Wire-speed packet capture and transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications. Remote capture with nTAP.
Traffic Recording
100 Gbit lossless network traffic recording with n2disk. Industry standard PCAP file format with nanosecond resolution. Layer-7 on-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.
Network Probe
NetFlow v5/v9/IPFIX data export and collection with nProbe, an extensible probe with plugins support for L7 content inspection. 100 Gbit NetFlow, traffic classification, and packet shunting for IDS and packet-to-disk acceleration with nProbe Cento.
Traffic Analysis
High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD and Influx format. Full historical data to ClickHouse and big data systems. Layer 7 analysis based on nDPI. Identity Management with Firewalls and Active Directory support.
Yesterday we have presented at FOSDEM in the network devroom we headed, a talk about ntopng. Below you can find the video of the presentation and the presentation slides. Enjoy !
This is to announce the availability of ntopng 5.6 stable release that brings several additions and improvements: We have started to introduce responsiveness in ntopng GUI by means of VueJS. All timeseries and historical pages are now rewritten to take … Continue reading →
This is to announce a new PF_RING release 8.4 ! This stable release adds zero-copy support for a new range of (virtual) adapters from Intel: the iavf-zc driver can be used to capture traffic from i40e (X710/XL710) and ice (E810) … Continue reading →
This is to announce the release of nDPI 4.6 that introduces various improvements with respect to the previous release. Many things changed in this release in terms of number of protocols and robustness thanks to code fuzzing introduced in this … Continue reading →
Today we announce the availability of nProbe 10.2 that features native nTap support for generating flows from remote devices, and redesigned Kafka support for both flow export and communication with ntopng. With this respect, the new –ntopng <URL> command line … Continue reading →
Not all ntop users know that ntopng natively implements multitenancy support. Namely you can use ntopng to collect and analyse traffic from multiple users, and show to each user its own traffic, hiding all the rest. All you need to … Continue reading →
For years ntopng has listed flows in a tabular view. Our users are used to it, and over time we have added new features and filtering capabilities. What we have not yet done, is rethink how flows are reported. Reworking … Continue reading →
Most ntop tools such as nProbe cento and n2disk have been designed to run at high speed (today we consider 100 Gbit a high-speed link). ntopng instead has to perform many activities including behavioral traffic analysis that makes it unable … Continue reading →
Most programmers and network/security administrators are familiar with the Python language. As from time to time we receive requests from our users for creating custom reports, or extracting other type of data (e.g. alerts or timeseries) from ntopng, we have … Continue reading →
Since v5 ntopng has the ability to detect periodic activities, i.e. activities that are repeated periodically at a given pace (note that each activity can have a different frequency, and ntopng is able to detect them). Periodic activities are not … Continue reading →