Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.
10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.
nProbe: NetFlow v5/v9/IPFIX probe for analysing Gbit networks at full speed. Distribute network probes on the network, sending traffic information towards a central traffic analysis console such as ntopng.
High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
This is to announce the release of PF_RING 6.2 that has several improvements with respect to the previous version. As previously accounted, we have extended support of non-Intel devices in PF_RING to provide you the best experience supporting many new … Continue reading →
In the past few years we have tried to open PF_RING in an attempt to turn it into the “new pcap” API for packet processing. Recently we have added native support for speedy FPGA-based NICs and thus created a single … Continue reading →
For years we have optimised PF_RING to support multi-10 Gbit/40 Gbit operations in zero-copy at line rate using ZC. Our users know that using PF_RING they can operate at line rate in RX+TX, balance packets across processes, drop/prioritise traffic etc … Continue reading →
In the original ntopng it was possible to navigate historical information using a so called “Historical Interface”. Such interface was a logical network interface able to read flow data from a SQLite archive and present them on the web interface. … Continue reading →
At ntop we’ve been playing with NetFlow/IPFIX since more than 10 years and been part of its standardisation. While we acknowledge that concept of flow (a set of packets with common properties such as the same IP/port/protocol/VLAN) is still modern, … Continue reading →
This is to announce the release of nDPI 1.7. In addition to many new/updated dissectors, the main change of this release is the ability to identify subprotocols. For instance a DNS request Facebook is not identified as DNS.Facebook (previously only … Continue reading →
This post will teach you how to create a cheap WiFi access point able to enforce layer-7 application protocols. In order to do this you can use a cheap RaspberryPi or BeagleBoard with a USB WiFi stick, or use … Continue reading →
Last week we have made a couple of presentations at SharkFest 2015, introducing to the Wireshark community what ntopng is about. The most interesting part has been the feedback of those who attended the talks who commented on “how to integrate … Continue reading →
ntopng allows you to export monitoring data do external sources. For low-traffic sites, SQLite and the ntopng historical interface can be a good option. As your traffic increases you are forced to put your data on a database if you … Continue reading →
After 9 months of development, we are pleased to announce the release of ntopng 2.0. This is a major release as we have reworked many application components and made the application robust and usable by mid/large companies and ISPs. We … Continue reading →