Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.
10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.
nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.
High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
Malware blacklists are not something new to ntopng. ntopng (including ntopng Edge) has integrated the emerging threats blacklist https://rules.emergingthreats.net for a long time. The 3.6 stable release also introduced some webmining blacklists, which would flag online mining sites and generate … Continue reading →
As previewed during our FOSDEM 2019 talk, this is to introduce libebpfflow a new library for enabling network traffic and container visibility based on eBPF. Designed to be CPU and memory friendly (its presence it is almost unnoticeable) , it … Continue reading →
Starting from the latest 3.9 version, ntopng features and handy dropdown menu that allows you to filter flows on the basis of their current TCP state. Being able to filter flows on the basis of their TCP state is particularly … Continue reading →
Hosts directly connected to the Internet are often contacted by scanners and malware hosts. Since a few releases ntopng integrates a blacklist that is refreshed daily. Whenever a host part of this list contacts your ntopng instance and alert is … Continue reading →
Aut viam inveniam aut faciam, Hannibal 247-182 B.C. For years ntopng has been a solution for collecting, analysing and visualising network traffic, but with a major limitation. It is too rich in data display and reporting that users needs to … Continue reading →
Hi all, this is to invite all of our community to meet the ntop team at FOSDEM 2019, later this week-end. We have two talks scheduled and we’ll be taking about system visibility and high-resolution network monitoring. Below you can … Continue reading →
After 6 months from the first nedge announcement, as a response to our customers feedback, nEdge now provides brand new features, like the ability to apply policies based on the device type, the RADIUS integration for captive portal users authentication, … Continue reading →
Many distributions provide mechanisms to let the system administrator decide if the new installed packages should be enabled and/or started automatically. Previously, the ntop services were always enabled and started automatically after the first package installation, regardless of any system … Continue reading →
We are happy to announce ntopng stable 3.8. The is the core of the next 4.0 release as it integrates new features that will be consolidated in the next release scheduled for spring. The main features include: SQL database-free high-speed … Continue reading →
ntopng has grown significantly over the past years, providing an increasingly-interesting set of features to support network analysts and troubleshooters in their decisions. Among the most relevant features, it is worth mentioning that timeseries inspection pages have been redesigned and … Continue reading →