We were originally running ntop and all my questions to this forum received the same response - "UPGRADE TO ntopng". Now I've upgraded to ntopng and I have several questions I was hoping to get some answers for:
Question #1: For a large enterprise with numerous different branch sites, what is the most effective way to "categorize" those sites based on their IP subnet? In other words if I take the following 3 sites: 1. Atlanta Site / Subnet 10.10.10.0/24 2. NY Site / Subnet 10.10.20.0/24 3. Chicago Site / Subnet 10.10.30.0/24 Is there a way within ntopng - to ask for ALL netflow data on a per site basis? In other words - "ntopng....would you please tell me EVERYTHING you know about the Atlanta site?" Question #2: This question pertains to historical reporting and what, to me, appears to be a lack of ability of ntopng to allow a network administrator to effectively use this tool for troubleshooting. I don't know one network administrator that sits in front of a monitoring appliance and watches real time data waiting for a network anomaly to occur in real time. This tool seems to be real time focused and appears to not have a robust ability to view and analyze historical traffic. Is there a way, within ntopng, to view historical data on a per site basis? In other words - "ntopng....would you please tell me EVERTHING you know about the Atlanta site that occurred yesterday between 2:00PM - 4:00PM? If the historical data CANNOT be presented on a per site basis - can this historical data be presented in a way that allows one to take advantage of the following feature? https://svn.ntop.org/svn/ntop/trunk/ntopng/doc/UserGuide.pdf 3.2. What ntopng can do for me? * Analyse IP traffic and sort it according to the source/destination To what degree can I sort historical IP traffic based on source / destination? Thanks, Amir Amir Safayan ShoreGroup,Inc. IPT 2 Team M-F 11:00AM - 8:00PM EST O: 315.414.2920 C: 315.314.1444 AIM: amirsafayansg [email protected]<mailto:[email protected]>
_______________________________________________ Ntop mailing list [email protected] http://listgateway.unipi.it/mailman/listinfo/ntop
