ntopng Edge Inline Layer-7 Applications Traffic Blocking and Throttling


ntopng Edge performs Deep Packet Inspection using the home-grown nDPI library to first detect and then block or throttle Layer-7 application protocols. Layer-7 policies can quickly be set for example to prevent unwanted applications from being used by certain devices.

Examples of Layer-7 policies that can be set are:

  • “Block BitTorrent and Tor traffic generated from company’s workstations”
  • “Throttle media streaming to at most 10% of the available download bandwidth”
  • “Only allow printers to perform IPP and block any other kind of traffic they could try to generate”

This kind of policies is very powerful even when it comes to security. Think to IoT devices, for example. Such devices are very often shipped with old, outdated firmwares and they rarely receive security updates. Hence, they have the potential to open security breaches in your network.  Being able to enforce a set of secure, permitted Layer-7 applications will ‘wrap’ insecure IoT devices in a secure, protected environment that stays ahead of threats.

However, being able to set policies on certain devices is just a part of the story. As humans often like to think less in terms of devices and more in terms of other humans when it comes to control who is accessing the internet, ntopng Edge allows to enforce policies on Internet “users”. No matter if Simone is using his iPad, his iPhone, or his Xbox. Simone is just a human that is accessing the Internet and ntopng Edge allows to enforce policies for Simone, policies that are transparently applied to all his devices as if they were a single one.

Policies on Internet “users” that can be enforced with nEdge include:

  • “Don’t let the kids Maria and Nate play online games now that is dinner time”
  • “Only allow John to perform Apple updates at night”