Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.
10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.
nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.
High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
Last week we have presented two tutorials at the Sharkfest US 2018 edition: sFlow: Theory and practice of a sampling technology [ slides ] Packet monitoring in the days of IoT and Cloud [ slides ] We believe these tutorials are … Continue reading →
Yesterday our friends at InfluxData organised a meetup at their HQ in San Francisco, CA. For all those who have been unable to attend the event, these are the presentation slides so you can learn more about the transition from RRD to … Continue reading →
The network edge, either wired or wireless, is becoming increasingly important as most things now happen there being the place where devices are deployed. Security-wise, central firewalls are too far from the edge, and thus devices can roam freely – … Continue reading →
ntopng is open source, that means you can read its code and modify it according to the GPL license. The current ntopng architecture is based on three layers where the top one is written in Lua and it is used … Continue reading →
Suppose that you are travelling abroad and you need to access some Internet sites that are not available abroad. Or suppose that you want to evade the restrictions of your ISP, of the hotel room where you are currently staying, … Continue reading →
Hi all this is to invite all of you living in San Francisco and in the Bay Area to attend the “Monitoring with Time Series” meetup organised by our friends at InfluxData. I will be speaking about ntop, traffic monitoring, … Continue reading →
This is to announce a new PF_RING major release 7.2 that includes: Support for Ubuntu 18 as well the latest Debian and CentOS kernels. Many improvements to the FPGA capture modules and the ZC library (that is now able to … Continue reading →
In a previous post we discussed the advantages of using specialized adapters featuring flow offload in hardware for accelerating IDS applications. What we have learnt is that IDSs are typically CPU-bound applications, and this is mainly caused by the thousands of rules that … Continue reading →
After a fresh install, ntopng will run using a default, basic configuration. Such configuration is meant to provide an up-and-running ntopng but does not try to secure it. Therefore, the default configuration should only be used for testing purposes in … Continue reading →
Hi all, it is finally time to restart development activities in n2n whose code is available at https://github.com/ntop/n2n. The advent of the cloud, privacy concerns on the Internet, mobile users now producing a large amount of Internet traffic, require a … Continue reading →