technical support a few times and they have been knowledgeable and easy to work with. I really like them. I haven't had any issues at all. I've dealt with a lot of vendors, so it's like a breath of fresh air for me.
If you've ever dealt with Cisco before, or a telecom vendor, you know what I mean. But I send an email to Kentik and within a few hours I've got something back asking me a couple of questions and helping me fix the problem. It's a vastly different experience because if you try to do that with Cisco, for instance, or one of the network equipment vendors, you're going to be in for a very long process. And if you talk call a telecom company, same deal. You're probably not going to get a human the first time. If you get an email, it's going to be automated. It's just going to take forever. But Kentik is very quick.
We have DDoS mitigation providers but they don't really provide the analytics. They detect and mitigate, but they don't really provide you any information on what's really happening.
At my previous company we had tried, several times, to build our own solution, and I can tell you that it was not terribly successful. We could only ever get analytics on one very small use case, as opposed to all of the use cases that Kentik has. I was intimately involved with each one of those attempts, so I can tell you it was not easy.
At my previous location the solution was on-prem and I helped with the entire process of getting it into the network. I helped them do the proof of concept, I helped do the executive briefing, I helped do the modeling of the entire implementation, and I also helped and worked on the implementation itself.
Because it was an on-prem setup I found it pretty straightforward. We had to do a whole bunch of work on the network to get it working properly because you have to change all of your configurations to make sure it's sending to the right locations, but otherwise, it went very smoothly. They told us we had one of the fastest implementations ever. From the time that we actually started the implementation, it was only about a month, and we actually got all the routers in there too. And that was with a huge, massive, on-prem installation. Probably one of their biggest ever.
For the servers, Kentik worked with our IT department, but for the network stuff, for anything that was on the routers, we deployed it ourselves.
At my current company, they have the cloud solution, and I was not a part of the installation. I'm not sure why they decided to go with cloud versus on-prem. I don't understand it. I know why my other company went on-prem but I don't know why they did cloud versus on-prem here.
I worked with Kentik directly and I had a very good experience with them. They were knowledgeable, helpful, and easy to work with. They used Slack and it was very easy for us to communicate with them, even across teams. They were working with our IT team and the backbone engineering team. It was very easy.
We are working in one country where transit is very expensive and Kentik has allowed us to identify those peers we're sending traffic to so that we can then get onto the exchanges in that country and significantly reduce the cost of our transit in that country.
If you're talking about Japan, it tends to have higher transit costs. We brought up our exchanges and then we targeted a lot of peers so that we're not spending, five bucks a meg or so to send traffic to those peers.
I don't have a final cost analysis yet, but I can tell you that the IX is much cheaper than the transit is. And our customers are getting much better latency. Our latency numbers have decreased by about ten percent because we're peering directly with the customer at an exchange. That's one place I can say the ROI is great.
We did the same thing with any of our transit providers as targets. If we can privately peer with someone somewhere, rather than have them go over transit, we target those peers and pull them off of the transit. Anytime we can do that, it's much cheaper.
I believe pricing is by device, the number of devices with BGP sessions, and then by the amount of flow you expect from that device, if I remember correctly. We did ours on a yearly basis. That was easier for us. I think they will happily do multi-year if you want.
Carefully analyze your routers and how much flow they're sending to a collector. I would also suggest if you can minimize the number of routers that have to send BGP, so you have a good enough view of the BGP, but you don't have to have every router sitting at BGP sessions, that might help. Those are suggestions for implementation.
The biggest lesson I have learned from using Kentik is "don't do it yourself." At my previous company they were being very stubborn and they didn't want to use an off-the-shelf product, so I went through three iterations of a netflow interface trying to get it correct, and I kept telling them, "Okay, but there's a product out there that does this. So please let's stop spending all this money." And they went so far as to spend a couple of million dollars on hardware to deploy it out to the network and everything, and we still ended up going to Kentik. That is one of the biggest things I learned, that sometimes you cannot do it all. You have to go to someone who's an expert in a particular kind of big data, and that's what they are.
