Author: Gabriele Deri

  • Home
  • Articles by: Gabriele Deri
Technologies and Trends

ntopng Just Got Faster — Here’s What Changed
We’ve been quietly working on something that most users won’t notice at first glance — but will feel immediately. Starting with the latest dev ntopng version, the entire UI build pipeline has been improved from the ground up. The result: the UI loads in roughly half the time, and data from the backend arrives faster too. Here’s the full picture of what changed and why it matters. From Webpack to Vite: A New Build Pipeline For years, ntopng’s frontend was generated using Webpack — a tool that served us well, but was …
Technologies and Trends

Breaking Free from Packet Brokers: How to Use nTap/PF_RING ZC for Traffic Aggregation
nTap is a lightweight software-based network tap designed by ntop to simplify remote traffic collection and analysis. Unlike traditional hardware-based packet brokers, nTap lets you capture, forward, and aggregate traffic using pure software—reducing complexity and cost. In this blog post, we’ll walk through: nTap fundamentals (FAQ highlights) Step-by-step configurations for popular use cases Integration with n2disk, nProbe, and ntopng Scaling from low (1 Gbps) to very high-speed (40/100 Gbps) deployments Best practices for performance optimization nTap FAQ Highlights Q: What is the network overhead introduced by nTap?Each captured packet incurs …
ntopng

Introducing ntopng Alerts Graph: Visualize Security Events Like Never Before
Network security analysts often struggle to understand how alerts are connected across different hosts. Traditionally, ntopng displayed flow alerts in a table format, perfect for listing issues, but limited when it comes to spotting patterns or identifying which host is the real problem or victim. Additionally, tabular visualization does not let security analysts or network managers quickly determine which problem to tackle first, causes alert fatigue what are the main network issues, such as brute force attempts, obsolete TLS or SSH version connections, periodic flows etc. These issues are now …
Data Privacy

Export and Archive ClickHouse Flows in ntopng for Regulatory Compliance
Most ntopng users make extensive use of ClickHouse support for storing historical flow data and running analysis on it. ClickHouse is highly optimized and offers a high compression rate (estimated at an average of 60 bytes per flow), allowing for long data retention even with limited storage. However, to comply with regulations such as GDPR, SOX, HIPAA, and PCI DSS, it is often necessary to retain data for extended periods. This is manageable when flow rates are low to moderate, but can require significant disk space when flow rates are …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe