ntop believes in education, research, and no-profit and for this reason ntop tools have been them offered free of charge. Today we’re pleased to hear how they have helped young students to monitor and administer networks.
Enjoy !
Introduction
When teaching network monitoring and administration at the University of Applied Sciences in Fribourg (Switzerland), it is essential to provide tools to our bachelor students in computer science that enable them to observe and analyze traffic in real time. ntopng, an open-source network monitoring solution, is an appropriate choice for illustrating the fundamental concepts of traffic monitoring and management. The software supports a range of protocols, including NetFlow, sFlow, and IPFIX, making it a powerful tool for traffic analysis.
Why we choose ntopng?
The use of ntopng in our teaching environment is based on several key factors:
- Intuitive, accessible interface: The web interface provides a clear view of network traffic in real time.
- NetFlow support: Flow analysis is crucial for understanding network behaviour and detecting anomalies.
- Detailed analysis capability: It provides statistics on protocols, applications, and IP addresses, offering complete network visibility.
- Threat detection: ntopng incorporates mechanisms for detecting suspicious activity, useful for raising awareness of security issues among students.
Implementation and use
At our university, ntopng is installed on a dedicated server and receives NetFlow flows from various routers and switches on our network. Every student group has a dedicated ntopng server.
Students learn how to interpret the data displayed in the ntopng web interface, in particular :
- Traffic flows between different sources and destinations.
- Applications that consume the most bandwidth.
- Network usage trends and peaks.
Case studies and simulations
We set up teaching scenarios, such as :
- Detecting a bottleneck: Analysis of the causes of network saturation.
- Identifying abnormal behaviour: Study of a case of compromise or suspicious flows.
- Optimising bandwidth: Identifying the applications that consume the most bandwidth to suggest management strategies.
Experience and feedback
Using ntopng in our university context enabled students to gain a better understanding of :
- The concepts of network supervision and traffic analysis (network metrology)
- The impact of different applications on bandwidth usage.
- The implementation of effective monitoring to prevent and diagnose network problems.
Conclusion
By integrating ntopng into our training, we have enriched our teaching approach by offering students a powerful and accessible tool for network supervision. Its support for NetFlow enables detailed traffic analysis, making it easier to understand the mechanisms underlying the administration of a computer network (virtual or real).
About
François Buntschu is an associate professor at the HES-SO (University of Applied Sciences and Arts – Western Switzerland in Fribourg) since 2001. He has a master’s degree in computer sciences and holds the CCIE (Cisco Certified Internetwork Expert). He formerly worked as a network expert for Swiss companies. His main research and teaching focuses are on networking, cybersecurity, network automation and supervision, virtualization, and cloud.