ntopng is not typically classified as an Intrusion Detection System (IDS) in the traditional sense, but it does have some features that overlap with IDS functionalities. Let me explain the differences and how ntopng might serve a similar role: What is ntopng? ntopng is an open-source network traffic monitoring tool that provides visibility into network […]

In order to assist our community with 24/7 support, we have built an AI/LLM-based bot that has been trained on the ntop documentation (all products including ntopng, nProbe, nDPI…) and blog posts on this website. Currently this service is available in beta version and it is accessible using Discord on our ntop server (read here […]

In flow (sFlow/NetFlow/IPFIX) collection, nProbe acts as a “flow processor” for ntopng . nProbe is responsible for sending ntopng flows after they have been processed that includes Collection mode: flow normalization that is the process of converting flows on a format that ntopng can understand. This happens if flow exporter devices (e.g. a router) use […]

Today we report how ntopng has been used by Alabus AG to improve the corporate security (German version down this page). Enjoy ! PS. ntop users are very welcome to contact us reporting how they use ntop tools. ntop is used as a basis for analyzing the entire network traffic and it generates a very […]

Next year the ntop community will meet in Zürich, Switzerland  for a two days event (training and conference) on May 7 and 8th. As already happened in the past, we want to meet our users and discuss with them what we have done and what are the future directions to take. This event will not […]

Starting with nDPI 4.10, we have introduced a new feature called First Packet Classification (FPC). Goal of this technique is to address one problem of DPI that detects a protocol only when traffic has been dissected. This means that for TLS you need a few packets (usually between 5 and 10) for protocol dissection, as […]

ntop tools range from packet capture, traffic analysis and processing, and sometimes it is not easy to keep up on product updates as well master all the tools. This has been the driving force for organising ntop professional training. This is to announce that in October we have scheduled the next ntop Professional Training session. […]

ntop users who have enabled ClickHouse, know that they can search/aggregate/export historical flows and create customized reports. However, in the past months some of our users were uncomfortable of this approach as they preferred to seamlessly analyze historical as live data with the full power of ntopng. In the latest ntopng version we have added […]

In mid August we have refreshed most ntop tools, that include new features, enhancements and fixes. This webinar will walk through the major release changes and show what you should expect from this new release. Finally we will present developments plans so you can comment and provide feedback. Here you can find the presentation slides, […]

We’re happy to announce ntopng 6.2, a 10 months long development cycle. We have changed a few things in the UI and under the hood. Many pages as the flow page have been rewritten from scratch for responsiveness and usability Mitre Att&ck has been integrated in alerts, flow risks and  dashboards.As you can see we […]