ntop

ELLIO for ntopng: HowTo Prevent CyberAccidents Using Blacklists
Time is one of the main problems in cybersecurity. Detecting issues after they have happened can cost you money and resources to restore the system. Network traffic monitoring tools have as goal to show what is happening on a network.  Traditionally, monitoring protocols such as IPFIX/NetFlow export monitoring data periodically and often limit their analysis to the protocol header, thus the flow collector is partially blind as it is informed after a certain event happened with limited contextual information. In ntop tools we operate in real-time with pre-labelled information thanks …
nProbe

HowTo Use Cloud Licenses
As discussed in our spring webinar, it is now possible to use (in beta) cloud licenses with ntopng and nProbe. Contrary to standard licenses that are bound to a physical system (based on the systemId), cloud licenses are “floating” as the same license file can be used on multiple hosts, of course not simultaneously (i.e. only one system at time can use the license). This is good news for those who use containers or VMs as they do no have to pay attention to the systemId anymore. If you want …
ntop

Using WeChat For Delivering ntopng Alerts
WeChat is a multi-purpose messaging, social media, and mobile payment app developed by Tencent in China. Our Chinese-speaking users requested for a long  time an integration of ntopng with it, and this is to announce it. By integrating ntopng alerts with WeChat, users can conveniently access network notifications within a platform they are already comfortable with. Overall, integrating ntopng alerts with WeChat enhances the user experience by providing timely, centralised, and customisable notifications directly to users’ preferred communication platform. So, we are happy to announce that it is now possible …
Announce

Using ClickHouse Cloud with ntopng
We are happy to announce that from the latest ntopng dev (6.1) version, ntopng supports exporting data (flows & alerts) to ClickHouse Cloud. Below you can find a step-by-step guide. Quick Start First of all let’s start by creating our account and service on the ClickHouse Cloud (you can find the official guide here); remember to save the ClickHouse username and password used for accessing your database. After that we have to jump to the ‘Connect’ section: Then, we have to select MySQL, turn on “Enable the MySQL protocol” and …
ntop

Fixing Packet Deduplication: Introducing nDedup
When it comes to monitor a busy network, network monitoring tools can become bogged down, or even worse produce misleading information for your analysis, by a hidden culprit: duplicate packets. Imagine a firehose of data streaming across your network, much of this data can be redundant, with identical packets being sent multiple times due to retransmissions or mirroring configurations. As an example, when a SPAN (Switch Port Analyzers) port is used to mirror ingress and egress direction of switch ports, the resulting mirrored traffic might contain up to 50% of …
ntop

ntop Spring Webinar: ntop Cloud, LLM/AI, SmartNIC
This is to invite you to the ntop spring webinar. The major webinar topic includes: ntop Cloud Usage of LLM (Large Language Models)/AI in ntop tools SmartNIC support in ntop Products News about ntopng 6.1 Ongoing developments Those who have missed the event can view the presentation slides.    …
ntop

ntop Cloud: Basic Concepts
We have designed the ntop Cloud as a way to securely interconnect customer applications deployed across hosts in heterogeneous environments not necessarily directly interconnected. Initially the goal of ntop Cloud is to enable users to administer easily these applications, update/restart/stop/start them with a mouse click, reconfigure them, and supervise their activities. Future SaaS (software as a service) features are planned but not a short term goals. The idea is to simplify application deployment, check application status regardless of the physical network, detect restarts etc. things that before the ntop Cloud …
ntopCloud

ntop Cloud: Security Design and Architecture
In late 2023 we have announced the beginning of a new project we have called ntop Cloud. The first goal of this project is to enable ntop applications to communicate regardless of the network topology where they are deployed, This in a secure way. In essence we want to create a new network overlay that allow ntop applications to communicate and share data. Some use cases: Be notified when a ntop application is no longer active or more in general when it changes its status. Implement a public web interface …
ntop

Announcing ntop Professional Training: May 2024
ntop tools range from packet capture, traffic analysis and processing, and sometimes it is not easy to keep up on product updates as well master all the tools. This has been the driving force for organising ntop professional training. This is to announce that in May we have scheduled the next ntop Professional Training session. It will take place online (Microsoft Teams) on 14th, 16th, 21st, 23rd, 28th, 30th of May, 2024 at 3.00 PM CET (9.00 AM EDT). Training will be held in English language and each session lasts …
ntopng

How Historical Traffic Behaviour Analysis Works
In ntopng we have implemented various techniques for analysing historical traffic. This post shows you the options available: In timeseries you can see the current traffic rate (line) or the traffic rate of the previous period of time (dotted). This allows you to visually analyse when traffic deviates from previous period of time (see for instance in the chart below the traffic drop happened at 10 AM). 2. You can trigger interface alerts based on statistical traffic analysis (exponential smoothing) when traffic exceeds (up/down) its baseline. Note that when this …
ntopng

DoS Detection Using ntopng and NetFlow/IPFIX
Recently ntopng has been used in academia for detecting DoS (Denial of Service) attacks using NetFlow flows. In this thesis (note that the document it is written in Italian) it is shown how ntopng has been successfully used collect flow and use them to detect DoS attacks. Enjoy ! …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe