ntopng – Page 5

What is OT, ICS, SCADA ? Operational Technology (OT) refers to computing systems that are used to manage industrial operations or process operations, like water treatment, electrical power distribution or wrapping a chocolate in foil. ntopng supports some Industrial control systems (ICS) protocol often managed via a Supervisory Control and Data Acquisition (SCADA) systems. Via …

Announce

May 2, 2023

Introducing Smart Recording in n2disk: Combining Cybersecurity with Packet-to-Disk

In short Continuous network traffic recorders are applications (or appliances) that write network traffic on disk. In case of issues (e.g. security breach or network outage) they enable network and security analysts to go back in time and see how a problem originated. The main limitation of this practice is that a lot of data …

nProbe

May 1, 2023

Now available ntopng/nprobe ARM64 Docker Images

Supporting 64 bit ARM platforms is important because there is now a plethora of inexpensive boards based on this architecture. Thanks to the use of docker containers, several manufacturers allow their devices to take advantage of this technology to run third-party software on devices that used to be not extensible. Here you can read how …

nProbe

April 26, 2023

How To Analyse Asymmetric VLAN Traffic

A VLAN is a method for partitioning a layer two broadcast domain creating virtual networks of homogeneous systems hence promoting network segmentation. A ethernet port with no VLAN tag is called access port, whereas a switch port with VLAN-tagged packets is called tagged or trunk port. End systems are usually connected to access ports meaning …

nProbe

April 14, 2023

How Flow-Based Traffic Classification Works

Many ntop products such as ntopng, nProbe, and PF_RING FT just to name a few are based on network flows. However not all our users know in detail what is a network flow, and how it works in practice. This blog post describes what they are and how they work in practice. What is a …

ntopng

April 14, 2023

Going Beyond 5-Tuple in Network Flow Analysis

Traditionally flow-based tools are based on the 5-tuple attributes (source and destination IP, source and destination port and the protocol field). Often they are complemented with additional attributes such as VLAN or Tunnel Id in order to avoid mixing in the same flow packets that belong to different communications. The above picture shows the 5-tuple …

ntopng

April 3, 2023

Announcing ntop Professional Training: May 2023

ntop tools range from packet capture, traffic analysis and processing, and sometimes it is not easy to keep up on product updates as well master all the tools. This has been the driving force for organising ntop professional training: . This is to announce that in May we have scheduled the next ntop Professional Training …

ntopng

March 20, 2023

How to Keep your Infrastructure Healthy with ntopng

Almost 3 years ago we introduced Active Monitoring support in ntopng. This allows you to monitor the infrastructure and make sure that all systems are operational. In fact ntopng can continuously monitor hosts in your network by periodically running different active measurements including: ICMP, which measures the RTT (Round Trip Time). Continuous ICMP, which evaluates network reachability …

ntopng

February 9, 2023

ntop Webinar: Introduction to ntopng 5.6 and the New nBox UI

This is to invite you to attend a webinar about ntopng 5.6. This webinar will walk you through the innovations introduced with ntopng 5.6 stable release that we introduced at the end of January. You can learn the new features and get acquainted with the changes that have been introduced in the web interface. Finally, …

ntopng

February 6, 2023

Using ntopng as an Actionable Event-Driven Traffic Analysis Application FOSDEM23

Yesterday we have presented at FOSDEM in the network devroom we headed, a talk about ntopng. Below you can find the video of the presentation and the presentation slides. Enjoy ! …

ntopng

February 2, 2023

Introducing ntopng 5.6: New Reports and Cybersecurity Indicators, Kafka, Lua/Python API, Flow Collection Clustering

This is to announce the availability of ntopng 5.6 stable release that brings several additions and improvements: We have started to introduce responsiveness in ntopng GUI by means of VueJS. All timeseries and historical pages are now rewritten to take advantage of modern web technologies. You can now compare timeseries across hosts, devices, or anything …

ntopng

January 30, 2023

Using Multitenancy in ntopng

Not all ntop users know that ntopng natively implements multitenancy support. Namely you can use ntopng to collect and analyse traffic from multiple users, and show to each user its own traffic, hiding all the rest. All you need to do is very simple Start ntopng and configure it to receive monitored traffic. You can …

OT, ICS, SCADA: IEC 60870-5-104 in ntopng

Introducing Smart Recording in n2disk: Combining Cybersecurity with Packet-to-Disk

Now available ntopng/nprobe ARM64 Docker Images

How To Analyse Asymmetric VLAN Traffic

How Flow-Based Traffic Classification Works

Going Beyond 5-Tuple in Network Flow Analysis

Announcing ntop Professional Training: May 2023

How to Keep your Infrastructure Healthy with ntopng

ntop Webinar: Introduction to ntopng 5.6 and the New nBox UI

Using ntopng as an Actionable Event-Driven Traffic Analysis Application FOSDEM23

Introducing ntopng 5.6: New Reports and Cybersecurity Indicators, Kafka, Lua/Python API, Flow Collection Clustering

Using Multitenancy in ntopng