ntopng 5.0 Is Out: Modern Traffic Monitoring for AIOps and Cybersecurity

Posted · Add Comment

ntopng was initially designed as a tool for realtime network traffic monitoring. The idea was to create a DPI-based tool able to report traffic statistics. Overtime we have added the ability to implement active monitoring checks, SNMP, and various other features. However there was a fundamental point that was missing: go beyond traffic reporting, moving […]

NetFlow Collection Performance Using ntopng and nProbe

Posted · Add Comment

Introduction ntopng, in combination with nProbe, can be used to collect NetFlow. Their use for NetFlow collection is described in detail here. In this post we measure the performance of nProbe and ntopng when used together to collect, analyze, and dump NetFlow data. The idea is to provide performance figures useful to understand the maximum […]

nProbe IPS: How To setup an Inline Layer-7 Traffic Policer in 5 Minutes

Posted · Add Comment

Introduction Recently, we have added Intrusion Prevention System (IPS) capabilities to our nProbe. Those capabilities are available starting from the latest 9.5 version, both for Linux and FreeBSD – including OPNsense and pfSense, and are available with all nProbe versions and licenses (see the product page for additional details). On Linux, nProbe leverages the netfilter […]

How Attackers and Victims Detection works in ntopng

Posted · Add Comment

In  recent ntopng versions, alerts have been significantly enriched with metadata useful to understand network and security issues. In this post, we focus on the “Attacker” and “Victim” metadata, used to enrich flow alerts and label hosts. Specifically, the client or the server of a flow is labelled as “Attacker” when it is, with high […]

FOSDEM 2021 – Retrospective

Posted · Add Comment

FOSDEM 2021 has been an awesome event. For the first time in its history, the event was fully virtual with multiple parallel live streams. According to the infrastructure statistics, it had about 8,000 visitors of which about 5,000 were watching the live streams. A huge volunteering work has been necessary to make this event happen […]

ntopng, InfluxDB and Grafana: A Step-By-Step Guide to Create Dashboards

Posted · Add Comment

Creating Grafana dashboards out of ntopng data basically boils down to: Configuring ntopng to export timeseries data to InfluxDB Configuring the Grafana InfluxDB datasource to extract timeseries data from InfluxDB Adding Grafana Dashboards panels with ntopng data This post aims at covering the topics above to serve as reference for those who want to create […]

Say Hello to ntopng 4.2: Flexible Alerting, Major Speedup, Scada, Cybersecurity

Posted · Add Comment

We are pleased to introduce ntopng 4.2 that introduces several new features and breakthroughs while consolidating the changes introduced with 4.0. The main goals of this release include Enhance and simplify how alerts are delivered to consumers Many internal components of ntopng have been rewritten in order to improve the overall ntopng performance, reduce system […]