We don't currently make the use of solution's ability to overlay multiple data sets such as orchestration, public cloud infrastructure, network path, or threat data onto existing data. But with the public cloud providers we are working with, we are looking at pulling in VPC logs so that we can see if we're getting the performance that's necessary out of our public cloud providers. That's the next step with this product for us.
We're not pulling in other data sources like logs or ThousandEyes data, for instance, at this point. We did talk to Kentik about trying to pull ThousandEyes data in and marrying it with their product. But not quite yet. I hope to add that into the product as well at some point. We do use BGP as another metric to figure out what's happening with the different paths.
We probably have about 30 users. Everything from our monitoring team is in there so they're working with me on pulling together an interface that uses the API to pull the data out of Kentik to put it on one of our internal interfaces. That way, some people won't have to log in to get some data. It's more of an executive view for them. But some of our executives actually have access to Kentik too. We have a couple of network backbone engineering executives who have access and who do look at it. Then we have a lot of our operations team, the network architecture and backbone engineering. They all have access. It's a wide range.
In terms of deployment and maintenance, there are two of us who put stuff in. I've created users. One thing we are going to do is automate getting the routers in there. We would generally suggest, and this is what I did previously, that you write scripts to do your updating of everything, plus you have the scripts that just does it automatically for you. That's super-helpful.
In this environment we don't have that many routers in it. It's about 40 to 50 routers at the moment. We mainly use it on their engines. We're starting to work with our security team to get it from data center to data center as well. That's really limited by our need for security rather than how we would use it entirely. At my previous company, when I left, we had 667 routers in it. It was used everywhere for everything. We absolutely have plans to increase usage of Kentik at my current company. I'm working with our security team to get approval to do that. I have to meet their security needs in order to expand the usage.
Honestly, it is one of those products that I would suggest to almost any network operator. I would go with a ten out of ten as my rating. I have not felt like this about any other company out there. It has just been so useful for me on so many different levels from operations, to ROI. It's just helpful.
We use it almost exclusively for flow data. We use that for a variety of things from network optimization to network capacity to security events, including DDoS protection, etc.
We're using the SaaS version.
The drill-down into detailed views of network activity helps us to quickly pinpoint locations and causes. Anecdotally, it has decreased our mean time to remediation. On a per-incident basis, it could save anywhere from five minutes to 60 minutes.
We also believe it has improved our total network uptime. We haven't done any direct before-and-after comparison, though.
Again, anecdotally, it has sped up our security team's ability to respond to attacks that did not surface as readily, prior to having the flow log data.
One of the valuable features is the intuitive nature of building out reports, and then triggering actions based on specific metrics from those reports. It has a really good UI and the ability to surface data through the reporting functions is pretty good. That's helped a lot in the security space. If you get a massive, 100 GB attack coming through, saturating links, you can surface that really quickly and then act to engage DDoS protection or other mitigations from the IPS.
The real-time visibility across our network infrastructure is really good. One of the things that we love it for is our global backbone visualization. Being able to see that utilization in real-time is pretty critical for us.
It also proactively detects network performance degradation and things like availability issues and anomalies when used in concert with the SevOne network management system. In conjunction with that — with all of our polling and availability data coming from that NMS — the flow data provides that type of insight.
We also use Kentik's months of historical data for forensic work. We do 90 days.
I believe they're already working on this, but I would love for them to create better integrations from network flow data to application performance — tracing — so that we could overlay that data more readily. With more companies going hybrid, flow logs and flow data, whether it be VPC or on-prem, matched with application performance and trace data, is pretty important.
The other area would be supplanting companies like SevOne and other companies that are really good in the NMS space, specifically for SNMP data.
We've had it since before I took over this space and took over Kentik, so 2017 is when the initial contract started. We're going on three years.
The stability has been very good. There was only one outage or impacting event that I can remember in the past year. It took them a couple of days to fix it, but the impact was remediated through some mitigation they did on their end to prevent it from causing us too much headache. They got it down to where it only affected some long-term reporting, which wasn't super-critical for us. It wasn't too big a deal.
