![]() It receives NetFlow traffic reported by NetFlow Exporters, then ntopng displays it in a readable and useful fashion. Nprobe is a software collector that works over ntopng. Because the collector receives and decodes packets, NetFlow can go beyond of the local area network scope. A NetFlow Exporter reports the traffic that traverses it to a central unit called “NetFlow Collector”. ![]() Any network device (router, switch, firewall, AP…) that includes NetFlow reporting capabilities can be configured as a “NetFlow Exporter”. Unlike the previous example, nprobe over ntopng requires configuration of the involved network devices. Nprobe over ntopng (as a dedicated NetFlow collector) The screenshots shown below illustrates the ntopng server configuration along with a couple of network topologies where this configuration fits well. Two NIC for bridging, and one NIC for management. To do this, the ntopng box requires at least three NICs. A big advantage of this setup is the fact that it does not require any change in the configuration of the involved Ethernet endpoints. ![]() It is useful when placing the monitor between two Ethernet endpoints. The following walk-through is intended to be a technical reference on how to deploy ntopng and nprobe on a network. However, there are on the Internet many useful documents published by independent network administrators such as Johannes Weber who has some useful links (shown next) about the installation and configuration of it: The ntopng official web site is the authorized channel for accessing technical resources required for understanding how this tool works. Due to security and performance issues, network monitoring is getting more and more importance nowadays and ntopng is one of the most powerful tools for accomplishing this task.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |