Clik here to view.
Hardware Traffic Duplication on Intel Adapters Using PF_RING
Those of you who are familiar with kernel-bypass drivers like PF_RING ZC know that it is not possible to run multiple applications on top of the same Network interface and capture the same traffic...
View ArticleClik here to view.
How to Keep your Infrastructure Healthy with ntopng
Almost 3 years ago we introduced Active Monitoring support in ntopng. This allows you to monitor the infrastructure and make sure that all systems are operational. In fact ntopng can continuously...
View ArticleAnnouncing ntop Professional Training: May 2023
ntop tools range from packet capture, traffic analysis and processing, and sometimes it is not easy to keep up on product updates as well master all the tools. This has been the driving force for...
View ArticleClik here to view.
Going Beyond 5-Tuple in Network Flow Analysis
Traditionally flow-based tools are based on the 5-tuple attributes (source and destination IP, source and destination port and the protocol field). Often they are complemented with additional...
View ArticleClik here to view.
How Flow-Based Traffic Classification Works
Many ntop products such as ntopng, nProbe, and PF_RING FT just to name a few are based on network flows. However not all our users know in detail what is a network flow, and how it works in practice....
View ArticleClik here to view.
How To Analyse Asymmetric VLAN Traffic
A VLAN is a method for partitioning a layer two broadcast domain creating virtual networks of homogeneous systems hence promoting network segmentation. A ethernet port with no VLAN tag is called access...
View ArticleNow available ntopng/nprobe ARM64 Docker Images
Supporting 64 bit ARM platforms is important because there is now a plethora of inexpensive boards based on this architecture. Thanks to the use of docker containers, several manufacturers allow their...
View ArticleClik here to view.
Introducing Smart Recording in n2disk: Combining Cybersecurity with...
In short Continuous network traffic recorders are applications (or appliances) that write network traffic on disk. In case of issues (e.g. security breach or network outage) they enable network and...
View ArticleClik here to view.
Using nDPI to Monitor Streaming, Messaging and Social Network Traffic
We have created nDPI to label network traffic and extract metadata such as the URL or TLS certificate information. nDPI is the layer on top of which ntop applications are sitting. This time we do not...
View ArticlentopConf’ 23 Call for Talks is now Open
This year ntop will turn 25. Our call for speakers for the ntop conference 2023 (Pisa, Sept 21-22) is now open. Deadline is June 30th. We want to hear you voice, experience, projects based on ntop...
View ArticleHow to Enable Smart Recording in ntopng (and n2disk)
Recently, we have introduced Smart Recording in n2disk to combine Cybersecurity with Packet-to-Disk. In this previous post (and in the documentation) we described the idea behind it and described how...
View ArticleClik here to view.
OT, ICS, SCADA: IEC 60870-5-104 in ntopng
What is OT, ICS, SCADA ? Operational Technology (OT) refers to computing systems that are used to manage industrial operations or process operations, like water treatment, electrical power distribution...
View ArticleClik here to view.
OpenAPI: ntopng REST API for Software Developers
Maybe not all of you know that ntopng powers in some popular monitoring systems such as CheckMK and Centreon. The integration is made possible through the ntopng REST API (REST stands for...
View ArticleClik here to view.
Enabling Zeek and Suricata On-Demand at 40/100 Gbit using PF_RING
Overview Those of you who have some experience with IDS or IPS systems, like Zeek and Suricata, are probably aware of how CPU intensive and memory consuming those applications are due to the nature of...
View ArticleClik here to view.
Introducing Modbus Traffic Monitoring in ntopng
Modbus is an industrial protocol used to communicate with automation devices. The initial protocol version was implemented over a serial layer, whereas the current version named ModbusTCP is a variant...
View ArticleClik here to view.
Scaling Up ntopng Flow and Packet Processing
As traffic rate increases, it is important to tune packet processing in order to avoid drops and thus educe visibility. This post will show you a few tricks for improving the overall performance and...
View ArticleRegister for ntop June 2023 Webinar: June 20th 3PM CET / 9 AM EST
This is to invite you to the latest ntop webinar before the summer break. The major webinar topic will include n2disk smart packet recorder Latest OT/SCADA Developments; IEC 104 and ModbusTCP...
View ArticleClik here to view.
Monitoring Microsoft Teams Performance and Video/Call Quality
Months ago we have talked how ntopng identifies ad monitors Zoom calls quality. Today we show how call monitoring has been now seamlessly extended to Microsoft Teams. Thanks to nDPI, ntopng is now able...
View Articlentop June 2023 Webinar Recording
Those who missed our June 2023 webinar can watch the webinar recording as well glance through the presentation slides.
View ArticleClik here to view.
Using Traffic Rules To Supervise Network Traffic
The Problem Let’s assume that you have a Network where local hosts generate a constant amount of traffic. How do you find if they are misbehaving? It happens that some local host starts behaving...
View Article