What is ntopng
At first ntop released in 1998, after released some feature added, in 2013/5/1 ntopng (ntop next generation) had released.
For collect the FlowRecord with ntopng
You need to use nProbe for collect the FlowRecords with ntop.
nProbe can collect FlowRecord and mirroring packets by SPAN.
Mode of nProbe
- Probe mode : Collect FrowRecords
- Collector mode : Collect mirroring packets
- Proxy mode : Forward FlowRecord to up tier probe
Licensing and Source Code of nProbe
It is required additional license to that the nProbe use in ntopng.
License of nProbe : nProbe Standard [Unix/Win] 149.95Euro Permanent License with 1 year support
Source Code of nProbe : NOT open
1 Euro = 19,500 YEN
That is cheep in company, but in independent use, it is few expensive.
And Source Code is not open, there are no merit of OSS.
If you use the Source Code with OSS generation's it is able to solve the problem but there are no additional feature in future.
I think it is better that I use alternative system.
Reconsider the Flow Collector in Linux
Because ntop is not able to be used for OSS FlowCollector, I reconsider the system of Flow Collector.