After the Flocon 2016 meetup we held this week, next week we’re organising a meetup for our users of the bay area where we will discuss a new arguments including high-speed sensors and network analytics.
http://www.meetup.com/San-Francisco-Network-Visibility-Meetup/
For those who have not attended the Flocon meetup (~25 people attended it, for a 30 min presentation followed by a 2h open discussion), the main comments have been:
- Network monitoring has to be integrated with security tools: people demand small machines able to visualise network traffic metrics as well report potential security violations.
- Inline monitoring we introduced in ntopng 2.x is interesting for many people, in particular small/medium business. We’ve been encouraged to move forward and introduce new features such as drop of selected domains/web-sites.
- The way to scale for CPU-bound applications (e.g. an IDS) happens reducing the ingress traffic the app has to process. The upcoming cento application is going exactly in this direction: user-configurable filtering of selected traffic (e.g. Netflix or encrypted traffic) so that applications such as n2disk or an IDS can operate on less traffic (saving on disk GB or SSL traffic isn’t that useful).
- We have been encouraged to progress with our 2016 roadmap as users are looking forward using low-cost sensors as the number of monitored devices is constantly increasing and thus monitoring costs must go down.
See you in San Francisco!