ntop – High Performance Network Monitoring Solutions based on Open Source and Commodity Hardware.

ntopng High-speed web-based traffic analysis.
ntopng Edge Make your network a safer place
nDPI Identify hundreds of L7 protocols.
nProbe Cento 100Gbit NetFlow Probe and Traffic Classifier
Get Started! Go to the download page

Packet Capture

Wire-speed packet capture/transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications.

Traffic Recording

10 Gbit and above lossless network traffic recording with n2disk. Industry standard PCAP file format. On-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.

Network Probe

nProbe: extensible NetFlow v5/v9/IPFIX probe with plugins support for L7 content inspection. nProbe Cento: up to 100 Gbit NetFlow, traffic classification, and packet shunting for IDS/packet-to-disk acceleration.

Traffic Analysis

High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD format. Layer 7 analysis by leveraging on nDPI, an Open Source DPI framework.

May 27th: Webinar on DPI-based traffic enforcement, ntop tools on pfSense/OPNsense

May 9, 2021

For a long time, ntop mainly focused on passive traffic analysis. As cybersecurity is becoming a main concern for many organisation and individuals, we have boosted our tools by introducing facilities for spotting threats and blocking unsafe traffic. This month … Continue reading →
Introducing nProbe IPS: 10 Gbit nDPI-based Traffic Policer and Shaper

May 4, 2021

This is to introduce a new nProbe feature that brings IPS (Intrusion Prevention System) support via nDPI for Linux and FreeBSD (including OPNsense and pfSense). As shown in the picture below, nProbe acts as a transparent bridge (with kernel offload) … Continue reading →
Combining nDPI and Wireshark for Cybersecurity Traffic Analysis

April 26, 2021

At the upcoming Sharkfest Europe 2021 we’ll talk about using Wireshark in cybersecurity. Part of the talk will focus on nDPI and Wireshark integration. Since the last release nDPI features flow risk analysis, that is basically a numerical indication of … Continue reading →
Detecting and Analysing Qakbot Traffic Using ntopng

March 26, 2021

In this post Martin shows how he has used ntopng to detect Qakbot trojan. Many thanks for this contribution. Introduction I am using ntopng for network monitoring quite some time now and I was curios to see, what ntopng would … Continue reading →
Best Practices for High Speed Flow Collection

March 23, 2021

Most people use nProbe and ntopng to collect flows using an architecture similar to the one below where nprobe and ntopng are started as follows: nprobe -3 <collector port> -i none -n none —zmq “tcp://*:1234” –zmq-encryption-key <pub key> ntopng -i … Continue reading →
What is Score, and How It can Drive You Towards Network Issues

February 28, 2021

Telemetry protocols such as sFlow/NetFlow, SNMP or packet-based traffic analysis are the source of data for network traffic monitoring. For a long time visibility was the main issue and people were attracted by new tools such as Grafana that allowed … Continue reading →
How To Monitor Traffic Behind a Firewall (During and Post Pandemic)

February 10, 2021

Due to pandemic, many people are now working in a delocalised world: some work from home, others from the office. To make things even more complicated, in the past remote workers used to connect to the company network via a … Continue reading →
FOSDEM 2021 – Retrospective

February 8, 2021

FOSDEM 2021 has been an awesome event. For the first time in its history, the event was fully virtual with multiple parallel live streams. According to the infrastructure statistics, it had about 8,000 visitors of which about 5,000 were watching … Continue reading →
Join FOSDEM 2021 ntop sessions, Sat-Sun Feb 6-7th (online)

February 3, 2021

We are proud to announce that a couple of talks have been accepted at FOSDEM 2021, one of the most important FOSS conferences in the world that this yar will take place online due to the pandemic. In the Network … Continue reading →
Bringing Network Visibility, Cybersecurity and Encrypted Traffic Analysis to OPNsense, pfSense and FreeBSD

February 1, 2021

This is to announce the immediate availability of both ntopng and nProbe for OPNsense, pfSense and FreeBSD, directly supported by ntop, with nightly builds and all the features present on all other supported platforms such as Linux, Windows and MacOS. … Continue reading →

ntopng High-speed web-based traffic analysis.

ntopng Edge Make your network a safer place

nDPI Identify hundreds of L7 protocols.

nProbe Cento 100Gbit NetFlow Probe and Traffic Classifier

Get Started! Go to the download page

Packet Capture

Traffic Recording

Network Probe

Traffic Analysis

May 27th: Webinar on DPI-based traffic enforcement, ntop tools on pfSense/OPNsense

Introducing nProbe IPS: 10 Gbit nDPI-based Traffic Policer and Shaper

Combining nDPI and Wireshark for Cybersecurity Traffic Analysis

Detecting and Analysing Qakbot Traffic Using ntopng

Best Practices for High Speed Flow Collection

What is Score, and How It can Drive You Towards Network Issues

How To Monitor Traffic Behind a Firewall (During and Post Pandemic)

FOSDEM 2021 – Retrospective

Join FOSDEM 2021 ntop sessions, Sat-Sun Feb 6-7th (online)

Bringing Network Visibility, Cybersecurity and Encrypted Traffic Analysis to OPNsense, pfSense and FreeBSD

Latest Posts

Upcoming Events