Every now and then I like to keep you up to date about news in the ntop environment. This time it’s not news about analysis methods or software, but about a new hardware solution. If you’re someone looking for a hardware-based, scalable, optimized, and purpose-built solution, without the hassle of software installation, chances are you’re…
Read MoreAt the end of June, Luca Deri gave a webinar presenting the new features of the next ntopng release. I’d like to take this opportunity now to present these innovations to all of you. The main enhancements of the new release have been made in the following areas: Extension of the ntopng functionalities for the…
Read MoreEver since version 5.4 of nBoxes with the Enterprise L license it’s been possible to use a new feature called Behavior Analysis. Let’s see what it is and how to take advantage of it. This ntopng feature enables monitoring of periodic flows of network traffic, i.e., flows that frequently repeat, by highlighting the services it…
Read MoreThe role of these two components is pretty clear: nProbe has the role of collecting traffic data, while nTop makes that data visible and easily analyzable. There is something, however, that needs to be explicitly stated, which is to decide whether it’s ntopng that should contact nProbe or vice versa, and as we’re in a…
Read MorenTop now uses the nDPI (network deep packet inspection) library to classify packets within network traffic for those protocols that either do not use a standard port (defined as well known ports like https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers and https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml) or that are dynamically assigned. In any case the need to classify not only the packet header but also…
Read MoreA customer with a NetEye installation to which I had added the nTop module asked me if I could integrate nTop’s Grafana Dashboards, so they could view them by consulting NetEye’s ITOA Menu. The installation and configuration of nTop for this client, a task I had already conducted some time ago, was a matter of…
Read MoreA customer asked me to analyze their network flows, with a solution oriented towards using an nBox that collects NetFlow data from a router located away from the branch office, takes it in for analysis, and then sends it to a NetEye Elastic module, which act as an analysis console for that NetFlow data. The…
Read MoreA client with a really large number of routers installed at their client asked me one day to analyze each of those network flows. They hoped that an analysis tool would be able to discover and impose a multitenant configuration all on its own, so that access could be granted to final users while guaranteeing…
Read MoreOne of my clients with a number of routers installed at their own remote location asked me if I could analyze the network flows at multiple locations. Their network architecture is a full mesh, and thus has private subnetworks, data center environments, and even in some cases cloud providers. Complex architectures like this require increasing…
Read MoreIdentify and Mitigate Attacks Protecting against cyber-attacks is becoming a top-priority for corporates around the world. An effective strategy for the protection against such events should focus at least on two dimensions, namely threat intelligence and perimeter defense. Using ntopng and nscrub we demonstrate how to effectively identify and mitigate threats in corporate networks with practical recommendations, guidelines and future directions to effectively…
Read MoreAs did for the last year edition, our DevOps team participated at InfluxDays, a conference organized by InfluxData and focused on time series data. We were really looking at the event with excitement, for all the new features InfluxData is putting into the new InfluxDB 2.0. So, apart from grabbing a very nice t-shirt, we…
Read MoreWho is using your network and how? What kind of traffic does your company generate? Where does slow network performance come from? ntop has the answers. ntop is a network traffic probe that monitors network usage. This solution provides an intuitive, encrypted web user interface for the exploration of both real-time and historical traffic information. In our…
Read MoreNetEye & EriZone User Group Sfide e opportunità per l’IT Management 4.0 Connectbay, Mantova, Giovedì 19 ottobre 11:00 – 17:00 Vi aspettiamo il 19 ottobre al NetEye & EriZone User Group. L’evento offrirà un’occasione unica a tutti i nostri clienti per scoprire le ultime novità nell’IT System & Service Management, individuare i requisiti necessari per adeguarsi al…
Read MoreChi riesce a sapere veramente quali sono i protocolli utilizzati nella rete locale? Solitamente con i netflow si può distinguere il traffico attraverso le porte L4 (80=http,443=https,..) ma non è più sufficiente. Alcune applicazioni usano invece porte dinamiche (vedi nfs, ftp, routed sap, …), altre le porte stesse, come si può allora essere in grado…
Read MoreWer von Ihnen weiß genau welche Protokolle im Unternehmensnetzwerk verwendet werden? Dank NetFlow können wir den Traffic der L4-Ports (80=http,443=https,..) unterscheiden, leider reicht das heutzutage aber nicht aus. Einige Applikationen verwenden dynamische Ports (siehe nfs, ftp, routed sap, …), andere nutzen die selben Ports, wie sollen wir diese noch voneinander unterscheiden? Erschwerend hinzu kommt, dass sich…
Read More