Mikrotik devices are very popular in the ntop community. The simplest way to monitor traffic of these devices is using flows as described in this blog post. However sometimes flows might not be the best choice for various reasons including the inability to perform DPI on the captured traffic. For full visibility you can use […]
You’re invited to ntopng (May 27th) and nDPI (June 10th) Technical Webinars
One of the feedbacks we have collected at the PacketFest conference is to schedule periodic webinars about popular ntop tools we develop. For this reason, we have decided to start with ntopng and nDPI: ntopng Webinar – May 27th, 3-4 PM CET / 9-10 AM ET https://www.youtube.com/watch?v=dtLrax-_ZNs nDPI Webinar – June 10th, 3-4 PM CET […]
PacketFest 2025 was an absolute blast!
PacketFest 2025 has been a great success. About 110 people, coming from more than 10 (European and overseas) countries, met in Zürich and attended the conference organized by ntop with support from Switch, AnyWeb, and Leutert NetServices. It was a three-day event where the ntop and Wireshark communities met to discuss network traffic visibility and […]
Introducing nDPI 4.14: Added QoE (Quality of Experience) and New Protocols, Several Fixes
We’re excited to announce the release of nDPI 4.14, a maintenance release that also includes some cool new protocol dissectors and fixes. As you know, maintaining a DPI library is no easy task, and this release is no exception. We’ve worked hard to enhance existing dissectors, making them more robust and efficient. We’ve also cleaned […]
Using Network Fingerprints Beyond Cybersecurity
Last week ntop has been invited to give a talk at neacademy in Napoli, Italy. The topic was network fingerprints and nDPI. Network fingerprints such as JA4 have been made popular by cybersecurity that uses them to spot (with limited false positives) malware and use them to find traffic pattern similarities. During the talk, we […]
AI-Driven Networks: A ML Solution for 5G Networks based on nProbe
In this contributed post the Universidade de Aveiro, Instituto de Telecomunicações, Portugal, explains how nProbe has be successfully used in 5G networks. Introduction As networks evolve to meet the demands of modern connectivity, the need for intelligent traffic monitoring and anomaly detection becomes increasingly critical. In the context of 5G networks, where high-speed data […]
Introducing Network Quality Measurement (QoE) in ntop Tools
Quality of Experience (QoE) measures how satisfied users are with a network service based on their subjective perception. Unlike Quality of Service (QoS), which focuses on technical metrics (e.g., latency, jitter, packet loss), QoE evaluates the actual end-user experience—such as video streaming smoothness, call clarity, or web browsing responsiveness. QoE is important from various points […]
Announcing ntop Professional Training at ntop Conference (PacketFest) and June 2025
PacketFest will talk place in Zurich, Switzerland, on May 8-9 and it will be the event where the ntop and wireshark communities meet. On May 7th we organize for the ntop community an in-presence training session where we will show the latest news about ntop tools and teach how to master them. The training is […]
HowTo Use Host Policy to Detect Misbehaving Hosts
ntopng has several ways to spot unusual traffic patterns, like: Checking if a device is behaving strangely. Sending alerts when a threshold is reached. Looking for changes in traffic metrics (like how much traffic is coming from a particular host). Seeing if host services change. To make these checks even better, ntopng added a new […]
When Traffic Obfuscation Falls Short: nDPI vs NordWhisper NordVPN
In recent years, numerous virtual private networks (VPNs) have been introduced to the market. Some of these VPNs are standalone applications, while others are integrated into web browsers or other network applications. All of these VPNs promise users a private browsing experience by preventing users from being tracked and observed, particularly on public hotspots. Popular […]