ntop – High Performance Network Monitoring Solutions based on Open Source and Commodity Hardware.

ntopng High-speed web-based traffic analysis.
ntopng Edge Make your network a safer place
nDPI Identify hundreds of L7 protocols.
nProbe Cento 100Gbit NetFlow Probe and Traffic Classifier
Get Started! Go to the download page

Packet Capture

Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.

Traffic Recording

10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.

Network Probe

nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.

Traffic Analysis

High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.

Introducing nProbe 9.4: New Platforms Support and Product Editions

January 24, 2021

This is to announce nProbe 9.4 stable that is an incremental update of 9.2 released last fall. The goal of this maintenance release is to pave the way to pervasive embedded systems support as we now support OPNsense/pfSense/FreeBSD Soon we’ll … Continue reading →
ntopng, InfluxDB and Grafana: A Step-By-Step Guide to Create Dashboards

January 20, 2021

Creating Grafana dashboards out of ntopng data basically boils down to: Configuring ntopng to export timeseries data to InfluxDB Configuring the Grafana InfluxDB datasource to extract timeseries data from InfluxDB Adding Grafana Dashboards panels with ntopng data This post aims … Continue reading →
A Step-By-Step Guide for Protecting Your Network with nScrub

December 28, 2020

Distributed Denial of Service (DDoS) attacks represent a family cyber-attacks that are more and more common nowadays. They aim to make the service unavailable by overwhelming the victim with high traffic volumes (this is the case of volumetric or amplification attacks … Continue reading →
Efficiently Detecting and Blocking SunBurst Malware

December 18, 2020

Earlier this month a new highly evasive malware attacker named SunBurst has been disclosed. Immediately some countermeasures have been disclosed and in particular some Snort/Suricata rules have been published. We have analysed the rules trying to figure out if ntop … Continue reading →
Dec 10th, ntop miniconf 2020 part III: nProbe and n2disk (on embedded systems)

December 8, 2020

This is a reminder for the third and last part of our mini-conference 2020 scheduled for this Thursday, December 10th 4 PM CET/10 AM EST. This time we’ll focus on the latest nProbe and n2disk features and provide a short … Continue reading →
Exploiting Arista MetaWatch with n2disk and ntopng: HighRes Timestamping and Analytics

December 2, 2020

Precise packet timestamping is a key feature for network traffic analysis and troubleshooting. Traditionally many people use FPGA-based NICs with precise timestamping (e.g. Napatech, Silicom) even though a good precision can be obtained with PTP-based NICs such as many Intel … Continue reading →
Dec 3rd, ntop miniconf 2020 part II: ntopng

December 1, 2020

This is a reminder for the second part of our mini-conference 2020 scheduled for this Thursday, December 3rd 4 PM CET/10 AM EST. This time we’ll focus on the latest ntopng 4.2 features. We have the pleasure to host our … Continue reading →
Using ntopng as network sensor for SecurityOnion (and integrated with Suricata)

November 23, 2020

SecurityOnion (SO) is a popular Linux distribution for threat hunting and security. It included ElasticSearch as backend for storing alerts as well as Kibana-based web interface. SO includes out of the box a few sensors such as Suricata that is … Continue reading →
Embedding ntop: Nokia Beacon and Ubiquity UniFi Dream Machine

November 20, 2020

The latest generation of network devices are pretty powerful and open. This means that such devices ship with a Linux-based distribution such as OpenWRT or UniFI OS. In these devices it is possible to install third party software as the … Continue reading →
Using ntop tools on VyOS

November 18, 2020

VyOS is a popular open-source router and firewall platform based on Linux, and some of our users asked us to support it natively. This post explains you how to achieve that in a few simple steps. Prerequisites As VyOS is … Continue reading →

ntopng High-speed web-based traffic analysis.

ntopng Edge Make your network a safer place

nDPI Identify hundreds of L7 protocols.

nProbe Cento 100Gbit NetFlow Probe and Traffic Classifier

Get Started! Go to the download page

Packet Capture

Traffic Recording

Network Probe

Traffic Analysis

Introducing nProbe 9.4: New Platforms Support and Product Editions

ntopng, InfluxDB and Grafana: A Step-By-Step Guide to Create Dashboards

A Step-By-Step Guide for Protecting Your Network with nScrub

Efficiently Detecting and Blocking SunBurst Malware

Dec 10th, ntop miniconf 2020 part III: nProbe and n2disk (on embedded systems)

Exploiting Arista MetaWatch with n2disk and ntopng: HighRes Timestamping and Analytics

Dec 3rd, ntop miniconf 2020 part II: ntopng

Using ntopng as network sensor for SecurityOnion (and integrated with Suricata)

Embedding ntop: Nokia Beacon and Ubiquity UniFi Dream Machine

Using ntop tools on VyOS

Latest Posts

Upcoming Events