fbpx
1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

5 Reasons to Use ntop for Network Management

Published by SPK Blog Post
on September 3, 2013

One of the most critical aspects of your network infrastructure is how well it’s performing. The question that I often get asked as a provider of infrastructure services is, “Am I getting the most out of my local network and my internet bandwidth?” This is the one question that I have to know an answer for, because a LOT of the businesses I support rely on their network being available and being fast.

When I’m asked to manage network infrastructure, one of the first tools we install is ntop. Ntop stands for network top, where top is a Unix utility to show real-time statistics about your operating system. This utility monitors your network in real-time and provides a wealth of information which you can use to answer that simple question I asked earlier. So why use ntop? Well, here’s 5 good reasons why:

1. View real-time traffic stats and network utilization

With a couple of clicks on your local ntop installation, you can quickly determine how much traffic is in use right now. If someone complains that the internet is slow, you can quickly find out what and/or who is your top traffic user. The information is presented in a nice, easy-to-read table format, which you can sort based on traffic stats to quickly track down the bandwidth hog!

2. Detect and stop viruses/worms

Recently, we had a user who had their computer infected with a spam worm, and their machine was sending hundreds of emails an hour. Subsequently, they got blacklisted as a spam site, and email halted for them. The problem was, they had no idea that their machine was sending out the spam! Using ntop, we were able to filter by SMTP traffic and found one machine sending a large amount of SMTP packets outbound. I placed a firewall rule in place on their machine, the SMTP traffic stopped and I subsequently cleaned up the worm on their machine.

3. Prevent inbound attacks on your network

Ntop can show you inbound traffic as well as outbound traffic, so if you believe that your web site is being hit with denial of service attack, you can quickly bring up ntop and find out where the traffic is coming from and then work to block that traffic. This can invaluable for keeping your website online and operational and is really useful if your business relies on that website being available for business!

4. Monitor a wide variety of protocols

If your internal network uses different protocols than TCP/IP, such as Appletalk, DECNET, NetBIOS, or IPX, you can keep an eye on them as well. When you have a mixed network with different protocols, it’s wise to monitor them separately. Fortunately, ntop can handle them all on a single machine as long as that machine has access to those networks and protocols.

5. Find network abuse or company policy violations quickly

You can use ntop to monitor traffic and quickly identify those situations where network traffic does not comply with specified company policies or when it exceeds some defined thresholds. In general, network administrators specify policies that prevent abuse of the network (such as visiting illegal websites, downloading of pornography, or internet gambling). Nevertheless, it is possible that some hosts will not comply with company policy, and ntop can be used to find those violations. However, sometimes a user is abusing the network without knowing so, either by a misconfigured operating system, network interface, network appliance, or a software application. In any case, ntop makes it very easy to track down who’s doing what.

Summary

Network management is becoming an increasingly complex task due to the different types of networks, and the integration of mobile devices within a corporate network. As these networks become larger, more complex, and different devices are accessing it, the cost of network management rises. Automated tools like ntop can really save a lot of time and headaches for a network administrator. As I mentioned earlier, it’s one of the standard tools we at SPK & Associates use when we manage a client’s network infrastructure.

In a future blog post, I’ll go into how to set up ntop in a few easy steps, and you’ll be able to take advantage of this powerful tool! If you have any questions about this topic, feel free to comment! I’m happy to respond to anything related.

Next Steps:

Bradley Tinder, Systems Integrator, SPK & Associates

Latest White Papers

Total Economic Impact for Atlassian Open DevOps

Total Economic Impact for Atlassian Open DevOps

Forrester's Total Economic Impact Study found that Atlassian Open DevOps could net your organization a potential ROI of 358%. Discover an overview of this Forrester research paper below and download your free copy. Forrester Research Into Atlassian Open DevOps Agile...

Related Resources

SPK Accelerates Fortune 100 MedDevice Product Sale

SPK Accelerates Fortune 100 MedDevice Product Sale

Our client is Fortune 100 Medical Device manufacturer. SPKAA acts as a product cybersecurity managed service provider for their hospital products which have embedded Windows or Windows OS.   Fortune 100 MedDevice Problem For over 10 years, SPK has provided ongoing...

Why Process Automation Is Critical For Engineering

Why Process Automation Is Critical For Engineering

Process automation releases your engineers for the work their brains are intended for. That work is creativity and problem-solving.  By implementing process automation, you improve the team’s morale. Firstly, they get more focus time for deep work and designing better...

Deep Work Improves Engineers’ Productivity

Deep Work Improves Engineers’ Productivity

In this blog we'll explore how the principle of Deep Work by Cal Newport can improve your engineers productivity. Does it feel harder for you to focus on your creative, technical work? When I speak to engineers or management staff and ask this question, the answer...