1-888-310-4540 (main) / 1-888-707-6150 (support) info@spkaa.com
Select Page

5 Reasons to Use ntop for Network Management

Published by SPK Blog Post
on September 3, 2013

One of the most critical aspects of your network infrastructure is how well it’s performing. The question that I often get asked as a provider of infrastructure services is, “Am I getting the most out of my local network and my internet bandwidth?” This is the one question that I have to know an answer for, because a LOT of the businesses I support rely on their network being available and being fast.

When I’m asked to manage network infrastructure, one of the first tools we install is ntop. Ntop stands for network top, where top is a Unix utility to show real-time statistics about your operating system. This utility monitors your network in real-time and provides a wealth of information which you can use to answer that simple question I asked earlier. So why use ntop? Well, here’s 5 good reasons why:

1. View real-time traffic stats and network utilization

With a couple of clicks on your local ntop installation, you can quickly determine how much traffic is in use right now. If someone complains that the internet is slow, you can quickly find out what and/or who is your top traffic user. The information is presented in a nice, easy-to-read table format, which you can sort based on traffic stats to quickly track down the bandwidth hog!

2. Detect and stop viruses/worms

Recently, we had a user who had their computer infected with a spam worm, and their machine was sending hundreds of emails an hour. Subsequently, they got blacklisted as a spam site, and email halted for them. The problem was, they had no idea that their machine was sending out the spam! Using ntop, we were able to filter by SMTP traffic and found one machine sending a large amount of SMTP packets outbound. I placed a firewall rule in place on their machine, the SMTP traffic stopped and I subsequently cleaned up the worm on their machine.

3. Prevent inbound attacks on your network

Ntop can show you inbound traffic as well as outbound traffic, so if you believe that your web site is being hit with denial of service attack, you can quickly bring up ntop and find out where the traffic is coming from and then work to block that traffic. This can invaluable for keeping your website online and operational and is really useful if your business relies on that website being available for business!

4. Monitor a wide variety of protocols

If your internal network uses different protocols than TCP/IP, such as Appletalk, DECNET, NetBIOS, or IPX, you can keep an eye on them as well. When you have a mixed network with different protocols, it’s wise to monitor them separately. Fortunately, ntop can handle them all on a single machine as long as that machine has access to those networks and protocols.

5. Find network abuse or company policy violations quickly

You can use ntop to monitor traffic and quickly identify those situations where network traffic does not comply with specified company policies or when it exceeds some defined thresholds. In general, network administrators specify policies that prevent abuse of the network (such as visiting illegal websites, downloading of pornography, or internet gambling). Nevertheless, it is possible that some hosts will not comply with company policy, and ntop can be used to find those violations. However, sometimes a user is abusing the network without knowing so, either by a misconfigured operating system, network interface, network appliance, or a software application. In any case, ntop makes it very easy to track down who’s doing what.

Summary

Network management is becoming an increasingly complex task due to the different types of networks, and the integration of mobile devices within a corporate network. As these networks become larger, more complex, and different devices are accessing it, the cost of network management rises. Automated tools like ntop can really save a lot of time and headaches for a network administrator. As I mentioned earlier, it’s one of the standard tools we at SPK & Associates use when we manage a client’s network infrastructure.

In a future blog post, I’ll go into how to set up ntop in a few easy steps, and you’ll be able to take advantage of this powerful tool! If you have any questions about this topic, feel free to comment! I’m happy to respond to anything related.

Next Steps:

Bradley Tinder, Systems Integrator, SPK & Associates

Latest White Papers

Three Trends Are Transforming The Service Desk

Three Trends Are Transforming The Service Desk

Your IT service desk is about to change. Find out what's shaping the future. Three factors — enterprise service management (ESM), collaboration, and intelligent service management — are driving the transformation of the service desk. To better meet customers’ needs...

Related Resources

Is The IT Department Really “Dead?”

Is The IT Department Really “Dead?”

“It’s Time to Get Rid of the IT Department.”  That was the title of an opinion piece recently published in the Wall Street Journal.  Provocative?  Sure.  My answer to this is not “yes,” but many of the author’s points are valid.  The Same Old IT Department? No, the IT...

How To Add More Disk Space To Your Redhat Server Without Reformatting

How To Add More Disk Space To Your Redhat Server Without Reformatting

(Originally published in 2012, updated January 2022.) One of the common tasks for any system administrator is managing disk space on a server. A common question is how to increase disk space on a linux system. I won't go into a boring lecture on why managing disk...

January 2022 vCAD feature updates

January 2022 vCAD feature updates

Happy New Year vCAD Users! It was a busy 2021 in terms of vCAD development and feature enhancements. We've been receiving lots of feedback regarding the platform, and we're assembling a roadmap for 2022 based on our users' needs. Here's what to expect in 2022:...