Announce

Announce

nDPI 2.8-stable is Out

This new release brings several fixes that make nDPI more stable. Such fixes involve especially DNS and HTTP traffic dissection. Here is the full list of changes: New Supported Protocols and Services Added Modbus over TCP dissector Improvements Wireshark Lua plugin compatibility with Wireshark 3 Improved MDNS dissection Improved HTTP response code handling Full dissection of HTTP responses Fixes Fixed false positive mining detection Fixed invalid TCP DNS dissection Releasing buffers upon realloc failures ndpiReader: Prevents references after free Endianness fixes Fixed IPv6 HTTP traffic dissection Fixed H.323 detection Other …
Announce

Introducing libebpfflow: packet-less network traffic and container visibility based on eBPF

As previewed during our FOSDEM 2019 talk, this is to introduce libebpfflow a new library for enabling network traffic and container visibility based on eBPF. Designed to be CPU and memory friendly (its presence it is almost unnoticeable) , it allows people to inspect network communications inside a system. It provides visibility for processes users containers Built from scratch on eBPF, it allows people to develop monitoring applications and network sensors without having to deal with packets. Sounds strange, but this is the idea: how to monitor networks without looking …
Announce

Introducing Ubuntu 18 Support for ntopng Edge (nEdge)

After 6 months from the first nedge announcement, as a response to our customers feedback, nEdge now provides brand new features, like the ability to apply policies based on the device type, the RADIUS integration for captive portal users authentication, the ability to add static routes when running in router mode and the programmatic configuration of users and policies. Today, one of the most requested features is finally ready: the support for Ubuntu 18.04! Ubuntu 18.04 is the new LTS stable release of Ubuntu. It adopts a new environment for …
Announce

Welcome to ntopng 3.8 with continuous drill down: packets, flows, activities

We are happy to announce ntopng stable 3.8. The is the core of the next 4.0 release as it integrates new features that will be consolidated in the next release scheduled for spring. The main features include: SQL database-free high-speed traffic indexing based on a new home-grown technology. As explained in this post, we managed to store compressed flow information on disk combined with high-speed retrieval. Just add “-F nindex” to ntopng to start using this new feature, currently available in the ntopng enterprise edition. You can read more here. …
Announce

Introducing ntopng Edge (nEdge): Monitoring, Service Segmentation and Security for the Network Edge

The network edge, either wired or wireless, is becoming increasingly important as most things now happen there being the place where devices are deployed. Security-wise, central firewalls are too far from the edge, and thus devices can roam freely – and potentially create troubles – in LANs without ever hitting a security device. The consequence is that LANs are becoming increasingly insecure, and the cloud is complicating all of this as it provides in encrypted connections – that are not inspectable by monitoring and security applications – the perfect ingredients …
Announce

You’re Invited to the “Monitoring with Time Series” Meetup: San Francisco June 27th

Hi all this is to invite all of you living in San Francisco and in the Bay Area to attend the “Monitoring with Time Series” meetup organised by our friends at InfluxData. I will be speaking about ntop, traffic monitoring, time series and InfluxDB. It will also be a good time to meet with our users, hear suggestions, and (perhaps) complains. The Internet is a nice place, but a physical meeting has no price. The meetup will take place at InfluxData HQ, 799 Market St Suite 400, San Francisco. The …
Announce

Introducing nProbe 8.4: New Metrics and Extensions, Improved Kafka Support

This is to announce the release of nProbe 8.4 that introduces enhanced Kafka support and adds various extensions and stability fixes. We encourage all our users to move to this version. Below you can find the complete application changelog. Enjoy ! Main New Features Implements Kafka batching, options parsing, and variable number of producers Adds Kafka messages transmission statistics New Options --plugin-dir to load plugins from the specified directory --adj-from-as-path to get previous/next adjacent ASNs from BGP AS-path --disable-sflow-upscale to disable sFlow upscaling Extensions Implemented ICMP network latency Added ICMP …
Announce

Released nDPI 2.2.2: 7 New Protocols, Many Improvements

This is to announce a minor nDPI release update that adds a few fixes and introduces support for popular cloud protocols such as Google and Apple push service. Below you can find the complete changelog. Enjoy! Main New Features Initial experimental Hyperscan support ndpi_get_api_version API call to be used in applications that are dynamically linking with nDPI –enable-debug-messages to enable debug information output Increased number of protocols to 512 New Supported Protocols and Services GoogleDocs GoogleServices AmazonVideo ApplePush Diameter GooglePlus WhatsApp file exchage Improvements WhatsApp detection Amazon detection Improved Google …
Announce

Introducing Multi-language Support in ntopng

Traditionally all ntop tools have manuals and user interface in English. As sometimes our users are not really familiar with it, we have decided to introduce user interface translation of the user interface so that we can make those users more comfortable when using ntopng. As the moment we have added support for Italian and German, but we might consider adding further languages in the future. When you first login to ntopng after installation you will notice that there is a new menu that allows you to set the language …
Announce

Introducing nProbe Cento 1.4 with Hardware Flow Offload

This is to announce the new 1.4 stable release of nProbe cento. The most important feature that comes with this new version is definitely the support for hardware flow offloading as well as various bug fixing and improved netflow template definition. We recently discussed the benefits of hardware flow offloading in another blog post. Hardware flow offloading alleviates, to a great extent, the pressure put on the CPU by intensive tasks such as classification (associating single packets to flows for accounting and deep packet inspection). Basically, hardware flow offloading means that …
Announce

Announcing ntopng 3.2 – The First Move Towards Active Network Monitoring

Today we are glad to announce the new 3.2 stable release of ntopng. Among the most important new features available in this release, there is without any doubt an advanced network devices discovery functionality. Historically, ntopng has always been a fully passive monitoring tool. This release aims at complementing the information gathered from a purely passive packet capture with precious extra bits of data obtained by actively searching for devices. Network devices discovery glues together multiple techniques and heuristics, including ARP pinging, SNMP querying, SSDP discovery and MDNS names resolution. …
Announce

nProbe 8.2 stable is out – A Wink At Next-Gen ASA Firewalls

We are pleased to announce that the new 8.2 release of nProbe is out. This release features full Cisco ASA NetFlow support. ASA are industry’s first threat-focused next-generation firewalls that export a rich set of information through NetFlow. Being able to collect ASA data using nProbe will give you an advantage over collectors that only interpret standard NetFlow. Collected data can also be sent to ntopng over ZMQ to actually create a very effective solution for the monitoring and visualization of firewall-generated data. ZMQ-based data export has been greatly improved in …