ntop – High Performance Network Monitoring Solutions based on Open Source and Commodity Hardware.

ntopConf'23 21-22 September, 2023

Call for Talks
Visualize 360° Web-based Network traffic visibility.

Try ntopng
React Get notified about Cyber Incidents.

Try ntopng
Protect Make your network a safer place.

Try nEdge
Inspect Identify hundreds of L7 protocols.

Try nDPI
Get Started!

Download the Software

Packet Capture

Wire-speed packet capture and transmission using commodity hardware with PF_RING. Zero-Copy packet distribution across threads, applications, Virtual Machines. Libpcap support for seamless integration with legacy applications. Remote capture with nTAP.

Traffic Recording

100 Gbit lossless network traffic recording with n2disk. Industry standard PCAP file format with nanosecond resolution. Layer-7 on-the-fly indexing to quickly retrieve interesting packets using fast-BPF and time interval. Precise traffic replay with disk2n.

Network Probe

NetFlow v5/v9/IPFIX data export and collection with nProbe, an extensible probe with plugins support for L7 content inspection. 100 Gbit NetFlow, traffic classification, and packet shunting for IDS and packet-to-disk acceleration with nProbe Cento.

Traffic Analysis

High-speed web-based traffic analysis and flow collection using ntopng. Persistent traffic statistics in RRD and Influx format. Full historical data to ClickHouse and big data systems. Layer 7 analysis based on nDPI. Identity Management with Firewalls and Active Directory support.

OpenAPI: ntopng REST API for Software Developers

May 25, 2023

Maybe not all of you know that ntopng powers in some popular monitoring systems such as CheckMK and Centreon. The integration is made possible through the ntopng REST API (REST stands for REpresentational State Transfer) that allows developers to manipulate … Continue reading →
OT, ICS, SCADA: IEC 60870-5-104 in ntopng

May 15, 2023

What is OT, ICS, SCADA ? Operational Technology (OT) refers to computing systems that are used to manage industrial operations or process operations, like water treatment, electrical power distribution or wrapping a chocolate in foil. ntopng supports some Industrial control … Continue reading →
How to Enable Smart Recording in ntopng (and n2disk)

May 11, 2023

Recently, we have introduced Smart Recording in n2disk to combine Cybersecurity with Packet-to-Disk. In this previous post (and in the documentation) we described the idea behind it and described how to enable it in a few simple steps. For those of you … Continue reading →
ntopConf’ 23 Call for Talks is now Open

May 9, 2023

This year ntop will turn 25. Our call for speakers for the ntop conference 2023 (Pisa, Sept 21-22) is now open. Deadline is June 30th. We want to hear you voice, experience, projects based on ntop tools and anything that … Continue reading →
Using nDPI to Monitor Streaming, Messaging and Social Network Traffic

May 5, 2023

We have created nDPI to label network traffic and extract metadata such as the URL or TLS certificate information. nDPI is the layer on top of which ntop applications are sitting. This time we do not want to talk about … Continue reading →
Introducing Smart Recording in n2disk: Combining Cybersecurity with Packet-to-Disk

May 2, 2023

In short Continuous network traffic recorders are applications (or appliances) that write network traffic on disk. In case of issues (e.g. security breach or network outage) they enable network and security analysts to go back in time and see how … Continue reading →
Now available ntopng/nprobe ARM64 Docker Images

May 1, 2023

Supporting 64 bit ARM platforms is important because there is now a plethora of inexpensive boards based on this architecture. Thanks to the use of docker containers, several manufacturers allow their devices to take advantage of this technology to run … Continue reading →
How To Analyse Asymmetric VLAN Traffic

April 26, 2023

A VLAN is a method for partitioning a layer two broadcast domain creating virtual networks of homogeneous systems hence promoting network segmentation. A ethernet port with no VLAN tag is called access port, whereas a switch port with VLAN-tagged packets … Continue reading →
How Flow-Based Traffic Classification Works

April 14, 2023

Many ntop products such as ntopng, nProbe, and PF_RING FT just to name a few are based on network flows. However not all our users know in detail what is a network flow, and how it works in practice. This … Continue reading →
Going Beyond 5-Tuple in Network Flow Analysis

April 14, 2023

Traditionally flow-based tools are based on the 5-tuple attributes (source and destination IP, source and destination port and the protocol field). Often they are complemented with additional attributes such as VLAN or Tunnel Id in order to avoid mixing in … Continue reading →

ntopConf'23 21-22 September, 2023

Visualize 360° Web-based Network traffic visibility.

React Get notified about Cyber Incidents.

Protect Make your network a safer place.

Inspect Identify hundreds of L7 protocols.

Get Started!

Packet Capture

Traffic Recording

Network Probe

Traffic Analysis

OpenAPI: ntopng REST API for Software Developers

OT, ICS, SCADA: IEC 60870-5-104 in ntopng

How to Enable Smart Recording in ntopng (and n2disk)

ntopConf’ 23 Call for Talks is now Open

Using nDPI to Monitor Streaming, Messaging and Social Network Traffic

Introducing Smart Recording in n2disk: Combining Cybersecurity with Packet-to-Disk

Now available ntopng/nprobe ARM64 Docker Images

How To Analyse Asymmetric VLAN Traffic

How Flow-Based Traffic Classification Works

Going Beyond 5-Tuple in Network Flow Analysis

Latest Posts

Upcoming Events