cento

Post-Quantum Cryptography (PQC) Analysis
Modern digital security relies on public-key encryption (like RSA and ECC) to protect global data. The future arrival of a Cryptographically Relevant Quantum Computer (CRQC) will completely break these mathematical foundations. To counter this, organizations must migrate to Post-Quantum Cryptography (PQC) — new, math-based algorithms deployed via standard software that quantum computers cannot exploit. The PQC migration requires to protect data “at rest” (i.e. static data stored on physical drives, databases, cloud storage, or backups) and “in transit” (i.e. data transmitted on computer networks, including HTTPs and VPNs). In the latter case quantum …
Technologies and Trends

May 21st: You’re invited to Observability and Large-Network Monitoring Webinar
Is your network a “black box,” or do you have the granular clarity needed to stay ahead of modern traffic demands? We are excited to announce an upcoming two-part webinar focused on the latest enhancements to nProbe and ntopng. These updates are designed to push the boundaries of what’s possible in network monitoring, moving beyond simple statistics into the realm of true, high-fidelity observability. Here is what we will cover: Part 1: High-Resolution Observability Standard monitoring often misses the “micro-bursts” and transient issues that cause performance bottlenecks. We’ll demonstrate how our new enhancements …
Cybersecurity

Merging ntopng Asset Inventory with Wazuh
Wazuh is a free, open-source security platform that combines SIEM (Security Information and Event Management) and XDR (Extended Detection and Response) capabilities. It is primarily used to monitor endpoints, cloud workloads, and containers to detect threats, ensure compliance, and respond to incidents in real-time. Integrating Wazuh with ntopng creates a powerful security layer by bridging the gap between host-based and network-based monitoring. The core value of this integration lies in comprehensive visibility. While Wazuh excels at monitoring what happens inside a machine, ntopng excels at monitoring what happens between machines. …
ntopng

HowTo Enable Passkey in ntopng
Passkey authentication is a passwordless sign-in method that allows you to log in to websites and apps using the same way you unlock your device—such as a fingerprint, face scan, or a screen lock PIN. It is designed to replace traditional passwords entirely, offering a significantly more secure and faster experience. In ntopng, it can be enabled to implement a multi-factor authentication method. Passkey will only work if selected conditions are met: Similar to MFA, you can enable Passkey in the user’s configuration page. As Passkey is a kind of …
ntopng

Building Custom ntopng Dashboards Using Grafana and ClickHouse
Modern network monitoring is no longer just about collecting data, it’s more about turning large volumes of time-series data into actionable insights. When enabling dump to ClickHouse, both for raw flow data and timeseries, users can build a highly scalable and flexible observability stack that goes far beyond traditional dashboards. In fact, in this post we explore the advantages of using Grafana to create custom dashboards on top of ntopng time-series data stored in ClickHouse. From ntopng to ClickHouse: A Scalable Time-Series Pipeline ntopng continuously generates rich time-series metrics, including: …
ntopng

Single Sign-On on ntopng with OpenID Connect (OIDC)
ntopng has always supported multiple authentication methods to fit different environments: local accounts, LDAP, RADIUS, HTTP basic auth, etc. Now it also supports OpenID Connect (OIDC), bringing native Single Sign-on (SSO) support for any standards-compliant Identity Provider (IdP), including Keycloak, Okta, Auth0, Azure AD / Entra ID, Google Workspace, and more. Why SSO? Managing separate credentials for every tool in a network operations centre is a maintenance burden and a security risk. Passwords get reused, accounts get forgotten, and off-boarding a staff member means hunting down every application they had …
nDPI

Observing nDPI from the Inside: Introducing USDT Tracepoints
by Ivan Nardi One of the recurring challenges when embedding the nDPI library into a production application is answering a deceptively simple question: what is nDPI actually doing right now? You know packets are coming in, flows are being classified, and risks are being flagged — but at what rate? With what latency? Are some protocols taking longer to classify than usual? Is that CPU spike caused by a wave of TLS flows, a flood of DNS queries, or something else entirely? Your application or monitoring backend probably already exports …
ntopng

HowTo Enable Multi-Factor Authentication (MFA) in ntopng
Multi-Factor Authentication (MFA) is a security system that requires users to provide two or more verification factors to gain access to a resource such as an application, online account, or VPN. The use of MFA with sensitive information as network traffic is a key feature, in particular for the ntopng admin users. In the current dev branch (and soon stable) of ntopng we have introduced MFA. Once you have created a user, you need to click on the MFA tab and click on the blue button for enabling it. Using …
Artificial Intelligence

HowTo Use (Local) LLMs with ntopng: Part I
A Large Language Model  (LLM) is a type of artificial intelligence system that uses deep learning to  understand, generate, and manipulate human language.  Examples include Antropic Claude, OpenAI GPT, Meta Llama and Google Gemini. They can be used to answer questions and explain concepts, write and edit code, perform logical reasoning and summarize documents. At ntop we are making experiments with Artificial Intelligence (AI) and LLMs, and we’ll introduce new features in the coming months. For the time being we want to start introducing our community to the use of …
nProbe

Network Telemetry Demystified: Microscope vs Telescope
As an ntopng developer, I often hear from users who are confused about the building blocks of network monitoring. Today, I’ll explain three fundamental concepts that will help you understand what your monitoring tools are actually showing you. Introduction If you’ve ever looked at ntopng’s flow reports and wondered “What exactly am I looking at?” or “Why does this tool show me different information than my packet capture?”, you’re not alone. Network monitoring gives us two primary ways to observe traffic, each with its own strengths. Think of it like …
Technologies and Trends

ntopng Just Got Faster — Here’s What Changed
We’ve been quietly working on something that most users won’t notice at first glance — but will feel immediately. Starting with the latest dev ntopng version, the entire UI build pipeline has been improved from the ground up. The result: the UI loads in roughly half the time, and data from the backend arrives faster too. Here’s the full picture of what changed and why it matters. From Webpack to Vite: A New Build Pipeline For years, ntopng’s frontend was generated using Webpack — a tool that served us well, but was …
nProbe

Capacity Planning for IT Teams: A Practical Guide Using ntop Tools
Transform network data into actionable infrastructure decisions with ntopng Introduction Every IT team faces the same challenge: how much network capacity is enough? Too little, and applications grind to a halt during peak hours. Too much, and you’re wasting budget on infrastructure you don’t need. Capacity planning doesn’t have to be guesswork. With the right tools and methodology, you can predict growth, identify bottlenecks before they cause outages, and make data-driven decisions about infrastructure investments. ntopng—the high-performance network traffic analyzer—gives you the visibility needed for effective capacity planning . Whether you’re managing a …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe