The latest generation of network devices are pretty powerful and open. This means that such devices ship with a Linux-based distribution such as OpenWRT or UniFI OS. In these devices it is possible to install third party software as the CPU is pretty powerful, there is some storage and memory available for running additional applications. In this blog post we want to describe our experience with two of these devices where it is possible to install ntop tools. This allows the network traffic to be monitored without having to install additional equipment such as a network tap or a port mirror that sends monitored traffic to a PC running monitoring tools. This is a good advantage as with a simple software upgrade it is possible to have traffic visibility even on home networks.
Nokia Beacon
The Nokia WiFi Beacon is a family of WiFi mesh devices using OpenWRT whose source code is available at this URL.
We have ported nProbe to Nokia WiFi Beacon 6, by cross-compiling on a Ubuntu 18.04 LTS for building a .ipk OpenWRT package that can be installed with sudo opkg install https://packages.ntop.org/Nokia/Beacon6/nprobe_9.1.200819-1_ipq.ipk after you have ssh to your Beacon6 device.
UniFi Dream Machine
Ubiquiti Dream Machine is a powerful network appliance based on UniFi OS, Ubiquiti’s Linux-based OS.
On this device is possible to install native packages or even run containers. ntopng-udm is a prebuilt Docker image of ntopng ready to run on UDM or UDM PRO and able to run ntopng natively on the device.
There are many other devices that could be used in similar ways. At ntop we’re making experiments with embedded devices in order to bring visibility to the network edge where monitoring tools are either missing or poor (always the old same monitoring tools based on IP/port/bytes/packets with no DPI or quality indicators. Stay tuned and attend our upcoming mini conference 2020 to know more about this topic.
Enjoy!