Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.
10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.
nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.
High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
This is to announce a new PF_RING major release 7.0. In addition to many improvements to the capture modules, drivers upgrades, containers isolation, the main change of this release is the ability to offload flow processing to the network card … Continue reading →
Summary Grafana is one of the most widely known platforms for metrics monitoring (and alerting); ntopng version 3.1 natively integrates with Grafana thanks to a datasource plugin which is freely available; This article explains how to install and configure the ntopng … Continue reading →
On November 7th we will be organising the ntop meetup during the Sharkfest EU 2017 that will take place in Portugal. You can find all details here. This year we will be focusing on cybersecurity, IoT and user traffic monitoring, … Continue reading →
This is to announce the release of the ntopng Grafana datasource that you can find on the grafana website. Using this plugin you can create a Grafana dashboard that fetches data from ntopng in a matter of clicks. To set … Continue reading →
This month it’s 20 years that I have started the ntop project. Initially it was a hobby project, willing to understand what was really flowing on a network after having spent 5 years playing with OSI that was clearly a … Continue reading →
Using nProbe in combination with ntopng is a common practice. The benefits of this combination are manyfold and include: A complete decoupling of monitoring activities (taking place on the nProbe) from visualization tasks (taking place on ntopng); The capability of … Continue reading →
In early August, Scott Schweitzer interviewed me about network monitoring and packet capture. The conversation has been very broad, and I have covered various topics ranging from packet capture, network traffic analysis, deep packet inspection, IoT (Internet of Things) and … Continue reading →
Fritz!Box routers are popular devices that many people use to connect to the Internet. Inside these routers there is a hidden (i.e. not accessible from the router web admin page, but that you access directly with a web browser by … Continue reading →
At ntop we use wireshark to dissect traffic and to learn how to make our tools better. We’re not typical packet-oriented users however, as we want to see traffic as a whole and not packet-by-packet. This has been the motivation … Continue reading →
This week at Sharkfest US 17, we have presented the ntop contributions to wireshark. In particular: How to use nDPI to complement Wireshark traffic classification How to remote capture on a remote box at 10/401/100 Gbit and stream traffic securely … Continue reading →