ntop

ntop

New, Fast, Scalable ClickHouse Integration for High-Volume Networks
When it comes to monitoring very large networks and the flows’ cardinality reaches into the billions, the performance of historical data storage and query systems becomes a critical bottleneck. Network operators, analysts, and engineers need to access flow records quickly and reliably, whether for traffic analysis, security investigations, or compliance reporting. When faced with massive datasets, even small inefficiencies in the data pipeline can result in slow queries, high CPU and disk usage, and poor responsiveness. At ntop, our mission is to help users gain visibility into their networks with …
ntop

Network Visibility and Observability: ntopng vs SNMP+
Recently, we’ve encountered users with high monitoring requirements. Some users need to monitor 1,000 routers and want to know who are the top talkers or top protocols. Others have a network with 200 branches, each with a NetFlow-enabled router. They need to know from a central location who are the top bandwidth users and ports on selected branches. Essentially, these users don’t need fine-grained network traffic monitoring. They just need a rough idea of who the top network users are (IP and ports). Often, users who ask us these questions …
ntop

HowTo Monitor+nDPI Traffic on Mikrotik Devices Using TZSP
Mikrotik devices are very popular in the ntop community. The simplest way to monitor traffic of these devices is using flows as described in this blog post. However sometimes flows might not be the best choice for various reasons including the inability to perform DPI on the captured traffic.  For full visibility you can use a different option offered by Mikrotik devices. Under Tools -> Packet Sniffer  you can export packets over the TZSP protocol (it is a sort of remote span protocol): just specify the IP of the remote …
ntop

PacketFest 2025 was an absolute blast!
PacketFest 2025 has been a great success. About 110 people, coming from more than 10 (European and overseas) countries, met in Zürich and attended the conference organized by ntop with support from Switch, AnyWeb, and Leutert NetServices. It was a three-day event where the ntop and Wireshark communities met to discuss network traffic visibility and cybersecurity. It was a great pleasure to have on stage many packet experts including Gerald Combs (Wireshark creator), Kelley Misata (president of OISF), and Thomas Graf (IETF chair), this in addition to the ntop core …
nEdge

Released ntopng 6.4: More Insightful Than Ever
We’re excited to announce a new ntopng stable release 6.4, a feature-packed update! With a strong focus on assets visibility and QoE monitoring. This version introduces groundbreaking new dashboards, advanced reporting, better alerting, and a lot of improvements to keep your network monitoring efficient and insightful. Breakthroughs Asset Inventory & Digital Twin DashboardVisualize your infrastructure like never before. The new dashboard provides a clear inventory of network assets with their virtual representations. Infrastructure DashboardManage multi-region deployments with a bird’s-eye view of your infrastructure and performance across distributed environments. Autonomous Systems …
Announce

Released Cento 2.2: Enhanced Flow Offload, QoE Metrics, and GTP Correlation
We’re excited to announce a new release of Cento 2.2, our high-performance flow-based traffic processing engine. This release brings major enhancements in traffic analysis capabilities, particularly for mobile network monitoring, quality assessment, and flow offloading on Napatech adapters. Whether you’re deploying Cento in ISP-grade infrastructures or using it for deep traffic inspection, this release is packed with powerful new features and improvements designed to push performance and visibility to the next level. Full Flow Table Offload on Napatech Adapters Cento 2.2 now offers fully-fledged Flow Table offload support with the …
Announce

Released PF_RING 9.0.0: Fully Fledged Hardware Flow Tracking
This is to announce a new PF_RING release 9.0.0! This release brings significant improvements for a deeper flow tracking integrations, making PF_RING even more powerful for building high-performance flow processing networking applications able to leverage on state-of-the-art hardware offloads at high speed. In fact we’ve streamlined support for the latest Napatech SmartNIC’s Flow Manager FPGA, now including periodic flow updates to ensure real-time flow visibility and minimal latency for exporting flow stats. We also explored DOCA Flow support in NVIDIA  BlueField and ConnectX adapters, to provide flow tracking also on …
ntop

Introducing Network Quality Measurement (QoE) in ntop Tools
Quality of Experience (QoE) measures how satisfied users are with a network service based on their subjective perception. Unlike Quality of Service (QoS), which focuses on technical metrics (e.g., latency, jitter, packet loss), QoE evaluates the actual end-user experience—such as video streaming smoothness, call clarity, or web browsing responsiveness. QoE is important from various points of view including: User Satisfaction: Even if network metrics appear good, poor QoE leads to frustration (e.g., buffering videos or choppy VoIP calls). Business Impact: Bad QoE can result in lost customers, reduced productivity, or …
ntop

Announcing ntop Professional Training at ntop Conference (PacketFest) and June 2025
PacketFest will talk place in Zurich, Switzerland, on May 8-9 and it will be the event where the ntop and wireshark communities meet. On May 7th we organize for the ntop community an in-presence training session where we will show the latest news about ntop tools and teach how to master them. The training is free for PacketFest attendees, and you need to register on the conference website where you can also see the complete training program. For those interested on a remote training, this is to announce that we …
Announce

Introducing the New Infrastructure Dashboard in ntopng
For this reason, some time ago we introduced the Infrastructure Monitoring in ntopng, as described in a previous blog post, which is the ability to use ntopng to monitor other ntopng instances, by means of its Active Monitoring capabilities. This infrastructure monitoring feature allows users to gain real-time insights into the status of their ntopng instances, as well as monitor the network interconnecting them. Now, we are excited to introduce a further extension to the Infrastructure Monitoring in ntopng, the new Infrastructure Dashboard. This enhancement enables users to efficiently oversee multiple …
ntop

Using ntopng for Teaching Network Monitoring and Administration
ntop believes in education, research, and no-profit and for this reason ntop tools have been them offered free of charge. Today we’re pleased to hear how they have helped young students to monitor and administer networks. Enjoy !     Introduction When teaching network monitoring and administration at the University of Applied Sciences in Fribourg (Switzerland), it is essential to provide tools to our bachelor students in computer science that enable them to observe and analyze traffic in real time. ntopng, an open-source network monitoring solution, is an appropriate choice for …
Announce

Introducing ntopng Policy Menu
In the past months we have extended our behaviour analysis introducing new features such as the ACL or device policies. For this reason we have rearranged the menus and create a new Policy menu (you can read more here) that contains all the configurations used by ntopng to trigger alerts. Sue to this, some pages have been moved and changed location. Below you can find the list of the moved pages and how to access them now: Server Ports (Previously, Server Ports Analysis): Previously in the Host entry, moved to …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe