As usual, we’re sharing some details about our 2025 roadmap. We have discusses several working items and distilled a few we can pursue in the coming months. QoE (Quality of Experience) In the past few years we have focused on Cybersecurity and now we want to extend our measurements into a new dimension: quality. ntop […]
Meet the ntop Team at FOSDEM, Brussels Feb 1-2
As we did in the past, this year we’re organizing the network devroom at FOSDEM that will take place in Brussels next week-end Sat and Sun February 1-2. Most of ntop team will be there and it will be a great to meet our community. This time we will be talking about nDPI and smart […]
You’re Invited to PacketFest ’25, Zürich 7-9 May: Where ntop and Wireshark Communities Meet
PacketFest ’25 is a two-day (May 8th and 9th) technical conference in Zurich, Switzerland, bringing together the ntop and Wireshark communities. The event features presentations and workshops on network traffic monitoring, cybersecurity, and open-source technologies, with a focus on practical applications and the latest advancements in ntop and Wireshark tools. Attendees can expect interactive sessions, […]
Released nDPI 4.12: Obfuscated/Encrypted/Proxied Traffic and Fingerprints
This is to announce the release of nDPI 4.12, the first version after our 6 months release cycle announced earlier this year. The main changes of this release include support for encrypted/obfuscated/proxied in particular for OpenVPN and TLS, as well support for network fingerprints presented in November at the Sharkfest conference. For all details see […]
How nDPI Introduced Behaviour Analysis in Suricata
Last week we have attended Suricon 2024, the annual conference about Suricata and presented our work on how nDPI has been integrated with Suricata. At ntop we like to contribute to other open source projects we use and like, such as Suricata and Wireshark. One of the main limitations of Suricata is its inability to […]
A Deep Dive Into Traffic Fingerprints
Last week during SharkFest Europe 2024 we have presented what are network fingerprints and how they work. During the talk we (Luca and Ivan) have described how we have extended nDPI with support of network fingerprints, and how this work has been also integrated in Wireshark. We believe that fingerprints are an interesting technology that […]
Introducing ntopng Hosts Activity Monitor
Many users requested us a simple way to visualise hosts activity overtime. In essence have the ability to answer questions like: What hosts were active during the week-end When a host is using most of the network. What hosts were active when a certain event happened. This is what hosts activity monitor does. In the […]
How To Implement Packet and Flow Deduplication
Depending on the network topology and configuration, your monitoring tools can receive the same traffic multiple times. This problem is called data duplication. Duplication can happen at packet or flow level: Packet duplication The same packet is received multiple (usually twice) times, either one after the other, or within a short mount of time. Note […]
Introducing Centralized License Manager for Dynamic Environments
We continually strive to make the software configuration and management more flexible and easier for the users. To this end, we are excited to announce the launch of a new way of licensing the software feature: the centralised License Manager (LM). This tool simplifies software license management by dynamically allocating licenses to various application instances […]
Can ntopng be considered an IDS (Intrusion Detection System) ?
ntopng is not typically classified as an Intrusion Detection System (IDS) in the traditional sense, but it does have some features that overlap with IDS functionalities. Let me explain the differences and how ntopng might serve a similar role: What is ntopng? ntopng is an open-source network traffic monitoring tool that provides visibility into network […]