nScrub is a software-based DDoS mitigation system based on PF_RING ZC, able to operate at 10 Gbit full-rate (or multi 10 Gbit distributing the load across multiple modules) using commodity hardware, making it affordable in terms of price and deployment. nScrub is easy to configure even for beginners and companies with no experience with DDoS […]
Introducing n2disk 3.0
This is to announce n2disk 3.0 that is more than a maintenance release, as it: Consolidates pre-existing functionalities Adds extraction security features that pave the way to GDPR support. Adds flow offload support Simplifies storage management to avoid headaches during the n2disk configuration During our last meeting at Sharkfest EU we talked about Hardware Flow Offload. […]
PF_RING and Network Namespaces
Last week we made a couple of presentations at LinuxLab 2017 where we spoke about Containers, focusing on Network Namespaces support in PF_RING, and User and IoT-oriented Network Traffic Monitoring on Embedded Devices. With the advent of Containers, processes isolation has become extremely easy and effective, to the point that ordinary Virtual Machines have been reconsidered. Many ntop […]
Implementing PF_RING-based Hardware Flow Offload in Suricata
Last month we have integrated hardware flow offload in PF_RING 7.0. This week Alfredo has presented at Suricon 2017 the integration of hardware flow offload with Suricata and demonstrated that with this technology you can significantly reduce packet drops and CPU load. Below you can see how NetFlow traffic analysis and Suricata can both benefit […]
Introducing PF_RING 7.0 with Hardware Flow Offload
This is to announce a new PF_RING major release 7.0. In addition to many improvements to the capture modules, drivers upgrades, containers isolation, the main change of this release is the ability to offload flow processing to the network card (when supported by the underlying hw). Flow offload is a great feature for cutting the […]
Introducing nScrub: Powerful yet Affordable DDoS Mitigation
ntop has always tried to make the Internet a better place by developing many open-source network monitoring tools, and releasing all the software at no cost to non-profit and education. A few years ago, Qurium/VirtualRoad, a swedish foundation offering secure hosting to independent online news outlets and human rights organisations, contacted us. The reason was that […]
Introducing n2disk 2.8 with Microburst Detection
Together with PF_RING 6.6, today we also released n2disk 2.8. In this release we introduced support for microburst detection in order to spot traffic bursts, which is crucial in identifying potential capacity issues and troubleshooting packet loss in network equipments. We also improved our “fast” BPF engine extending the supported primitives, and improving the ability to […]
PF_RING 6.6 Just Released
After almost one year of development, this is to announce the release of PF_RING 6.6. In this release we have worked on different areas: Introduced nBPF, a software packet-filtering component similar to BPF, that is able to exploit hardware packet filtering capabilities of modern network adapters and transparently deliver these facilities to user-space applications such […]
Positioning PF_RING ZC vs DPDK
Last week I have met some PF_RING ZC and DPDK users. The idea was to ask questions on PF_RING (for the existing ZC users) and understand (for DPDK users) whether it was a good idea to jump on ZC for future projects or stay on DPDK. The usual question people ask is: can you position […]
Filtering Terabytes of pcaps using nBPF and Wireshark
In a previous post we introduced our new nBPF library that able to convert a BPF filter to hardware rules for offloading traffic filtering to the network card. We did not mention that the same engine can be used for accelerating traffic extraction from an indexed dump set produced by n2disk. n2disk is a traffic recording application able to […]