So far, Kentik has scaled for what we've done with it and we haven't hit any scale issues to date. I don't know if we're a very large user compared to some of their other customers so I don't know if we're a good example to discuss scale, per se. But we haven't encountered any scale issues from our side.
We don't have plans to expand the use of Kentik, other than increasing licenses to gather flow data for more devices. We buy per license and we have 75 or 100 licenses. The size of the teams that use it is 100 people or so. They are security engineers, network engineers, network health analysts, and threat-intelligence folks.
Their tech support is phenomenal. They tell us about an issue before we even get to it.
With the incident that I mentioned in the context of the solution's stability, even before we experienced any issues relating to it, they had already reached out to us and let us know what was going on. They gave us some timelines, and the ongoing communication kept us informed throughout the incident and was able to mitigate any kerfuffle from the executive layer. That can be a giant headache when dealing with those types of situations, but they managed it perfectly and were proactive with their communication and we didn't hear a peep from anyone about it.
I wasn't involved in the initial setup, but there is time involved for us to set up the checks for the flow data and to set up the reports. Depending on what someone is setting up, it could take five minutes or it could take a couple of days. It just depends on what they're implementing with it.
I'm sure we have data available to show ROI but I don't have it available. Where Kentik is bringing us the most value is in the security realm, in terms of attack prevention, but ROI on that is hard to measure.
There have been other folks in our company who have tested a variety of things. Prior to Kentik they went through an evaluation phase, from what I understand, and vetted out a variety of solutions. I believe that what made Kentik stand out was pricing and the intuitive user-experience.
The biggest lesson in using Kentik is that as we continue to use it and learn more, we learn about the use cases that are valuable. Initially, when I came over to the team, we weren't using it to its fullest capabilities. As we started to understand the capabilities and dive in, in specific areas with Kentik engineers themselves for customer success, we learned that we needed to change our thought process a little bit; how we thought about flow logs and what they could provide insight into.
My advice would be to leverage their customer success engineers upfront and don't let them go until you've hit all your use cases. Constantly be in touch with them to understand what some of the forward-thinking ideas are and what some of the cutting-edge use cases are that their other customers might be getting into.
We don't make use of Kentik's ability to overlay multiple datasets, like orchestration, public cloud infrastructure, network paths, or threat data onto our existing data. That is something we're evaluating. We're currently talking with a couple of teams that are moving to AWS, teams that would like to use Kentik to potentially capture VPC flow logs and overlay that with their application performance data. That is something that is currently on-hold, pending some other priority work. We will probably dive back into that, with that team, around mid-2020.
For maintenance, it requires less than one full-time engineer because it's a SaaS model.
In terms of overall vendor partnership, I'd give Kentik a nine out of 10. They're right up there as one of my best partners to work with, amongst all the contracts that I own. They're very customer-centric. They're always available. There's nothing too small or too big that I can't ask them to help with, and they seem to be willing and able to jump in no matter what. That customer focus — which is a theme across the digital world right now with companies trying to try to do more of that — Kentik does a really good job of embodying that.
We use it for traffic management. And when we want to set up new locations or a new market with our own CDN, we use it to scope what kind of internet traffic there is and what kinds of connections we should prepare.
We also use it for some alerting and reporting, like if traffic shifts very much on the link or toward a certain ISP. That could potentially tell us that there are problems or something that we should check out.
We're not super-advanced users, but we also use the API in the product. We have some tooling that we've written around these use cases that pulls data from the Kentik database.
We send the dataflow to Kentik, in their cloud. We don't have any software installed on-prem here or in our data centers. As a company, we've always tended toward not having to manage more hardware and software than necessary. We're extremely happy with having it in the cloud and we're not afraid of sending this data to them in the cloud. We pretty much trust them.
Using the drill-down into detailed views of network activity, we can see where we might have bad performance. Maybe it's in the US and is from a specific ISP. Seeing that we have general bad performance from them doesn't help us that much when troubleshooting with them. When we drill down, we can see that the users we have the most problems with are from this city or that state.
