What is most valuable?
The DDoS alerting was, at first, the most useful. It was able to alert the entire team of more than 20 that the issues with the website were actually network based, instead of, say, bad code. In time, we mitigated the DDoS attack surface, so the usefulness is still there. We just don't see it every day.
Now we use Kentik for more nuanced traffic insight. This is ad hoc usually, but we do email 'peering' reports daily to the lead network engineers. This gives them some view into new traffic patterns we are picking up in IXes.
How has it helped my organization?
I find it very useful to see when traffic destined for a prefix that we prefer ingress on in the East Coast actually ingresses or egresses on the West Coast. It shows the difference between BGP paths vs. regional expectations.
What needs improvement?
The alerting ability is greatly improved. I think there is some movement still to make this into a 'dumb mode' vs 'expert mode'. There is the SQL-like syntax, but that is expert+.
For how long have I used the solution?
I have used Kentik for 2.5 years.
What do I think about the stability of the solution?
We rarely, if ever, had any stability issues.
What do I think about the scalability of the solution?
I have not had any scalability issues.
How are customer service and technical support?
Technical support is second to none.
Which solution did I use previously and why did I switch?
We used in-house, hand-built things. All based on binary RRDs or worse.
How was the initial setup?
Initial setup was very straightforward. Nothing I needed too much help with.
What's my experience with pricing, setup cost, and licensing?
There is a large difference between BGP and normal nodes. I don't think this plays out to the best for the customer or Kentik. To be able to split off the BGP vs PPS requirements would be good.
Which other solutions did I evaluate?
We've evaluated almost everything except SiLK.
What other advice do I have?
Use the technical support if you need it. They are excellent.