Network monitoring, discovery and inventory
Using nDPI for Monitoring and Security
nDPI in practice
As most of modern traffic is now encrypted, deep packet inspection is becoming a key component for providing visibility in network traffic. nDPI is an open source toolkit able to detect application protocols both in plain text and encrypted traffic, extract metadata information, and detect relevant cybersecurity information. This talk shows how nDPI can be used in real life to monitor network traffic, report key information metrics and detect malicious communications.
The pervasive use of encrypted protocols and new communication paradigms based on mobile and home IoT devices has obsoleted traffic analysis techniques that relied on clear text analysis. DPI (Deep Packet Inspection) is a key component to provide network visibility on network traffic. nDPI is an open source toolkit designed to detect application protocols on both plain and encrypted traffic. it is also able to extract relevant metadata information including metrics on encrypted traffic for easy classification and accounting.
This talk introduces nDPI, demonstrate how to use it in real life examples, and it presents how it can be effectively used not only for traffic monitoring but also in cybersecurity being it able to detect unusual traffic behaviour and security issues.
Additional information
| Type | devroom |
|---|
More sessions
| 2/6/21 |
A brief introduction to the room and to the sessions.
|
| 2/6/21 |
In March 2021, OpenNMS will celebrate its twenty-first year as a free software project. Much has changed since the early days, both within the project and in the world in which people build and monitor networks. Surprisingly little has changed with respect to the project's mission, even as major changes are happening with the project's corporate steward, The OpenNMS Group. Newcomers will receive a brief background on the OpenNMS project, and longtime users will come up to date with the project's ...
|
| 2/6/21 |
With the NESi software we aim at simulating certain points of a network.
|
| 2/6/21 |
Thola is a new open source tool for reading, monitoring and provisioning (coming soon) network devices written in Go. This talk will inform about the current state of development as well as planned features, including reading out inventory, configuring network devices, support for other monitoring systems like prometheus and many more.
|
| 2/6/21 |
Julian and I work for Icinga and want to shed some light on what, how and why we do what we do and also what YOU can do. The format is going to be a bit like a podcast, where we just talk about our topics for a little and try to provide some light entertainment while staying technical.
|
| 2/6/21 |
Telegraf is an agent for collecting, processing, aggregating, and writing metrics. With over 200 plugins, Telegraf can fetch metrics from a variety of sources, allowing you to build aggregations and write those metrics to InfluxDB, Prometheus, Kafka, and many more targets. In this talk, we'll take a look at the different plugins Telegraf provides for collecting metrics about our networks, as well as the latest features of InfluxDB 2 that make sharing our configurations with others a piece of ...
|
| 2/6/21 |
An introduction to techniques required to scale Naemon like Thruk, Mod-Gearman and LMD.
|