Also, some of these tools can be pretty complex, but what I really like is that when we get new team members we can easily onboard them into the tool. They can be up and running and doing fairly advanced queries very quickly. That's been a positive for us.
Kentik's API has really helped us as well. We have tooling where we can look at a certain POP and then pull the data out of Kentik and make decisions on that in another application. We also use it for cost calculations, since we have the real-time traffic data and we have a pretty good understanding of what the different links cost, and what the data costs on those links. The tooling pulls real-time data or weekly averages and we do calculations on how we're doing per gigabyte in cost.
I can only guess at how much the solution decreases our mean time to remediation, compared to if we had written our own tools. We have had Kentik from day one. I can only imagine a world where we had tried to develop this ourselves and how that would have looked. Compared to what we would have had, I would say it has decreased our MTTR by three times. It all comes down to the drill-down functionality and how easy it is to use the interface; all of the data that you can get out of it very quickly, with all the different graphing options. I would guess if we had developed our own tool, it wouldn't be nearly that advanced where we could add multiple datasets and do graphing. We probably would have had to do a lot of SQL queries ourselves to get to whatever we wanted, especially if we had trickier things to try and remediate. But it's hard for me to say since we've used it for so long.
It also helps with our total network uptime. The anomaly detector is pretty good at detecting weird things, like when traffic drops. But we also have a lot of our own tooling for this. Kentik is not a monitoring solution for us in that sense. It's more on top of what we have. But we have seen weird things where traffic has moved, situations which we probably wouldn't have caught with our own systems. So it gives additional benefits on top of the more rudimentary or standard tooling that we have.
For us, it's valuable to get a general understanding of how we serve different networks on the internet from our CDN. We're extremely happy with the different classifications you can make and also the ease of drilling down. It's a very easy tool to use. You only need 10 minutes and you pretty much have the hang of it, and that's really good.
We're pretty happy with the API functionality. It's web, and it's very simple to set up queries. It has served us well and you don't need to be an expert on the API or the product to set these things up.
It also detects anomalies proactively, but the same is not so true when it comes to real network problems, since they tend to just happen. Sometimes we can see performance degrading over time or we can see traffic drops where we're not expecting them and that could be a problem, but it's not very proactive in that case. But it's pretty good. In fairly real-time we get alerts and can act on them.
They've added a lot of features in the beta product that is coming out, things we told them about before. We asked for a way, regarding the potential networks that exist, to hook Kentik up with external tools like peering DBs to correlate things together and see what we can do.
They've been working on a cost calculator, which would be great for us, so we don't have to do it ourselves.
This is all in the beta now. Those have been my main issues so far, and since we're not a super-large, global internet service provider, we probably use 20 percent of all the features, or even less. So there aren't any major issues that annoy me on a day-to-day basis. We're extremely happy and it seems like they're listening to whatever feedback we have given in the past.
We've been using Kentik for about five years. We were one of the early customers.
The stability is very good.
Today, we only have 12 devices. We're probably not even close to reaching any limits. I would guess if we had thousands of them it might be a different story.
In terms of expanding our usage, we should probably look at the cloud part of the product. The DDoS part might be interesting as well. It's something that we haven't had time to really dig into. It's there and it's free, so why not? But then, our network setup is fairly simple. We don't operate any global backbones or the like. That's why we don't use some of its features. And we're not an internet service provider, so we don't need to understand a million things about what our users are doing.
We have never used their tech support, so that's probably a very good thing. We have never had any weird problems with the product where we had to file support tickets or anything like that. It's just been smooth sailing for us. I don't know if we've been lucky or if the product is just super-stable.
I run into Kentik people at different conferences around the world, so we usually sit down and talk. We don't spend that much time with our account manager. Since we've been a customer for so long we have met everyone in the company from the early days. So we have pretty good contacts.
We made the decision to go with Kentik instead of building something ourselves, and that was mainly due to the graphing features of the product, which are really excellent; the drill-down features. For us to develop something like that ourselves would have taken a lot of time.
