nProbe

nProbe

IANA Assigned a PEN to ntop
Internet Assigned Numbers Authority (IANA) has assigned to ntop the 35632 PEN (Private Enterprise Number) number. This means for instance that nProbe extensions (e.g. HTTP and VoIP traffic monitoring) will be exported using IPFIX using a valid template that will be recognized by all flow collectors available in the market. A side effect is that whoever will use ntop/nProbe to monitor its own network or code monitoring extensions will be able to export them using a uniform template that will be handled by all applications. This is a major step …
nProbe

Collection and Exploration of Large Data Monitoring Sets Using nProbe
Collecting and exploring monitoring data is becoming increasingly challenging as networks become larger and faster. Solutions based on both SQL-databases and specialized binary formats do not scale well as the amount of monitoring information increases. This paper presents a novel approach to the problem by using a bitmap database that allowed the authors to implement an efficient solution for both data collection and retrieval. The validation process on production networks has demonstrated the advantage of the proposed solution over traditional approaches. This makes it suitable for efficiently handling and interactively …
nProbe

Port Mirror vs Network Tap
In order to analyze network traffic, it’s necessary to feed ntop/nProbe with network packets. There are two solutions to the problem: port mirror (also called SPAN in Cisco parlance) network tap Prior to explain the differences between these two solutions, it’s important to understand how ethernet works. In 100 Mbit and above, hosts usually speak in full duplex meaning that a hosts can both send and receive simultaneously. This means that on a 100 Mbit cable connected to a host, the total amount of traffic that a host can send/receive is …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe