Zoom is a popular platform for video communications and team collaboration. As many other cloud services, network administrators need to supervise Zoom network traffic usage. DPI toolkits such as nDPI are useful for identifying Zoom traffic for supervising the network bandwidth used by your Zoom calls. Recently we have took advantage of this research work […]
What’s New in ntopng: Network Assets
Hello everybody! Welcome back to the weekly blog post of this serie used to update you with the latest ntopng features and graphical changes. Please let us know your feedback! Today we are going to talk about the Asset Map. Have you ever asked yourself, what are the NTP servers in your network? Or, are […]
Introducing Lua-based Host and Flow Behavioural Checks
With ntopng version 5 we have migrated performance sensitive sections of the ntopng engine from Lua to C++. This has enabled ntopng to scale up nicely while reducing resource needs such as CPU and memory. The drawback is that writing behavioural checks in C++ is not something that everyone can do. For this reason we […]
What’s New in ntopng: Periodic Activities (a.k.a beaconing) !
Hello everybody! Welcome back to the weekly blog post of this serie used to update you with the latest ntopng features and graphical changes. Please let us know your feedback! Today we are going to talk about the Periodicity Map. You are probably asking yourself what’s so bad about periodic activities, right? First of all, […]
HowTo Deploy nProbe and ntopng on the Cloud
Some of our customers deploy ntopng on the cloud in order to collect flows coming from private nProbe instances often deployed on private networks or clouds. Thanks to ZMQ/Kafka communications, data sent by nProbe to ntopng travel encrypted; this is contrary to many other cloud-based collectors that instead receive clear-text IPFIX/NetFlow flows sent by exporters […]
Deploying ntopng at Scale: Jessa Ziekenhuis
This is a report from one of our users from the field, who decided to use ntopng to monitor a large network. Many thanks to Bjorn for sharing this information with our community. Our network Jessa Ziekenhuis is one of the biggest, non-academic, hospitals in Belgium. Spread over 4 campuses, we manage 3 data […]
What’s New in ntopng: Host Traffic Analysis
Hello everybody! Welcome back to the weekly blog post of this serie used to update you with the latest ntopng features and graphical changes. Please let us know your feedback! Today we are going to talk about Host Traffic Analysis. When analyzing traffic generated by a host, one of the main metrics we are interested […]
Howto use Kafka (instead of ZMQ) For Reliable Flow Collection and IPC
Historically, we have used ZMQ for interconnecting nProbe to ntopng, as this is a fast and simple messaging system. However one of they key advantage of ZMQ of being broker-less is sometime a problem. In case of maintenance, traffic peaks, or unreliable communications, the ZMQ communication between nProbe and ntopng will drop flows with the […]
What’s New in ntopng: Alert Severities
Hello everybody ! We are going to use this new blog-post serie to explain ntopng new features and graphic changes; let we know your feedback! Today we are going to talk about Alert Severities. In ntopng, Alert Severities, are really important because they are used to understand how severe a problem is. Unfortunately we noticed […]
Malware Traffic Analysis in ntopng
ntop users have started to use our tools for malware analysis as contrary to packet sniffers or text-based security tools, ntopng comes with a web interface that simplifies the analysis. For this reason we have recently: Added the ability to upload a pcap file to ntopng using the web GUI, so that you can analyze […]