It was in their very early days. We met Kentik at some conference and we thought, "Hey, this looks like a cool product and something that we probably need." So we started a trial and were very happy with the product and we continued using it. We really like that they understood our use case. The people who worked at Kentik back then were people who came from the same background as ours, with CDNs and content delivery.
We were extremely happy with the features; they were exactly what we were after. Back then, one big plus for us was not having to operate our own hardware, like appliances, in data centers. Since we're an internet company, we're not afraid of sending data to the cloud, a process which might concern a bank, for example. It was pretty much a no-brainer to continue using the product.
Back then, the setup was really straightforward. There was not much configuration to be done on our side and then data just magically appeared in the portal.
Our deployment took about a day. We only had a few routers and a few POPs back then. We did the setup in three or four locations, so it was fairly small. Today, everything is completely automated on our side. When we set up new locations, we make sure that all the configuration is done automatically. The only thing we need to do is to go in and add the site in Kentik. Pretty much everything else happens automatically on our end. So there really isn't anyone involved in deploying it, per se.
We didn't really have an implementation strategy.
Given that it's a SaaS solution, it also doesn't really require anybody to work to maintain it or administrate it. We push data in and it goes away after 30 days. On an ad hoc basis, where we need a dashboard or something specific, someone may spend an hour creating that in the tool. That's not really maintenance, it's more our using the product.
We have seen a return on our investment. We need to have a tool like this and I could just imagine, if we were to look at the engineering team's hours that would need to be spent on writing something — if we wanted to do it ourselves in-house — that the return on investment is from not having to deal with that and maintain that system. And, of course, if we can spot errors fairly quickly... because if you mess up big, it costs a lot of money and fast. It's pretty good to be able to see those kinds of things in almost in real-time. It's been good for us.
We would probably have to spend a couple of hours per week to maintain an in-house tool. It really depends on how big or how complex the solution we would have built would be. But to be on par with Kentik, that would have been a pretty huge task for us to do and maintain.
We didn't look into any of their competitors at the time. It was very early days. We were in the build-up phase. I know some of their competitors and they're more clumsy when it comes to the graphing part. And we didn't want appliances. For us, a company that doesn't operate that many routers, pricing is not a huge deal, which it could be for other companies with thousands and thousands of devices to monitor. For us, it was a very good tradeoff to not have to deal with the on-prem hardware.
My advice would depend on the network and what your use case is, but I would not underestimate the importance of how easy it is to use. If I were to sell this product to someone else, that's exactly what I would tell them: how easy it is to use. Easy tools get used. If you have a beast of a system where it takes 20 minutes to get the query out, then you're probably not going to use it as much.
The biggest lesson I've learned from using Kentik is that when it's easy to drill down into data, you tend to do it more. We have spotted so many things that we would have never had spotted if this had been a less "real-time-ish" product.
Collecting data is usually very simple, but presenting it in a good way such that people can actually access it and model it as they want, that's the tricky part. Having a tool that is as easy as Kentik is to work with, gives the team motivation to add more stuff to look at.
We don't use its months of historical data for forensic work. We're using it as a real-time snapshot. You can buy the ability to go back further in time. With our license we only have the 30-day period but we rarely even look at 30 days. We usually look at a week to get the cycle of the traffic peaks that we have when people use our service on the weekends. That usually gives us a pretty good average for a month. Of course, we have other tools that we have built ourselves to do more long-term analysis, if we want to see how our traffic has grown.
We also don't make use of Kentik's ability to overlay multiple datasets, at least today. We probably should look at more of these things. We only use it for traffic management or to get an understanding of our traffic flows from the private CDN. We don't look at any trap detection. We do have a very large Google Cloud installed base where we could potentially use that, but we haven't gotten around to doing it.
We have eight people who look at Kentik. They're all working in content delivery. We don't expose it to managers or senior managers. Our structure is a bit different than some companies; we try to solve a problem very close to the problem. So it's basically my team that looks at it and they make the decisions. It's not like we have dashboards for managers and things like that. We do have the cost calculations, but we abstract that away by writing our own tooling to get the data out. It's just network engineers and the product managers for the content delivery network who look at it.
