ntopng è la versione next generation dell’originale ntop, una sonda del traffico che monitora l’utilizzo della rete. ntopng è basato su libpcap ed è stato scritto in modo “leggero” per poter girare virtualmente su ogni piattaforma Unix, MacOSX e anche su Windows.
ntopng fornisce un’interfaccia utente web intuitiva e crittografata per l’esplorazione di informazioni sul traffico in tempo reale e storico.
[adrotate banner="2"]
Main Features
- Sort network traffic according to many criteria including IP address, port, L7 protocol, throughput, Autonomous Systems (ASs)
- Show realtime network traffic and active hosts
- Produce long-term reports for several network metrics including throughput and application protocols
- Top talkers (senders/receivers), top ASs, top L7 applications
- Monitor and report live throughput, network and application latencies, Round Trip Time (RTT), TCP statistics (retransmissions, out of order packets, packet lost), and bytes and packets transmitted
- Store on disk persistent traffic statistics to allow future explorations and post-mortem analyses
- Geolocate and overlay hosts in a geographical map
- Discover application protocols (Facebook, YouTube, BitTorrent, etc) by leveraging on nDPI, ntop Deep Packet Inspection (DPI) technology
- Characterise HTTP traffic by leveraging on characterisation services provided by Google and HTTP Blacklist.
- Analyse IP traffic and sort it according to the source/destination.
- Report IP protocol usage sorted by protocol type
- Produce HTML5/AJAX network traffic statistics.
- Full support for IPv4 and IPv6
- Full Layer-2 support (including ARP statistics)
- GTP/GRE detunnelling
- Support for MySQL, ElasticSearch and LogStash export of monitored data
- Interactive historical exploration of monitored data exported to MySQL
- Alerts engine to capture anomalous and suspicious hosts
- SNMP v1/v2c support and continuous monitoring of SNMP devices
| Feature | Community | Professional | Enterprise |
|---|---|---|---|
| Monitor the active flows and hosts of your network † | ✓ | ✓ | ✓ |
| Identity application protocols (Facebook, Youtube, BitTorrent, etc) in the network | ✓ | ✓ | ✓ |
| Record and Visualize hosts’ historical applications protocols usage | ✓ | ✓ | ✓ |
| Group hosts by VLAN, Operating System, Country, and Autonomous Systems | ✓ | ✓ | ✓ |
| Get a geographic map of your network communications with the rest of the world | ✓ | ✓ | ✓ |
| Identify top talkers (senders and receivers) hosts with minute resolution | ✓ | ✓ | ✓ |
| Visualize the top HTTP sites contacted by an host | ✓ | ✓ | ✓ |
| Export expired flows information to MySQL, possibly augumented with nProbe data | ✓ | ✓ | ✓ |
| Generate alerts when hosts cross configurable time/traffic thresholds or have suspicious behaviors | ✓ | ✓ | ✓ |
| Get alerts notifications as Slack messages | ✓ | ✓ | ✓ |
| Split, merge, and visualize VLAN based traffic | ✓ | ✓ | ✓ |
| Collect data from nProbe to treat remote nProbe-monitored interfaces and flow exporter devices (for example routers and switches) as if they were local | ✓ | ✓ | ✓ |
| Split, merge, and visualize data collected from nProbe | ✓ | ✓ | ✓ |
| Group local hosts into logical sets of IP and MAC addresses known as host pools †† | ✓ | ✓ | ✓ |
| Get a realtime view of top talkers and application protocols and compare them with daily activities | ✗ | ✓ | ✓ |
| Explore recorded MySQL data to identify the cause of network problems | ✗ | ✓ | ✓ |
| Generate graphical reports with top hosts, application protocols, countries, networks, and autonomous systems within any configurable time frame | ✗ | ✓ | ✓ |
| Mark and historicise traffic with user-defined traffic profiles to match hosts, ports and applications using the BPF syntax ‡ | ✗ | ✓ | ✓ |
| Limit or block your hosts’ traffic with customized per-protocol policies * | ✗ | ✓ | ✓ |
| Integrate ntopng login with LDAP authentication servers | ✗ | ✓ | ✓ |
| Send ntopng generated alerts to nagios * | ✗ | ✓ | ✓ |
| Query SNMP devices data, such as port status, traffic and and MAC address information | ✗ | ✗ | ✓ |
| Advanced MySQL insertions yielding 5x faster database writes | ✗ | ✗ | ✓ |
| Optimized MySQL aggregations for faster historical flow data explorations | ✗ | ✗ | ✓ |
| Get total traffic and activity reports for any given host, network, or interface | ✗ | ✗ | ✓ |
| Identify attackers and victims through an alerts dashboard in realtime and in the past | ✗ | ✗ | ✓ |
| Visualize host pools’ historical applications protocols usage | ✗ | ✗ | ✓ |
| Explore and filter flow alerts in the past | ✗ | ✗ | ✓ |
| Visualize and historicise SNMP per-device-port traffic | ✗ | ✗ | ✓ |
| Visualize and historicise NetFlow/sFlow devices data | ✗ | ✗ | ✓ |
| Provide an Internet Captive Portal * | ✗ | ✗ | ✓ |
| Apply per-protocol daily traffic and time quotas to your clients * | ✗ | ✗ | ✓ |
| Provide accurate parental control with SafeSearch DNS integration * | ✗ | ✗ | ✓ |
Download
Confronta
Per vedere l’elenco di tutti i prodotti acquistabili, accedi al nostro e-commerce: www.miniserver.it
Per la Pubblica Amministrazione: siamo presenti sul portale MEPA, per info mandare una mail a info@firewallhardware.it oppure chiamare il numero 011 19827159.