ntopng Edge Use Cases
Small and Medium Enterprises
Small and Medium Enterprises (SMEs) often struggle to protect their networks from unwanted Layer-7 application protocols. Internal rules (e.g., company ethics and conduct rules) or external regulations (e.g., GDPR) may impose limits on the websites visited as well as on the Layer-7 application protocols used in the network. For example, cloud storage may not be allowed to prevent employees from uploading sensitive data to the cloud. Similarly, access to recreational sites such as FaceBook and YouTube may be limited or not allowed during normal office hours.
nEdge can enforce such kinds of rules and regulations without requiring changes in the network topology that can be expensive and create conflicts with pre-existing equipments and configurations. nEdge can also generate alerts when a new device connects to the network, and block possibly dangerous protocols like file sharing protocols, SSL traffic with no certificate and VPN tunnels.
Internet Access Providers
Hotels, bars and restaurants, malls, and more in general public places, almost always provide complimentary or paid internet access. Hotels offer Internet access to their guests. Similarly, bars and restaurants provide Internet access to their customers. However, it is common for those providers to have a single Internet gateway, which is usually the same as the one being used by the hotel staff. Under these circumstances, a misbehaving client, or just a large number of connected devices, can easily jeopardize the Internet access and undermine normal business operations. Today, critical operations such as Point-Of-Sale (POS) payments, reservations, and accounting must be performed online and a broken Internet access almost immediately translate into a loss of money.
nEdge helps in protecting business-critical operations by automatically identifying normal guests and staff people and devices, and prioritizing their traffic according to different policies. So for example on can guarantee a minimum bandwidth to the staff, and allow guests to run at full bandwidth only when when the staff is idle. Moreover, guests’ bandwidth can be evenly divided among all the active guests, so that a single user won’t be able to jeopardize the Internet access. For further control, some bandwidth-consuming protocols like BitTorrent can also be disabled or throttled down to a very small portion of the total available bandwidth.
Multi-Homed Internet Access Providers
nEdge includes advanced functionalities specifically designed for private Internet access providers, characterized by the presence of a number of Internet gateways with different speeds and costs (e.g. WiFi, 3G, SAT). In these environments there are often different users plans, for example:
- Basic User: can only use WiFi, with a rate limit.
- Normal User: can use WiFi by default, but are also allowed to use 3G if WiFi is not available.
- Gold User: can use any of the available gateways, with bandwidth reserved.
Users should always use the less expensive gateway available, based on their plan. If such a gateway becomes unavailable, users should use an alternative gateway, according to gateways priority and users plans, and switch back to the less expensive gateway when available.
nEdge can manage manage scenarios such as those described above. It is just a matter of configuring multiple gateways with priority and routing policies based on the users plans. nEdge also takes care of failover and load balancing, monitoring the gateways status and switching to higher priority gateways (less expensive or more performant) when available.