I would rate Kentik a strong nine out of 10. There is always room for improvement here and there, but overall, for our use case, it's been working really well. We haven't had any real issues. I could imagine that if you have a bigger, more complex network, you could run into some issues, but we haven't.
I like the fact that they come from the same background as we do and that they understand, at least from my perspective, the content part and what it's all about. They've been very easy to work with and very keen to listen to feedback. I am super-happy with the product.
We're the third-largest tier-one in the world but, prior to deploying Kentik, we were flying largely blind regarding our IP traffic. We didn't have any kind of visibility into where we should be upgrading capacities. Gaining visibility into the traffic with a network at our scale has been huge.
We've been able to do traffic analysis when we're looking at bringing on a customer or, more specifically, when renewing and re-terming a customer. We can take a look at their traffic profiles and put dollars and cents around it. What does it cost us to haul this customer's traffic? Are we making money on this customer's traffic? How much are we making? That allows us to gauge where we can do things, re-term-wise, and still make money.
We can also do customer prospecting. We can look at our traffic and say, "Hey, here's traffic, either to or from networks, that aren't on net. If we were to bring them on net we would be monetizing traffic that we're currently handling either for free or in some other way. If we were to bring it on, we'd be making money from it.
It has also helped our organization to save money in backbone planning. Previously, if a specific path was full, we would have to throw more bandwidth at it. I think that's what a lot of networks still do. Kentik allows us to see where traffic is really going and coming from. So we've been able to be much smarter about where we choose to upgrade paths. Throwing bandwidth at it costs adding however many more waves. If the traffic goes between A and C instead of A and B and that path happens to be $1,000 a month cheaper, we can make those kinds of changes. We've definitely been able to save money that way.
In addition, the drill-down into detailed views of network activity very much helps to quickly pinpoint locations and causes. We have a handful of saved queries, especially for some of our guys in the NOC who may not be senior-network-engineering-level types, that can be run. It lets them see things at a high level and say, "Okay, there's a spike here." They can drill in from there and get what they're actually after. It's generally DDoS-related in that specific scenario.
We have also used Kentik's months of historical data for forensic work. It tells us what the heck happened. When you're in it, you're just trying to do what you can to get things working again. That historical view allows us to go back and say, "Okay, we had this major outage last week. We know that it was partially due to this, but what actually happened and what was impacted by what was going on?"
Kentik has also decreased our mean time to remediation, with DDoS especially, but also with peering-related issues. We're able to identify and do stuff there as well, more quickly than we were previously. Shooting from the hip, I would say it has decreased our MTTR by 20 percent.
The most valuable features have been anything around traffic engineering: being able to determine the source or destination of a surge of traffic, whether it's DDoS-related, or a customer just happened to have a sudden uptick in traffic. Being able to tell where that's coming from or where it's going to enables us to do things based on that. Prior to having Kentik we were totally blind to that level of detail.
We haven't seen anything else that comes even close to Kentik's real-time visibility across our network infrastructure, and we've demo'ed everything under the sun. We're fans.
We also use it to ingest metrics, log data at scale and business context information, for network analytics, primarily around traffic profitability analysis. For that purpose, it works pretty well. We're able to get traffic statistics, in an adjustable way, out of Kentik and then we marry them with our financials. Bing, bang, boom, we know what our traffic actually costs us.
Version 4 of the platform is good and going in the right direction. It's starting to answer questions before they're asked. The mindset to date has been, "Hey I've got a question. Let me go Kentik to get the answer." They're moving more in a direction where they are saying, "Hey, here's information that you may be interested in or may need," before the question has to explicitly be asked. Continuing to move in that direction would be a good thing.
We've been using Kentik for about three years.
The stability has been great.
We get emails every now and again that say, "We're going to be doing something," or "We've got maintenance," or, "There was a five-minute outage." We've never been impacted by it.
