This is to announce a new PF_RING release 8.6 ! This stable release introduces a new Runtime component in PF_RING, which adds support for runtime filtering. This allows an external application to push filtering rules (through a Redis queue) while the socket is running, and offload them to the adapter when supported (e.g. on NVIDIA/Mellanox Connect-X […]
Sorting Out and Clustering Alerts in ntopng
In a previous post, What’s In The (Alert) Inbox?, we’ve discussed how alerts are organised in the Alerts Explorer. The new “inbox” design allows us to cluster alerts into separate folders high-priority events, that require attention and needs to be addresses as soon as possible, from other minor events. This solves one issue: having all […]
What’s In The (Alert) Inbox?
ntopng emits alerts in order to report relevant. They can be triggered by traffic thresholds, user scripts, behavioural checks, or due to Security issues, including those detected by IDS systems integrated with ntopng (the full list of built-in checks, and related alerts, that can be enabled in ntopng is available in the Alerts section of […]
ntopConf 2023 (25 years of ntop) Registration is Now Open
This is to announce that the registration for the ntop Conference 2023, 25 years since the first release of ntop, is now open. Similar to past conferences, this event is divided into two days: the first day will be allocated for training on ntop products, the second day for the main conference and workshop. You […]
Deploying nEdge with Multiple (Virtual) LANs (and WANs)
Exactly 3 years elapsed from the introduction of nEdge (ntopng Edge), and despite the fact we haven’t posted much about it in our blog, this tool continued to grow, many features have been added over time, and we see that every time new users have the chance to try it, they are amazed about the capabilities it provides. […]
Using Traffic Rules To Supervise Network Traffic
The Problem Let’s assume that you have a Network where local hosts generate a constant amount of traffic. How do you find if they are misbehaving? It happens that some local host starts behaving strangely, by having an abnormal amount of traffic (sent or received) with respect to their recent past: how can you spot […]
ntop June 2023 Webinar Recording
Those who missed our June 2023 webinar can watch the webinar recording as well glance through the presentation slides.
How to Enable Smart Recording in ntopng (and n2disk)
Recently, we have introduced Smart Recording in n2disk to combine Cybersecurity with Packet-to-Disk. In this previous post (and in the documentation) we described the idea behind it and described how to enable it in a few simple steps. For those of you who prefer a video resource, and want to learn more about the technology and how […]
ntopConf’ 23 Call for Talks is now Open
This year ntop will turn 25. Our call for speakers for the ntop conference 2023 (Pisa, Sept 21-22) is now open. Deadline is June 30th. We want to hear you voice, experience, projects based on ntop tools and anything that can be of interest to our community. Pisa is the conference location that we have […]
Hardware Traffic Duplication on Intel Adapters Using PF_RING
Those of you who are familiar with kernel-bypass drivers like PF_RING ZC know that it is not possible to run multiple applications on top of the same Network interface and capture the same traffic twice. This is the case of Intel and most FPGA adapters. In fact, since the application takes full control of the adapter […]