Ixia allows to enrich IPFIX records with value-add extensions. Additional information that can be exported, along with standard fields such as source and destination IP addresses, include: Geographical information such as region IP, latitude and city name Application ID or … Continue reading
Using nProbe and ntopng for Collecting and Visualizing Sonicwall Flows
nProbe is both a probe and a NetFlow/sFlow collector. Recently, we’ve also added added the ability to collect flows with proprietary information elements. This greatly improves nProbe flexibility as any custon, vendor-proprietary information element can be understood, correctly parsed, and … Continue reading
Introducing nProbe 8.6: Per-Second Measurements and Collection of Proprietary Flows
We are glad to announce the release of nProbe 8.6 stable release. Among the main new features, this release brings: Per-second measurements of flows traffic Ability to collect proprietary (i.e. using non standard information elements) flows These new features come … Continue reading
Best Practices for the Collection of Flows with ntopng and nProbe
ntopng can be used to visualize traffic data that has been generated or collected by nProbe. Using ntopng with nProbe is convenient in several scenarios, including: The visualization of NetFlow/sFlow data originated by routers, switches, and network devices in general. … Continue reading
Introducing per-Second Measurements in nProbe Flow Exports
The need to perform on-time and per-second traffic measurements clashes with protocols such as NetFlow where all counters are cumulative with respect to the flow lifetime. So if you have a flow that lasted 2 minutes and moved X bytes, … Continue reading
Using nProbe for Collecting Palo Alto Flows
NOTE: This article is outdated. Please see “Collecting Proprietary Flows with nProbe” for learning how to collect proprietary Palo Alto flows. nProbe is both a probe and a NetFlow/sFlow collector. As you all know, we have recently added the ability … Continue reading
Introducing nProbe 8.4: New Metrics and Extensions, Improved Kafka Support
This is to announce the release of nProbe 8.4 that introduces enhanced Kafka support and adds various extensions and stability fixes. We encourage all our users to move to this version. Below you can find the complete application changelog. Enjoy … Continue reading
Improved nProbe Kafka Export Support: Theory and Practice
Kafka is a distributed messaging system widely used in the industry. Kafka can be deployed on just a small server but it can also scale up to span multiple datacenters. Given the scale and variety of possible Kafka deployments, it is … Continue reading
Traffic directions, port mirrors and taps
Network taps have the ability to preserve traffic directions as based on the port you’re monitoring it is possible to know id traffic is going A -> B or B->A. With port mirrors you completely loose this information (this unless … Continue reading
Introducing nProbe Cento 1.4 with Hardware Flow Offload
This is to announce the new 1.4 stable release of nProbe cento. The most important feature that comes with this new version is definitely the support for hardware flow offloading as well as various bug fixing and improved netflow template … Continue reading