Using it as a service, it scales indefinitely for our use purposes. That's why we did the as-a-service solution. Scaling is their problem. We didn't want to worry about it. From our vantage point, it scales to infinity.
All in, there are between 30 to 40 people who use it on a regular basis. We certainly have more users in the system than that, but there are 30 to 40 at a given time. They are mainly our engineering which includes the peering guys, myself and my team, and our core backbone guys who handle mostly long-haul stuff. Within our NOC for troubleshooting, there are a number of people who use it. And we've created some custom dashboards for our sales and sales engineering folks. Those dashboards make data easy for them to digest. They can go in via a nice, pretty portal. They type in a network they might be interested in and then all the data that they could possibly want, in an easily digestible format, is right in their faces.
We definitely have plans to increase usage. We'd like to get it into the hands of more of our salespeople. Only a small fraction of them are currently using it, mainly the guys in the carrier space. I'd love to get it into the hands of our enterprise people as well. But there are limitations on our side, including available cycles to get our guys up to speed on that kind of thing. The other thing we've also looked at doing is potentially opening it up to our customers and giving them a view into their traffic. We haven't gotten there yet, but those are things we've looked into and are looking into.
Our interactions with their tech support are very good. Response times are generally measured in minutes, which is nice to see. You don't see that very often. They take ownership when we have issues. But it's usually more questions from our side than anything else. They're on it. They actually care, which you don't see very often in customer support areas.
When there is something missing, we are generally able to go to them and work with them on it. Within a reasonable amount of time, it's generally added. At the moment, we've got what we're looking for.
The last issue they helped us with was due to the fact that we do a lot of traffic engineering, especially as it relates to peering. Once we got Kentik we'd say, "Hey this peer is congested. Let's go take a look at what the source addresses are or the destination addresses are so that we can do some traffic engineering around that." They added in a mechanism that allows you to do that whole exercise with the click of one button, which made life for that specific path a whole lot easier.
We communicated that to our customer success rep.
We were using a homebrew solution previously, which was not NetFlow based; it was BTU-based, which was vendor-specific. We are, obviously, a multi-vendor shop, so it only gave us limited visibility.
We switched to have the ability to see much more than what we were seeing. Kentik was platform-independent. There was also the fact that compared to what they were offering, nothing else on the market had the same feature set. Kentik already had more, and that was three years ago. They have been innovators in the space and have continued to push on the available features since. And most important, for us, was the price point. It was highly competitively priced. It was a no-brainer.
We did look into the on-prem option. Within our group, we're just not set up to do that. We're not server guys. And the pricing on the as-a-service-solution was such that it still made sense to go that route for us.
It took us about a day-and-a-half to fully deploy. It wasn't that big a deal.
We had to roll out the device-level config that would start exporting the data to Kentik, but that was incredibly straightforward. There was no impact to doing so. We automated that and were able to push it out to our entire network in about that day-and-a-half, and we were fully up and going without any kind of hitch.
On our side, it was just me who was involved. It was super-simple. I wrote a script, it deployed, and we were up and going.
And there is no overhead when it comes to maintenance.
It's hard to quantify ROI. How do you put the numbers around our use? Anecdotally, we definitely feel we're getting value from it. We are a fiscally conservative organization, and when we've renewed with Kentik it's never even been a question. It's, "Yes, we're renewing."
Without speaking directly about numbers, it's about the cost of a cross-connect, per device per month. Of course, some people are paying $50 a month for cross-connect and some people paying $500 a month for cross-connect. With volume, etc., it's somewhere in between. But with a network of our size and scale, we've got the volume such that we're able to get pretty aggressive pricing on things that we consume.
There are no other costs in addition to the licensing fee for us. It's one-and-done.
We've checked out Arbor, SolarWinds; you name it, we've tried it. We've had some in-house-developed stuff that we tried for about a year. Kentik really blew everything out of the water.
Arbor had a lot of what we were looking for. The problem is that they quit innovating a decade ago, and their price is ridiculous. Arbor is also device-based. You have to stick a big, massive machine in your network and each of those only supports up to about five devices. We're in an environment where we have hundreds and hundreds and hundreds of core devices. So that obviously wouldn't have scaled.
