Starting from the latest 3.9 version, ntopng features and handy dropdown menu that allows you to filter flows on the basis of their current TCP state. Being able to filter flows on the basis of their TCP state is particularly … Continue reading
Welcome to ntopng 3.8 with continuous drill down: packets, flows, activities
We are happy to announce ntopng stable 3.8. The is the core of the next 4.0 release as it integrates new features that will be consolidated in the next release scheduled for spring. The main features include: SQL database-free high-speed … Continue reading
Drill Down Deeper: Using ntopng to Zoom In, Filter Out and Go Straight to the Packets
ntopng has grown significantly over the past years, providing an increasingly-interesting set of features to support network analysts and troubleshooters in their decisions. Among the most relevant features, it is worth mentioning that timeseries inspection pages have been redesigned and … Continue reading
Say hello to nIndex: Personal Big Data System for Network Flows
Being able to store network flows is a very challenging task using generic databases. Networks are becoming faster and faster and, nowadays, flow-based analysis tools should store tens, or even hundreds, of thousands of flows per second, to keep up … Continue reading
Measuring ntopng+nProbe Flow Processing Performance
In this post we try to analyze the performance of nProbe and ntopng for the collection of NetFlow. ntopng and nProbe will be broken down into smaller functional units and such units will be analyzed to understand the maximum performance … Continue reading
ntopng Disk Requirements for Timeseries and Flows
Being able to do a priori estimations of the space that ntopng is going to use in a production environment is fundamental for the provisioning of the storage. In this post we try to estimate the space used by ntopng … Continue reading
Advanced SNMP Monitoring with ntopng
It has been a while since we have added SNMP support to ntopng. The first release, presented in this blog post, implemented basic SNMP support. Since then we have code various improvements and new feature, with the aim of turning … Continue reading
Remote ntopng Authentication with RADIUS and LDAP
In large organizations, it is common to have a centralised authentication system usually named AAA (Authentication, Authorization and Accounting). Managing users typically involves the definition and enforcement of the rights to do some operations or to access certain resources in … Continue reading
sFlow Collection and Analysis with nProbe and ntopng
sFlow, short for sampled Flow, is a sampling technology designed to export network devices information, namely: Interface counters (à la SNMP MIB-II); Traffic packets (à la ERSPAN). sFlow agents run on switches, routers, firewalls and other devices, and periodically export … Continue reading
Using nProbe for Collecting Ixia IPFIX with IxFlow extensions
Ixia allows to enrich IPFIX records with value-add extensions. Additional information that can be exported, along with standard fields such as source and destination IP addresses, include: Geographical information such as region IP, latitude and city name Application ID or … Continue reading