Kentik offers its DDoS protection in the context of being primarily focused on big data traffic intelligence. The San Francisco-headquartered company formerly known as CloudHelix provides network visibility and performance solutions.
Its main offering, Kentik Detect, is a big data-based SaaS, which can also be deployed as an on-premises cluster, that “turns network data into valuable intelligence”. Kentik Detect offers ad-hoc analytics to improve business operations, along with optimization services and security offerings, including detection and DDoS mitigation. Kentik claims that its big data intelligence allows it to “offer far more accurate detection and automated mitigation that increases your protection”, even citing a percentage of DDoS prevention improvement of 30% over traditional appliance-based solutions.
The company says that Kentik Detect is “the industry’s only big-data cloud-scale network analysis solution that offers far more accurate DDoS detection, and automates the triggering of hybrid mitigation techniques, including out of the box integrations with Radware and A10, plus support for remote triggered black holes”.
Kentik Detect monitors and analyzes millions of individual IPs and is capable of scanning billions of flow records that depict network-wide traffic in a matter of seconds. It has adaptive, learning algorithms that automatically baselines IPs it considers potentially suspicious, meaning the user doesn’t have to maintain statically configured lists and monitoring can be done at a granular level. The client can create monitoring, alerting and mitigation schemes using eight different parameters chosen from multiple data fields, set against a variety of metrics.
After traffic flow data moves through Kentik Detect’s cloud-based big data platform, it is sent to its SaaS cloud using an encrypted tunnel for heightened privacy. DDoS protection is primarily performed there as attacks are detected and actions are triggered, such as the displaying and sending of alerts, or the onset of multiple mitigation techniques depending on the kind of attack observed.
Kentik compares its next-generation offerings to legacy DDoS mitigation tools, which much of the rest of the industry is still using. False negatives and false positives both divert attention and time; Kentik’s compute and storage capacity allow it to retain traffic data at volume and measure for anomalies with both accuracy and scale.
Kentik Detect works in orchestration with other mitigation solution services, allowing it to “craft an orchestrated, hybrid approach that’s most appropriate to your situation”. Other mitigation providers it works with include A10 and Radware.
It has both an automatic mitigation option, which triggers when conditions meet Kentik’s custom-defined policies, or an on-off solution, via which the client can receive notifications that ask for manual approval before mitigation is applied.