ntopng Edge (a.k.a. nEdge)
Protects all of your digital assets and online activities
ntopng Edge is a software application designed to solve a few problems:
- Bind devices to users
- Specify per-user layer-7 protocol policies (e.g. use X can use protocol Y)
- Protect the network from malware and connections from/to unsafe destinations.
- Make sure that the available Internet bandwidth is shared evenly by preventing bandwidth hogs.
Make the Network A Safe Place Again
ntopng Edge ensures the Internet is always available for business-critical applications by preventing misbehaving hosts from jeopardizing the bandwidth. ntopng Edge also secures the network against unwanted traffic such as torrents or cloud uploads that can pave the way for data breaches.
|Ensured Internet availability||Layer-7 applications traffic blocking/throttling|
|Inline unsafe traffic blocking||Service micro-segmentation|
|Active and silent devices discovery||Easy to install and simple to use|
Ensured Internet availability
ntopng Edge helps network administrators ensure a smooth, controlled operation of complex networks by accurately managing the many different connected devices that compete to access the Internet. It provides an intuitive Web-Based graphical interface to control how the available Internet bandwidth is used among the devices. The maximum download and upload bandwidths can easily be policed for any device with just a handful of clicks.
Layer-7 applications traffic blocking/throttling
It is often hard to protect networks from unwanted applications traffic. In addition, internal rules (e.g., company ethics and conduct rules) and external regulations may impose limits on the allowed websites as well as on the Layer-7 applications traffic permitted. Are you fed up with people using cloud services or with those that are downloading copyrighted contents Are your employees spending to much time visiting recreational sites during normal office hours? ntopng Edge can enforce policies to block or throttle Layer-7 applications traffic without requiring changes in the network topology that can be expensive and create conflicts with pre-existing equipments and configurations.
Inline unsafe traffic blocking
ntopng Edge integrates safe DNS with IP and domain lists to provide continuous protection. If someone is trying to contact a malicious host or if a malicious host is trying to reach someone on your network. ntopng Edge will automatically generate an alert and block communications involving a malicious peer. And if you want to be real-time informed on ongoing threats, simply configure the Slack integration to receive alerts on the smartphone!
With service micro-segmentation, administrators create policies that explicitly permit only certain traffic to be exchanged. Policies, security settings are tailored individually on an host basis, depending on the role and function of each host. In this zero-trust security model, ntopng Edge allows you to set up policies. For example, it can force IoT sensors to only talk MQTT, or Web servers to only talk HTTP/HTTPS with clients and MySQL with backend database servers.
Active and silent devices discovery
ntopng Edge discovers and accurately categories all the devices connected to the network, including those that are silent. Discovery and identification produce a rich set of information that include the device type, family, and (when possible) the model and the operating system for a wire range of devices. ntopng Edge also detects new network connected devices, as well it can send alerts when unknown devices.
How Does It Work?
ntopng Edge expects to protect a Local Area Network (LAN), so called edge. Typically, clients and digital assets that require protection reside in the LAN and must go through the WAN to browse the Internet.
ntopng Edge creates a transparent bridge between two network interfaces, one connected to a LAN and the other to a WAN. nEdge operates over the bridge where configured network policies are enforced.
This is the right mode for you if …
… you need a quick and transparent way to secure LAN-to-WAN communications without reconfiguring any devices or IP address.
ntopng Edge routes the traffic and decides which traffic should be routed and which traffic should be discarded. Multiple WAN interfaces are supported to allow also decisions on which WAN interface should be used for the routing.
This is the right mode for you if …
… if you want to create a (single-LAN or multi-WAN) router that routes traffic on a per-device basis as well as on Layer-7 applications.
- Captive portal
- Authenticate users with a login page before allowing them to access the Internet. Authentication facilitates the association between a user and his/her devices, and the consequent enforcement of configured policies.
- Load Balancing and Failover
- In Router Mode, when multiple WANs are configured, powerful routing policies can be implemented on a per-user basis.
Easy to Install and Simple to Use
See the getting started video for a brief installation guide and use tutorial.
Note nEdge takes over the control of your system during the initial setup, reconfiguring all the network interfaces of the system.
SMEs often struggle to protect their networks from unwanted Layer-7 application protocols. Internal rules or external regulations may impose limits on the websites visited as well as on the Layer-7 application protocols used in the network. nEdge helps SMEs by restricting the use of unauthorized/unwanted traffic, including that towards recreational sites and social networks.
Internet Access Providers
Hotels, bars and restaurants, malls, and more in general public places, almost always provide complimentary or paid internet access. nEdge helps in protecting business-critical operations by automatically identifying normal guests and staff people and devices, and prioritizing their traffic according to different policies.
nEdge features advanced functionalities specifically designed for multi-homed Internet access providers, characterized by the presence of a number of Internet gateways with different speeds and costs (e.g. WiFi, 3G, SAT). Powerful policies can be implemented to route the traffic towards one or more gateway on the basis of the user type (e.g., premium vs basic).
ntopng Edge comes in two versions, Professional (Small Business Edition) and Enterprise. Features are highlighted in the following table.
|Ensured Internet availability
|Layer-7 applications traffic blocking/throttling
|Inline unsafe traffic blocking
ntopng Edge is available for Ubuntu 16.04 LTS x64. Please refer to the documentation for further details.
You can install it from the ntop packages site.