• ntopng High-speed web-based traffic analysis.

  • ntopng Edge Make your network a safer place

  • nDPI Identify hundreds of L7 protocols.

  • nProbe Cento 100Gbit NetFlow Probe and Traffic Classifier

  • Get Started! Go to the download page

Packet Capture

Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.

Traffic Recording

10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.

Network Probe

nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.

Traffic Analysis

High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
  • Packets vs Flows: Which Option is the Best?

    One of the most difficult steps on a monitoring deployment scenario is to choose where is the best point where traffic has to be monitored, and what is the best strategy to observe this traffic. The main options are basically: … Continue reading

  • ntopConf 2019 Retrospective

    On May 8-9th we have organised our yearly event, in Padova, Italy. The first day was dedicated to training and the second day to the conference. Overall about 150 people attended the event, and we’re glad of it. Our gratitude … Continue reading

  • Monitoring Containerised Application Environments with eBPF

    Earlier this week ntop and InfluxData held a joint webinar about monitoring containerised applications. We have discussed solution for monitoring both legacy (e.g. non-containerised) and containerised applications, what are the technologies we can use. As most of you know, we have developed … Continue reading

  • Detecting Hidden Hosts and Networks on your (shared) LAN

    In theory on switched networks each portion of a LAN is independent. This means that for instance that network 192.168.1.0/24 and 192.168.2.0/24 are using different switch ports that communicate through a router,  and also that are not sharing the same … Continue reading

  • How enable DPI-based Traffic Management in pfSense using nEdge

    We have been receiving several inquiries from pfSense users who would love to complement the classical firewall-style pfSense features with the inline Layer-7-based traffic policing offered by nEdge. Being able place pfSense and nEdge side by side allows to overcome … Continue reading

  • ntopng Multilanguage Support: EN, IT, DE and JP

    We are happy to announce that ntopng has gone fully international! The following languages are now officially supported: English Italian Japanese German Language files are completely opensource, meaning that you can choose your preferred ntopng language, no matter if you … Continue reading

  • Cento 1.6 Stable Just Released

    After more than one year since the latest stable release, we are glad to announce cento 1.6-stable. This new release brings stability, fixes and several new features. Among the new features, it is worth mentioning that: Flows can be exported … Continue reading

  • nDPI 2.8-stable is Out

    This new release brings several fixes that make nDPI more stable. Such fixes involve especially DNS and HTTP traffic dissection. Here is the full list of changes: New Supported Protocols and Services Added Modbus over TCP dissector Improvements Wireshark Lua … Continue reading

  • How to export BGP routing information (AS Path) in network flows

    Tools like traceroute have been used for a long time to track the forward path of packets, i.e. the journey of our packets to a remote destination. Unfortunately with traceroute nothing can be said about the path of ingress packets, … Continue reading

  • How to Track and Fight Malware, Ransomware, Botnets… using ntopng

    Malware blacklists are not something new to ntopng. ntopng (including ntopng Edge) has integrated the emerging threats blacklist https://rules.emergingthreats.net for a long time. The 3.6 stable release also introduced some webmining blacklists, which would flag online mining sites and generate … Continue reading