NTOP – Network Monitoring Tool

ntop, which is now ntopng (ng for next generation), is a traffic probe that uses libpcap (for packet capture) to report on network traffic. You can install ntopng on a server with multiple interfaces, and use port mirroring or a network tap to feed ntopng with the data packets from the network for analysis. ntopng can analyze traffic even at 10G speeds; report on IP addresses, volume, and bytes for each transaction; sort traffic based on IP, port, and protocol; generate reports for usage; view top talkers; and even report on AS information. This level of traffic analysis helps you make informed decisions about capacity planning and QoS design, and also helps you find bandwidth-hogging users and applications in the network. Ntopng has some limitations but it has a commercial version called ntopng pro that comes with some additional features, but the open-source version is good enough to quickly gain insight into traffic behaviour. ntop can also integrate with external monitoring applications such as Nagios for alerting, and provide data for monitoring.

Loading...