Kentik is a network observability company that helps detect attacks on your network and triggers Cloudflare’s Magic Transit to begin advertisement. Together, Kentik and Magic Transit On Demand work to create a fully SaaS-based, DDoS protection solution to help you mitigate attacks and protect your network automatically.
In this tutorial, the example scenario includes two mitigations, one which pulls the advertisement from the router and a second mitigation that makes an API call to Cloudflare to begin advertising the prefixes from Cloudflare’s edge.
You will need the email address associated with your Cloudflare account, Cloudflare Account ID, and Cloudflare API token to configure the connection for Magic Transit in Kentik.
Configure the Kentik portal
Log in to your Kentik account.
Click Menu > Settings.
From the Settings page under Customizations, click Mitigations.
On the Configure Mitigations page, locate the Cloudflare section.
Click Edit next to the Cloudflare branded mitigation to edit and review the information.
In the example below under section two, the Cloudflare email address, Account ID, and API token are used to send the API call to Cloudflare to begin advertising routes and turn on Magic Transit for the customer’s network.
After reviewing the information, click Update Mitigation Platform.
Click Menu > Library.
On the Library page, in the search field, enter Cloudflare.
Under Uncategorized Views, click Cloudflare Saved View. The data explorer displays.
From Options > Time, you can edit the Lookback information to review traffic source information for a specific time period.
Access Cloudflare account
From the navigation menu, select IP Prefixes.
Referring to the example scenario, the prefix protected by Cloudflare displays a Withdrawn status.
After a DDoS attacks occurs, the status changes to Advertised which indicates the network is protected.
From your Cloudflare dashboard, select Analytics > Network Analytics.