This is to announce the release of ntopng 1.1. The main changes with respect to 1.0 include:
- Enhanced web GUI with new menus and extension of previous sections.
- Ability to specify multiple interfaces simulatenously (just repeat -i).
- Performance improvements both in nDPI and the ntopng engine (yes multi-Gbit traffic analysis is possible).
- Several enhancements to the flow collection interface (note that you need the very latest nProbe) that is not much faster and written in native C++ code.
- Added Google Maps support and HTML 5 map geolocation support.
- Ability to save flows (both collected and computed from packets) in SQLite format (-F).
- Introduced data aggregations (-A) for clustering information based on homogeneous information (e.g. HTTP servers contacted or DNS hosts resolved).
- Implemented passive OS detection by dissecting, via nDPI, HTTP request headers.
- Added compatibility with embedded platforms such as RaspberryPi and BeagleBoard.
- Added several new reports.
- All report counters have not an activity icon.
- Added icons in menu headers and HTML pages.
- Extended host reporting information with new reports and enhancements to existing ones.
- Fixed various interface and engine bugs.
- Reduced memory usage.
- Added activity map for having at 1-second visibility of hosts activities.
In the next release we will focus on various areas including (but not limited to):
- Ability to deploy ntopng based sensors across the Internet while accessing them from a single GUI (read it as: create a centralized monitoring console based on a plethora of distributed ntopng monitoring instances).
- Cloud support for remote data storage.
- Custom reports for selected protocols such as VoIP and HTTP for providing detailed activity reports.
- New graphical reports for depicting data that is currently not yet/properly displayed.
- Ability to visualize stored/historical flows already saved by ntopng.
- Comparison of hosts activities to spot similarities and non-standard behavior.
Enjoy!