nProbe complies with the IPFIX specification

Posted · Add Comment

Last week I have participated to an IPFIX interoperability event held in Prague, right before the IETF 80. In the picture below you can see me between Benoit Claise (Cisco, one of the IPFIX/NetFlow fathers) and Jiri Novotni (Invea-Tech).

nProbe 6.3.x has been successfully tested against all the available implementations including Vermont, SiLK, nfdump/IPFIX (Cesnet). nProbe has passed all the IPFIX interoperability tests as both probe (over SCTP, UDP, and TCP) and collector (UDP), dissecting both IPv4 and IPv6 traffic, and also converting NetFlow-Lite flows into IPFIX flows. Most of you are still using nProbe over udp only, but you should know that you can specify other transports as follows: nprobe -n <proto>://<IP>:<port>. Example:

  • nprobe -n sctp://1.2.3.4:2055
  • nprobe -n udp://fe80::ca2a:14ff:fe18:29ce:2055

PRESS RELEASE

Prague, March 25th 2011

INVEA-TECH’s FlowMon Probe (NetFlow/IPFIX statistics generator) and ntop’s nProbe (NetFlow/IPFIX collector) are mutually compatible and have been successfully tested to be compliant with IPFIX standard. The IPFIX compliance was tested during IPFIX interoperability event held in Prague in March 2011.

The FlowMon Probe and nProbe passed all the IPFIX interoperability tests and were also successfully tested against all available IPFIX implementations (e.g. SiLK, Vermont). INVEA-TECH and Luca Deri mainly focused on deep testing between FlowMon Probe and nTop collector to make them perfectly compatible with each other. The whole process results in a possibility to use professional appliance (FlowMon Probe) for network monitoring and exporting data in IPFIX to nProbe (open-source collector) which supports all available IPFIX features.

About INVEA-TECH:

INVEA-TECH is an European vendor. We develop and market comprehensive network solutions for networks from 10Mbps to 10Gbps and more. The core idea of the company is to provide complete range of innovative products and services for network security, network monitoring, traffic analysis and hardware-accelerated applications development. Our flagship product is FlowMon – complete flow (NetFlow/IPFIX) monitoring and security solution for all networks from 10Mbps to 10Gbps.

About ntop:

ntop develops open-source traffic monitoring solutions running on commodity hardware. In addition to nProbe, Its portfolio includes a Linux packet capture acceleration including virtual machine support, and packet-to-disk applications.