The need to perform on-time and per-second traffic measurements clashes with protocols such as NetFlow where all counters are cumulative with respect to the flow lifetime. So if you have a flow that lasted 2 minutes and moved X bytes, … Continue reading
Using nProbe for Collecting Palo Alto Flows
nProbe is both a probe and a NetFlow/sFlow collector. As you all know, we have recently added the ability to collect flows with proprietary information elements. However we natively support in nProbe popular flow exporter devices such as Cisco NBAR … Continue reading
Introducing nProbe 8.4: New Metrics and Extensions, Improved Kafka Support
This is to announce the release of nProbe 8.4 that introduces enhanced Kafka support and adds various extensions and stability fixes. We encourage all our users to move to this version. Below you can find the complete application changelog. Enjoy … Continue reading
Improved nProbe Kafka Export Support: Theory and Practice
Kafka is a distributed messaging system widely used in the industry. Kafka can be deployed on just a small server but it can also scale up to span multiple datacenters. Given the scale and variety of possible Kafka deployments, it is … Continue reading
Traffic directions, port mirrors and taps
Network taps have the ability to preserve traffic directions as based on the port you’re monitoring it is possible to know id traffic is going A -> B or B->A. With port mirrors you completely loose this information (this unless … Continue reading
Introducing nProbe Cento 1.4 with Hardware Flow Offload
This is to announce the new 1.4 stable release of nProbe cento. The most important feature that comes with this new version is definitely the support for hardware flow offloading as well as various bug fixing and improved netflow template … Continue reading
Network Monitoring 101: A Beginner’s Guide to Understanding ntop Tools
The first important step to start with network monitoring is to analyze what we want to monitor and how to deploy the monitoring solution in the existing network. Here are some important questions to ask ourselves before starting the actual … Continue reading
nProbe 8.2 stable is out – A Wink At Next-Gen ASA Firewalls
We are pleased to announce that the new 8.2 release of nProbe is out. This release features full Cisco ASA NetFlow support. ASA are industry’s first threat-focused next-generation firewalls that export a rich set of information through NetFlow. Being able to … Continue reading
When Live is not Enough: Connecting ntopng and nProbe via MySQL for Historical Flows Exploration
Using nProbe in combination with ntopng is a common practice. The benefits of this combination are manyfold and include: A complete decoupling of monitoring activities (taking place on the nProbe) from visualization tasks (taking place on ntopng); The capability of … Continue reading
Introducing nProbe 8.0, the ntopng flow companion
The current nProbe 8.0 release contains many changes with respect to the 7.x series. We have optimised the code, added the ability to collect non standard fields (e.g. Cisco AVC), improved Kafka export, and reworked many tiny details to make … Continue reading