Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.
10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.
nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.
High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
Exactly two years ago we introduced Intel FM10K (FM10000) support in PF_RING ZC. The Intel FM10K ethernet controller family supports 10/25/40/100 Gbit on the same NIC, at a convenient price (sub 1000$ range) and it powers NIC various models manufactured by Silicom … Continue reading →
Motivation Most network monitoring and security applications are based on flow processing, which is in practice the activity of grouping packets based on common attributes (e.g. source and destination IP, source and destination port, protocol, etc.) and do some analysis based … Continue reading →
As you ntopng users know, out of the Elastic toolset ntopng supports both ElasticSearch and LogStash. You can use them using the -F flag: –dump-flows|-F] <mode> | Dump expired flows. Mode: | es Dump in ElasticSearch database | Format: | … Continue reading →
nProbe is both a probe and a NetFlow/sFlow collector. As you all know, we have recently added the ability to collect flows with proprietary information elements. However we natively support in nProbe popular flow exporter devices such as Cisco NBAR … Continue reading →
We’re happy to announce the release of ntopng 3.4 that introduces several enhancements and new features, some of which will be finalised in 3.6 due later this year. This version consolidates several months of work and paves the way to … Continue reading →
This is to announce the release of nProbe 8.4 that introduces enhanced Kafka support and adds various extensions and stability fixes. We encourage all our users to move to this version. Below you can find the complete application changelog. Enjoy … Continue reading →
This is to announce a minor nDPI release update that adds a few fixes and introduces support for popular cloud protocols such as Google and Apple push service. Below you can find the complete changelog. Enjoy! Main New Features Initial … Continue reading →
nScrub is a software-based DDoS mitigation system based on PF_RING ZC, able to operate at 10 Gbit full-rate (or multi 10 Gbit distributing the load across multiple modules) using commodity hardware, making it affordable in terms of price and deployment. … Continue reading →
Kafka is a distributed messaging system widely used in the industry. Kafka can be deployed on just a small server but it can also scale up to span multiple datacenters. Given the scale and variety of possible Kafka deployments, it is … Continue reading →
Traditionally all ntop tools have manuals and user interface in English. As sometimes our users are not really familiar with it, we have decided to introduce user interface translation of the user interface so that we can make those users … Continue reading →