From time to time we receive emails form people asking how nDPI compares with other similar toolkits. Licio Marchetti has shared this report Comparison of Deep Packet Inspection (DPI) Tools for Traffic Classification written by the Universitat Politècnica de Catalunya that says: “the best accuracy we obtained from NDPI (91 points), PACE (82 points), UPC MLA (79 points), […]
It’s time for a completely new ntop. Say hello to ntopng.
15 years are past since the first version of ntop. In 1998 network monitoring requirements were very different from today: few protocols (mostly in plain text) to monitor, IP was not yet “the only protocol”, low network speed, very few connected hosts, no iPhones yet, raspberry was still a fruit, Linux was still for geeks. […]
Who (Really) Needs Sub-microsecond Packet Timestamps?
Introduction For years network adapter manufacturer companies have educated their customers that network monitoring applications can’t live without hardware packet timestamps (i.e. the ability for the network adapter to report to the driver the time a given packet was sent or received). State of the art FPGA-based network adapters [1, 2, 3] have hardware timestamps […]
Learning The ntop World of Apps
The main criticism to ntop is the lack of documentation. This is because we have to maintain many projects, have little time, and also because we prefer coding to documentation. We decided to fill this gap and give a positive answer to your requests: We have created the nBox GUI to enable you to use […]
How to build yourself a nBox Probe and Packet Recorder
If you need a network probe or a packet recorder you have two options. Grab a turn-key nBox or built it yourself using our software. In the first case you will receive a optimised system, with the right motherboard/CPU/NIC for your monitoring tasks and all software preinstalled/configured. However if you want to build yourself your nBox […]
Configuring nDPI for Custom Protocol Detection
The first release of nDPI was basically a refresh of the OpenDPI library on which nDPI is built. Over the past few months we have made many changes including: Port to various platforms including Linux, MacOSX, Windows and FreeBSD. Enhancement of the demo pcapReader application both in terms of speed/features and encapsulations supported (for instance […]
Monitoring Mobile Networks (2G, 3G, and LTE) using nProbe
Monitoring mobile networks traffic has been traditionally perceived by the telecommunications industry as something complex, costly, proprietary. This is unfortunately one of the few fields where the open-source movement has not been able to spread much, where vendor lock-in is still the standard. Last year we visited the Mobile World Congress in Barcelona to understand […]
Not All Servers Are Alike (With DNA) – Part 2
Some time ago, we discussed on the first part of this post, why not all servers spot the same performance with DNA. The conclusion was that beside the CPU, you need a great memory bandwidth in order to move packets from/to the NIC. So in essence CPU+memory bandwidth are necessary for granting line-rate performance. In […]
BYO10GPR: Build Your Own 10 Gbit Packet Recorder
Packet recorder appliances are one of the last network components that have insane prices. Years ago this was justified by the fact that in order to capture traffic at high speed it was mandatory to use costly custom packet capture cards and often custom-designed hardware. With the advent of multi-10 Gbit packet capture technologies on […]
Monitoring on the MicroCloud
When I started to develop ntop in 1998, it was clear to me that the network was a huge, volatile (or semi-persistent if you wish), constantly changing database. In ntop this database is implemented in memory, where for each received packet, ntop updates the hosts, protocols, sessions, packet size….. tables. The web interface is yet […]