Ixia allows to enrich IPFIX records with value-add extensions. Additional information that can be exported, along with standard fields such as source and destination IP addresses, include: Geographical information such as region IP, latitude and city name Application ID or name, device, browser and even SSL cipher used Detail on application and handset (device) type […]
Using nProbe and ntopng for Collecting and Visualizing Sonicwall Flows
nProbe is both a probe and a NetFlow/sFlow collector. Recently, we’ve also added added the ability to collect flows with proprietary information elements. This greatly improves nProbe flexibility as any custon, vendor-proprietary information element can be understood, correctly parsed, and exported downstream. Adding proprietary information elements to nProbe is a breeze. Indeed, it suffices to […]
Introducing nProbe 8.6: Per-Second Measurements and Collection of Proprietary Flows
We are glad to announce the release of nProbe 8.6 stable release. Among the main new features, this release brings: Per-second measurements of flows traffic Ability to collect proprietary (i.e. using non standard information elements) flows These new features come along with a wide range of new extensions and improvements to the currently existing features […]
Best Practices for the Collection of Flows with ntopng and nProbe
ntopng can be used to visualize traffic data that has been generated or collected by nProbe. Using ntopng with nProbe is convenient in several scenarios, including: The visualization of NetFlow/sFlow data originated by routers, switches, and network devices in general. In this scenario, nProbe collects and parse NetFlow/sFlow traffic from the devices, and send the […]
Introducing per-Second Measurements in nProbe Flow Exports
The need to perform on-time and per-second traffic measurements clashes with protocols such as NetFlow where all counters are cumulative with respect to the flow lifetime. So if you have a flow that lasted 2 minutes and moved X bytes, you have no clue what was the throughput of this flow across the 2 minutes. […]
Using nProbe for Collecting Palo Alto Flows
NOTE: This article is outdated. Please see “Collecting Proprietary Flows with nProbe” for learning how to collect proprietary Palo Alto flows. nProbe is both a probe and a NetFlow/sFlow collector. As you all know, we have recently added the ability to collect flows with proprietary information elements. However we natively support in nProbe popular flow […]
Introducing nProbe 8.4: New Metrics and Extensions, Improved Kafka Support
This is to announce the release of nProbe 8.4 that introduces enhanced Kafka support and adds various extensions and stability fixes. We encourage all our users to move to this version. Below you can find the complete application changelog. Enjoy ! Main New Features Implements Kafka batching, options parsing, and variable number of producers Adds […]
Improved nProbe Kafka Export Support: Theory and Practice
Kafka is a distributed messaging system widely used in the industry. Kafka can be deployed on just a small server but it can also scale up to span multiple datacenters. Given the scale and variety of possible Kafka deployments, it is desirable to have flexible, configurable producer applications able to adapt to and robustly feed any […]
Traffic directions, port mirrors and taps
Network taps have the ability to preserve traffic directions as based on the port you’re monitoring it is possible to know id traffic is going A -> B or B->A. With port mirrors you completely loose this information (this unless you creare a port mirror per direction, not always possible on all network switches) as […]
Introducing nProbe Cento 1.4 with Hardware Flow Offload
This is to announce the new 1.4 stable release of nProbe cento. The most important feature that comes with this new version is definitely the support for hardware flow offloading as well as various bug fixing and improved netflow template definition. We recently discussed the benefits of hardware flow offloading in another blog post. Hardware flow […]