ntopng

As you know, our plan is to release ntopng 2.0 later this spring. While we are still coding the last missing features, we have start packaging the tool so that you can start testing it. We have decided to create two versions of ntopng: Community edition: free open-source version, that you can use at no cost. Professional version: fee-based version, that includes features useful in companies. Of course this version will be free of charge for educations and universities as with all other ntop commercial products. There will also be …

In order to ease the deployment of our applications, in addition to source code distribution, we have released binary packages (x64 and ARM) for CentOS/RedHat and Ubuntu/Debian. For PF_RING, that requires to be compiled against the installed kernel version, we have moved to DKMS so that you are no longer required to use the same kernel version we use for packaging it. However the current trend is going towards virtualised environments (not just VMs such as VMware) and IaaS (Infrastructure as a Service) and thus we need to support them.   Docker …

As you know via ZMQ you can use ntopng as collector for nProbe instances. You can decide to merge all probes into one single ntopng interface (i.e. all the traffic will be merged and mixed) or to have an interface per probe. Example: Start the remote nProbe instances as follows [host1] nprobe --zmq "tcp://*:5556" -i ethX [host2] nprobe --zmq "tcp://*:5556" -i ethX [host3] nprobe --zmq "tcp://*:5556" -i ethX [host4] nprobe --zmq "tcp://*:5556" -i ethX If you want to merge all nProbe traffic into a single ntopng interface do: ntopng -i tcp://host1:5556,tcp://host2:5556,tcp://host3:5556,tcp://host4:5556 If you want to …

The ntopng architecture is divided in three layers: Ingress layer (flow or packet capture). Monitoring engine: the ntopng core. Lua scripting engine Data export layer (via web, syslog or log files). Thanks to the scripting engine, ntopng is fully scriptable. This means that via Lua you can extract the monitoring information and report it into HTML pages or export it to third party applications. The ntopng Lua API is pretty simple it consists of two classes, ntop and interface. ntopng also comes with some example scripts that highlight the main …

This is to announce the release of ntopng 1.1. The main changes with respect to 1.0 include: Enhanced web GUI with new menus and extension of previous sections. Ability to specify multiple interfaces simulatenously (just repeat -i). Performance improvements both in nDPI and the ntopng engine (yes multi-Gbit traffic analysis is possible). Several enhancements to the flow collection interface (note that you need the very latest nProbe) that is not much faster and written in native C++ code. Added Google Maps support and HTML 5 map geolocation support. Ability to save …

Last Saturday 26th of October, we have presented a tutorial on ntopng at the Italian LinuxDay 2013. The slides we used for this presentation can be used to learn the idea behind ntopng and highlight the main design principles. We are also glad that this presentation has been accepted for submission consideration at the Italy in a Day contest, so it might have the chance to become part of this upcoming movie. …