- Aggregated Egress Queue
A queue that is output by nProbe™ Cento which carries traffic that has been aggregated from multiple input interfaces.
- Balanced Egress Queue
A queue that is output by nProbe™ Cento which carries a subset of traffic received from an input interface. The subset is build to make sure packets belonging to the same flow are always forwarded to the same balanced egress queue.
Shorthand for flow collector.
- Egress Queue
A queue that is output by nProbe™ Cento and is consumed by some other software such and an IDS/IPS or a traffic recorder.
Shorthand for flow exporter.
Network packets can be aggregated into logical pipes termed “flows”. A flow is uniquely identified by: source and destination IP addresses, source and destination ports, and layer 4 protocol.
- Flow exporter
A piece of hardware/software that outputs flows to a medium (e.g., over the network, to file, to other other software).
- Flow collector
A piece of hardware/software that collects flows from a medium (e.g., from the network, from file, from other software).
An Intrusion Detection System that detects known threats, policy violations and malicious behaviors.
The Internet Protocol Flow Information Export (IPFIX) is a protocol that defines how to transfer flow data from an exporter to a collector.
An Intrusion Prevention System that protects the network against possible known threats, policy violators and malicious hosts.
A multi-producer, multi-consumer, publish-subscribe distributed messaging system.
The ntop high-performance packet-to-disk software that records network packets to disk and indexes packet metadata in near realtime to enable fast searches.
- NetFlow v5/v9
Standards that define and describe how to aggregate packets into flows, and how to transfer flow data from an exporter to a collector.
The ntop network traffic visualization software.
The act of writing full network packets (i.e., headers and payloads at any level) to persistent storage. See also traffic recorder.
Shorthand for Flow exporter.
The act of filtering network packets that limits the number of per-flow packets to a given fixed value k. Any flow packet that arrives after the k-th is dropped.
An open source network IDS for Unix and Windows.
An IDS/IPS to match on known threats, policy violations and malicious behavior.
The act of filtering network packets that truncates packets right after the IP headers.
The act of filtering network packets that truncates packets right after the TCP/UDP headers.
A standard for message logging.
- Traffic Recorder
A piece of hardware/software that writes network packets to persistent storage (e.g., HDD, SSD, nVME) for archiving purposes or further processing.
A network TAP (Test Access Point) is a hardware device inserted at a specific point in the network to monitor full-duplex data.