PF_RING ZC is ntop’s high-speed zero-copy technology for high speed packet capture and processing. Until now ZC supported 10/40/100 Gbit adapters from Intel based on ASIC chips, in addition to the FPGA-based 100 Gbit adapters already supported by PF_RING including Accolade/Napatech/Silicom. … Continue reading
Introducing PF_RING 8.0: Batch Packet Processing and XDP Support
This is to announce a new PF_RING release 8.0. This new stable version includes enhancements for improving application performances, by adding support for batch processing also in the standard API (it was already available in the ZC API), and consolidates … Continue reading
ntopng, InfluxDB and Grafana: A Step-By-Step Guide to Create Dashboards
Creating Grafana dashboards out of ntopng data basically boils down to: Configuring ntopng to export timeseries data to InfluxDB Configuring the Grafana InfluxDB datasource to extract timeseries data from InfluxDB Adding Grafana Dashboards panels with ntopng data This post aims … Continue reading
A Step-By-Step Guide for Protecting Your Network with nScrub
Distributed Denial of Service (DDoS) attacks represent a family cyber-attacks that are more and more common nowadays. They aim to make the service unavailable by overwhelming the victim with high traffic volumes (this is the case of volumetric or amplification attacks … Continue reading
Dec 10th, ntop miniconf 2020 part III: nProbe and n2disk (on embedded systems)
This is a reminder for the third and last part of our mini-conference 2020 scheduled for this Thursday, December 10th 4 PM CET/10 AM EST. This time we’ll focus on the latest nProbe and n2disk features and provide a short … Continue reading
Exploiting Arista MetaWatch with n2disk and ntopng: HighRes Timestamping and Analytics
Precise packet timestamping is a key feature for network traffic analysis and troubleshooting. Traditionally many people use FPGA-based NICs with precise timestamping (e.g. Napatech, Silicom) even though a good precision can be obtained with PTP-based NICs such as many Intel … Continue reading
Using ntopng as network sensor for SecurityOnion (and integrated with Suricata)
SecurityOnion (SO) is a popular Linux distribution for threat hunting and security. It included ElasticSearch as backend for storing alerts as well as Kibana-based web interface. SO includes out of the box a few sensors such as Suricata that is … Continue reading
Embedding ntop: Nokia Beacon and Ubiquity UniFi Dream Machine
The latest generation of network devices are pretty powerful and open. This means that such devices ship with a Linux-based distribution such as OpenWRT or UniFI OS. In these devices it is possible to install third party software as the … Continue reading
Using ntop tools on VyOS
VyOS is a popular open-source router and firewall platform based on Linux, and some of our users asked us to support it natively. This post explains you how to achieve that in a few simple steps. Prerequisites As VyOS is … Continue reading
Introducing n2disk 3.6: full L7 support, fast flow export, replay rate control
This is to announce a new n2disk release 3.6. This release adds full support for indexing and retrieving traffic based on the Layer-7 application protocol. This can now be enabled even when flow export is disabled, and it is possible … Continue reading