Go for it. The other solutions out there just don't compare. It has definitely been worth it for us. Anytime anyone asks us, we definitely recommend it.
We were expecting to be able to see and understand more about our traffic. I don't think any of us thought we would rely on it as much as we now do.
We have looked into making use of Kentik's ability to overlay multiple datasets onto our existing data and it's something we are thinking about. We're just not there yet within our organization.
It gives us visibility into stuff going on in our network but I don't think it necessarily helps uptime. Where it could help uptime is for specific customers when it's DDoS-related. It helps us quickly determine what's going on with DDoS, where we couldn't have before. But for our network, as a whole, it just allows us to see what's going on. It doesn't do anything itself.
It doesn't improve on the number of attacks that we need to defend. The internet is a wild place. With a network of our scale, there is something under attack literally every minute of every day, every day of the year. What it does is allow us to see quickly — immediately — is what is actually going on, and then take actions around that.
I rate it a nine out of 10. We're happy with it.
For our purposes, where we're at today, and even in the past, to analyze flows and to pull specific data and understand where our traffic is going to — which AS path — that's primarily the value that I extrapolate from Kentik.
It's mostly on-prem. We do some stuff with GCP and AWS, but it was all primarily licensed-based, based on the number of pieces of equipment we have on-prem that we actually attach it to. We have over 55 edge nodes and about 10 compute nodes.
We can actually see what we're doing now. When it comes to making an educated decision on a number of things, if you have no visibility into what you're doing, you really can't make that decision. Collecting that data and having those metrics first-hand, in real-time, allows us to make an educated decision, versus an uneducated guess.
Kentik has proactively detected network performance degradation, availability issues, and anomalies. When we had no visibility. When we had congestion, things would actually happen and it was hard to troubleshoot as to where they were coming from. That was one of the first things we were able to do.
A specific example is where we had a number of tenants that were created that were getting DDoS'ed. We couldn't understand how or why we were getting DDoS'ed because we had no visibility. We were guessing. Kentik opened up and showed us where the traffic was coming from and how we could go about mitigating.
It lets us understand what those attacks are, versus not actually knowing where they're coming from or how they're affecting us. It cuts down the time it takes for us to troubleshoot and actually mitigate by about 50 percent, guaranteed, if not more. But we're running a bunch of GRE IP sectionals. It's not like we have huge amounts of capacity. But for some of our large customers, it really has helped us detect what the problem is, instead of guessing.
At my previous company, it improved our total network uptime by about 20 percent. I wouldn't correlate that back to Kentik in my current company.
The most valuable feature is being able to pull traffic patterns; to and from destinations. We're able to understand where our traffic is going, our top talkers from an AS set, as well as where our traffic's coming from.
The only downside to Kentik, something that I don't like, is that it's great that it shows you where these anomalies lie, but it's not actionable. Kentik is valuable, don't get me wrong, but if it had an actionable piece to it... I keep telling them, "Man, you need to find a way to make it actionable because if you could actually mitigate, it'd be huge what you guys could do."
The way things are, we have to have some sort of DDoS mitigation, like Arbor or something of that nature. Once the anomaly is detected, that's great, but then you have to mitigate. If Kentik had mitigation, or if they could acquire a solution and throw it onto their platform and have that portion available, that would be huge.
I have been using Kentik at this company for about a year and, prior to that, I used it a previous job for about another year.
Coming into this company, I felt they were flying blind, meaning they didn't really have anything from a monitoring standpoint. They didn't understand how decisions were made. And to make educated decisions, you actually have to have the proper tools in place. Kentik was a tool that I know works really well.
Kentik has pretty good intuition, as a company, as to where the market sits and what they're into. They don't delude themselves. They really focus. They've been pretty good. I know the leadership over there and it seems like between Justin and Avi, they're good at what they do and that's why I'll continue to use them.
Anywhere I go, I'm going to use Kentik if I have the chance.
