ntop and Kentik bring nProbe to the Cloud
Traditionally nProbe is used as a host-based network monitoring probe able to produce “augmented” flow records including performance monitoring, security and visibility information. We have a common...
View ArticleClik here to view.
Introducing nBPF: line-rate hardware packet filtering (yes Wireshark at 100G...
Modern network adapters such as Exablaze, Napatech and Silicom’s Intel FM10K, support hardware filters. Unfortunately every company has its own way to set filters, no unified API, and no support of...
View ArticleClik here to view.
Filtering Terabytes of pcaps using nBPF and Wireshark
In a previous post we introduced our new nBPF library that able to convert a BPF filter to hardware rules for offloading traffic filtering to the network card. We did not mention that the same engine...
View ArticleSee You Next Week at the ntop Users Meeting
This is to renew the invitation to meet you next week at the ntop users meeting colocated with Sharkfest Europe. The event is free of charge but seats are limited. More information can be found here....
View Articlentop Users Meeting 2016 Retrospective
Earlier this week we have organised a ntop user’s workshop hosted at Sharkfest EU 2016. For those who have not been able to attend this session, below you can find the slides we have used for...
View Articlentopng MySQL Flow Export: Increase the Maximum Number of Open Files
ntopng uses partitioned MySQL tables when storing flows. As MySQL needs a file handle for each partition and its index, it is important to make sure that the open_files_limit is large enough to allow...
View ArticleClik here to view.
Stream That Flow: How to Publish nProbe/Cento Flows in a Kafka Cluster
Apache Kafka can be used across an organization to collect data from multiple sources and make them available in standard format to multiple consumers, including Hadoop, Apache HBase, and Apache Solr....
View ArticleMonitoring VoIP Traffic with nProbe and ntopng
VoIP applications usually limit theirs monitoring capabilities to the generation of CDR (Call Data Records) that are used for the generation of billing/consumption data. In essence you know how many...
View ArticleFlow-Based Monitoring, Troubleshooting and Security using nProbe
nProbe is a tool developed over the last 10 years, and thus it has been extended and improved year by year. However many users, even those who are using it since a long time, might not know all its...
View ArticleClik here to view.
Clustering Network Devices using ntopng Host Pools
In computer networks, devices are identified by an IP and a MAC. The IP can be dynamically assigned (so it might not be persistent), whereas the MAC is (in theory) unique and persistent for identifying...
View ArticlePositioning PF_RING ZC vs DPDK
Last week I have met some PF_RING ZC and DPDK users. The idea was to ask questions on PF_RING (for the existing ZC users) and understand (for DPDK users) whether it was a good idea to jump on ZC for...
View ArticleCollecting Proprietary Flows with nProbe
nProbe has been originally designed as an efficient tool able to capture traffic packets and transform them into flows. Call it network probe or sensor. Over the years we have added the ability to...
View ArticleWhat Is a Microburst and How to Detect It?
It’s not uncommon to see network administrator struggling tracking down packet drop on network equipments at interface level, while having a low average link utilisation. At the end it often turns out...
View ArticleMeet ntop on April 28th @ Microsoft Munich
This year we’ve accepted the invitation from Wuerth-Phoenix to be part of their Roadshows 2017 and talk about network and system monitoring. The first workshop will be in Munich, Germany on April 28th....
View ArticleFilling the Pipe: Exporting ntopng Flows to Logstash
Logstash comes in very handy when it is necessary to manipulate or augment data before the actual consolidation. Typical examples of augmentation include IP address to customer ID mappings and...
View ArticleCapture, Filter, Extract Traffic using Wireshark and PF_RING
Last year we introduced our new nBPF library able to: 1. Convert a BPF filter to hardware rules for offloading traffic filtering to the network card, making it possible to analyse traffic at 100G. 2....
View ArticleNetwork Security Analysis Using ntopng
Most security-oriented traffic analysts rely on IDSs such as Bro or Suricata for network security. While we believe that they are good solutions, we have a different opinion on this subject. In fact we...
View ArticlePF_RING 6.6 Just Released
After almost one year of development, this is to announce the release of PF_RING 6.6. In this release we have worked on different areas: Introduced nBPF, a software packet-filtering component similar...
View ArticleIntroducing n2disk 2.8 with Microburst Detection
Together with PF_RING 6.6, today we also released n2disk 2.8. In this release we introduced support for microburst detection in order to spot traffic bursts, which is crucial in identifying potential...
View ArticleIntroducing nScrub: Powerful yet Affordable DDoS Mitigation
ntop has always tried to make the Internet a better place by developing many open-source network monitoring tools, and releasing all the software at no cost to non-profit and education. A few years...
View Article