Mailing List Archive

ntopng nDPI
We are a small ISP looking to get more insights into our network traffic. We have setup ntopng (Community Edition) monitoring an ethernet interface that is being mirrored on a Juniper switch. The peak traffic on this interface is about 170Mbps.

Traffic levels look correct, and we are definitely seeing host insights.

However, nDPI does not seem to be recognizing applications as well as I would have expected. While it shows things like YouTube, Windows Updates, and Bit Torent, it seems to miss things like NetFlix. I know our customers are using NetFlix, other solutuions have shown this to be about 35% of our total traffic.

Top Application Protocols shows:
HTTP 28%
Other 24.6%
SSL 24.5%
YouTube 12.8%
Unknown 5.7%
Facebook 4.4%

Is there tweaking required to make nDPI more accurate?
If we decide to move ahead with ntopng, it will be placed at our network edge with traffic levels over 2Gbps and climbing.

Thanks in Advance for any help.
Terry D.
NETAGO