• ntopConf '20 June 9-10, 2020 - Milan, Italy

  • ntopng High-speed web-based traffic analysis.

  • ntopng Edge Make your network a safer place

  • nDPI Identify hundreds of L7 protocols.

  • nProbe Cento 100Gbit NetFlow Probe and Traffic Classifier

  • Get Started! Go to the download page

Packet Capture

Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.

Traffic Recording

10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.

Network Probe

nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.

Traffic Analysis

High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.
  • Introducing PF_RING 7.6: Flow Processing Made Easy with PF_RING FT

    This is to announce a new PF_RING major release 7.6. Besides bug fixes and drivers updates to improve compatibility with latest kernels (including those shipped with Debian 10 and CentOS 8) this release includes many enhancements to the PF_RING FT … Continue reading

  • Towards Traffic Behaviour Analysis: Introducing nDPI 3.2

    This is to announce the new stable release of nDPI 3.2. The main trend of nDPI is to move from “simple” application protocol detection towards behavioral traffic interpretation. This has been implemented with the integration of modules for detecting attacks … Continue reading

  • Call for Talks for NtopConf ’20

    This year the annual ntop conference will take place in Milano, Italy on June 9-10, at Università Bocconi, one of the most prestigious university in Italy. As usual the first day will be used to train people on ntop tools … Continue reading

  • Effective TLS Fingerprinting Beyond JA3

    JA3 is a popular method to fingerprint TLS connections used by many monitoring tools and IDSs. JA3 focuses on encryption options specified during TLS connection setup to fingerprint the encryption library used by the application. Image courtesy of Cisco So … Continue reading

  • Towards ntopng v4: New User Interface Featuring Dark Theme

    This February we’ll introduce ntopng v4 and we’re starting to write some blog posts to preview the new features. Let’s start with the user interface. Since v1 the UI has always been the same. People however asked us some more … Continue reading

  • See you at Fosdem 2020

    FOSDEM is the leading open source conference in Europe and it will take place this week-end in Brussels, Belgium. As we have developed open source software since 20 years, we believe we have right to belong to this community. This … Continue reading

  • Encrypted Traffic Analysis: A Primer

    Monitoring encrypted traffic is must for providing visibility in modern traffic. Due to this we’ve put a lot of energy in extending nDPI so that it could be useful in this context. DPI (deep packet inspection) however is not enough … Continue reading

  • Important Geolocation Changes in ntop Products

    ntop products have been using geolocation databases provided by MaxMind for a long time, to augment network IP addresses with geographical coordinates (cities, countries) and information on the Autonomous Systems. ntop have been freely packaging and redistributing such databases in … Continue reading

  • Introducing n2disk 3.4: 100 Gbit Traffic Dump to Disk

    This is to announce a new n2disk release 3.4. In addition to major performance optimisations with FPGA-based NICs, this release adds new interesting features including the ability to filter traffic based on the application protocol, aggregate traffic from multiple (2+) ZC … Continue reading

  • Introducing Automatic Package Update in ntopng

    One of the most useful features in applications, is the ability to Update the application with a matter of click with no need to move to the terminal console. Instruct the system to update the application as a new version … Continue reading