Announcing Network Analytics

In December 2019, Cloudflare extended its analytics platform to include Business and Pro customers, providing them with powerful tools previously only available for Enterprise users. The analytics platform has been expanded to cover additional services such as Account Analytics, DNS Analytics, Load Balancing Analytics, and Monitoring Analytics. In January 2020, the company released Network Analytics dashboard for Magic Transit and Bring Your Own IP (BYOIP) customers, offering near real-time visibility into network- and transport-layer traffic patterns and DDoS attacks blocked at Cloudflare's edge in over 200 cities worldwide. The analytics data is stored efficiently to provide insights for up to one year back. Network Analytics are also available via GraphQL API, allowing customers to build custom reports and dashboards. Through interviews with internal customer-facing teams and external network and security engineers, two main use cases were identified: Incident Response and Reporting. The dashboard provides metrics that matter most for incident response, such as top destination IPs and ports, source IPs, ASNs, data-center locations, and protocol distribution. It also enables customizable DDoS attack logs and packet/bit distribution by source & destination, TCP flag distribution, and real-time packet and bit rates. For reporting purposes, the dashboard offers a one-line summary reflecting recent activity, dynamic maps showing geographic distribution of packets and bits based on Cloudflare data-center locations, and customizable filters for time range, IPs, ports, and more.