ntop

ntop

HowTo Select the Right Network Adapter for Traffic Monitoring and Cybersecurity
Since the introduction of PF_RING ZC drivers for Mellanox/NVIDIA, and the new family of Intel E810 adapters, the activity of selecting the best, cost-effective adapter, based on the use case and the performance we need to achieve, has become more complicated. Let’s try to shed some light. Intel Adapters Most commodity adapters, including Intel and Mellanox, are based on ASIC chipsets, which are cheap and provide simple RX/TX operations, with no (or limited) programmability. Those adapters have been designed for general purpose connectivity and are not really optimized for moving …
ntop

Introduced RHEL/RockyLinux 9 support (and new GPG Package Signing Keys)
This is to announce the availability of ntop packages for RedHat EL9 / RockyLinux 9 at packages.ntop.org. This has forced us to change many things in the way we build packages due to the deprecation of the SHA-1 algorithm. Because of this we had to modify the GPG signing keys used to sign the ntop packages for all platforms (and thus not limited to RHEL/RockyLinux 9). This has the side effect that for installed system, you need to reinstall the apt-ntop/apt-ntop-stable (Ubuntu/Debian) or yum update (CentOS/RHEL/RockyLinux). For all details we …
ntop

Welcome to ntopng 5.4: Enhanced Traffic Analysis and Cybersecurity
The previous stable release introduced a new persistency layer based on ClickHouse, paving the way for a more flexible yet fast historical data analysis, with its ability to store billion of records (alerts and flows) with limited disk space and very low query time. This new 5.4 release introduces many enhancements in the historical data analysis with more comprehensive information and additional analysis pages to provide clear insights about Network issues. In order to further easy the analysis, the search bar has also been reworked, to let you find what you are …
ntop

Best Practices for Using ntop Tools on Containers
Many people use software containers to simplify application deployment. As you know ntop tools are also available on docker hub for quick deployment using Docker or other container management tools such as Portainer or Kubernetes. When using containers, there are a few things to keep in mind: Service Persistency ntopng relies on third party services such as Redis (required) and InfluxDB (optional) to operate. In order not to loose information at container restart, you need to persistently store data or configure ntop tools to rely on such services on an …
ntop

Registration for ntopConf 2022 (June 23-24) is now Open
This year the ntop community will meet in Milan, Italy on June 23-24. Conference will take place the first day, whereas the second day will be used for training. We’ll be talking about network traffic monitoring, cybersecurity, and discuss future roadmap items. It is a good chance to get together after pandemic restrictions, as well for us to meet our community. You can read more about this event and read the program at this page where you can also find the registration link. Note: this is a free (no cost) …
ntop

ntop Professional Training: May 2022
This is to announce that the next ntop professional training will take place in May 2022. All those who are using ntop tools for business are invited to attend this session. The idea is to divide the training in 5 session of 90 minutes each, so that you can attend the training without having to leave your daily activities. At this page can read more about training content, costs, and registration information Make sure to join it ! …
ntop

Welcome to ntopng 5.2: Historical Data Analysis, Better Performance and Alerting
Initially designed as a maintenance release, 5.2 brings many improvements in its processing engine with over 3’000 code commits. The main goal is to enhance application scalability by optimising memory and CPU usage, while introducing a new persistency layer based on ClickHouse that has replaced nIndex a home-grown high-performance indexing system that we introduced years ago. This layer enables ntopng 5.2 to store billion of flow records and alerts with limited disk space and sub-second response time by providing full visibility in terms of packets, flows and alerts. In essence …
ntop

Introducing nDPI 4.2: More Protocols and Robustness with -80% Memory
This is to announce the availability of nDPI 4.2 stable that brings several improvements and a reduced per-flow memory footprint (about -80% with respect to 4.0). We have continued to improve the DPI engine adding richer protocol metadata, as well as adding support for many platforms. The continuous integration toolchain along with fuzzy-testing allowed us to improve the overall library robustness and reliability which is a key feature when analyzing traffic, in particular for cybersecurity. In our vision, nDPI should be a traffic analysis layer sitting on top of packet …
ntop

Historical Traffic Analysis at Scale: Using ClickHouse with ntopng
Last year we have announced the integration of ClickHouse, an open source high-speed database, with nProbe for high-speed flow collection and storage. Years before we have created nIndex, a columnar data indexing system that we have integrated in ntopng, but that was just an index and not a “real” database. We have selected ClickHouse for a few reasons: It is open source and developed by a vibrant community. It is very efficient in both speed and size, that were the main features for which we created nIndex. This is very …
ntop

n2n 3.0 is Here !
During the last year, long discussed ideas turned into implemented functionalities – adding remarkably to n2n’s rich feature set and each of them worthy of note. The level achieved made us think it justified even a major release. Welcome, n2n 3.0 ! Starting from this stable platform, future versions of n2n’s 3.x series will further promote its versatility while keeping up compatibility. To achieve this, development will mainly focus on areas outside the underlying core hole-punching protocol and will include but probably not be limited to connection handling, management capabilities, …
ntop

Introducing PF_RING ZC Support for Mellanox Adapters
PF_RING ZC is ntop’s high-speed zero-copy technology for high speed packet capture and processing. Until now ZC supported 10/40/100 Gbit adapters from Intel based on ASIC chips, in addition to the FPGA-based 100 Gbit adapters already supported by PF_RING including Accolade/Napatech/Silicom. This post is to announce a new ZC driver, known as mlx, supporting a new family of 100 Gbit ASIC-based adapters, this time from Mellanox/NVIDIA, including ConnectX-5 and ConnectX-6 adapters. The supported ConnectX adapters from Mellanox, in combination with the new mlx driver, demonstrated to be capable of high performance, by …
ntop

Introducing PF_RING 8.0: Batch Packet Processing and XDP Support
This is to announce a new PF_RING release 8.0. This new stable version includes enhancements for improving application performances, by adding support for batch processing also in the standard API (it was already available in the ZC API), and consolidates XDP support, which has been reworked to fully leverage on the latest Zero-Copy support and buffers management and take full advantage of the native batch capture. This release also adds support for the latest kernels to the ZC drivers for Intel adapters, including those shipped with CentOS (8.4) and Ubuntu LTS (20) …

High-performance network traffic monitoring and analysis tools.

Explore
Newsletter
Subscribe