This is to introduce a new nProbe feature that brings IPS (Intrusion Prevention System) support via nDPI for Linux and FreeBSD (including OPNsense and pfSense). As shown in the picture below, nProbe acts as a transparent bridge (with kernel offload) … Continue reading
Best Practices for High Speed Flow Collection
Most people use nProbe and ntopng to collect flows using an architecture similar to the one below where nprobe and ntopng are started as follows: nprobe -3 <collector port> -i none -n none —zmq “tcp://*:1234” –zmq-encryption-key <pub key> ntopng -i … Continue reading
How To Monitor Traffic Behind a Firewall (During and Post Pandemic)
Due to pandemic, many people are now working in a delocalised world: some work from home, others from the office. To make things even more complicated, in the past remote workers used to connect to the company network via a … Continue reading
Bringing Network Visibility, Cybersecurity and Encrypted Traffic Analysis to OPNsense, pfSense and FreeBSD
This is to announce the immediate availability of both ntopng and nProbe for OPNsense, pfSense and FreeBSD, directly supported by ntop, with nightly builds and all the features present on all other supported platforms such as Linux, Windows and MacOS. … Continue reading
Introducing nProbe 9.4: New Platforms Support and Product Editions
This is to announce nProbe 9.4 stable that is an incremental update of 9.2 released last fall. The goal of this maintenance release is to pave the way to pervasive embedded systems support as we now support OPNsense/pfSense/FreeBSD Soon we’ll … Continue reading
Introducing nProbe 9.2: Collection Pass-Through and Reforge, OpenWRT support, Flexible JSON-export
This is to announce the release of nProbe 9.2. The main new features of this release are focused on flow collection speed and flexibility in particular for modern JSON-based flow consumers. This is to enable applications relying on nProbe, e.g. … Continue reading
Introducing nProbe Cento 1.12: Combining Visibility and Cybersecurity at 100 Gbit
This is to announce the released of cento 1.12 that is a maintenance release for ntop’s 100 Gbit probe. In this version we have integrated support of the latest nDPI features to combine processing speed with latest innovations in application … Continue reading
Introducing nProbe 9.0: Traffic Behaviour Analysis and High Speed Flow Collection (Even Behind a Firewall)
This is to introduce nProbe 9.0 stable release whose the two main features are traffic behaviour analysis and high speed flow collection. Traffic Behaviour Analysis When in 2002 nProbe™ development started, the idea was to create a drop-in replacement for … Continue reading
nProbe Cento 1.10 is Out
After nDPI v3 release, today we have rolled out an incremental update of nProbe Cento. In addition to fixing a few issues, we introduce in Cento some of the fingerprints implemented by nDPI so that we can move forward in … Continue reading
Packets vs eBPF/System Events: Positioning nProbe vs nProbe Agent
nProbe (and ntopng) is a traditional packet-based application, whose lifecycle is Capture a packet and dissect/decode it Update the representation in memory of the network traffic (e.g. the flow table) Export the information Using packets for traffic analysis has several … Continue reading