In my last blog post, I gave 5 reasons to use ntop (Network TOP) to monitor your company’s network. The tool is actually very straightforward to install and configure for infrastructure management, but there are a few steps you’ll need to do before you’re monitoring your network.
I highly recommend using a virtual machine dedicated to ntop and possibly other monitoring uses, like Nagios or Cacti/MRTG. However, you’ll need a host system that has at least 2 network interfaces on it. Ideally, you’d have a host with 3 or more NICs, but 2 is a must. The reason is that one of the NICs will be put into promiscuous mode to capture all network traffic and will have no routing applied to it. The machine specs are not very great, a simple RHEL/CentOS 6 or even Ubuntu VM with 1G of RAM and 10G of disk space should suffice. Once you have your VM setup, you’re ready to get moving and setup NTOP on the machine.
I’ve written a short guide that will help you get up and running with ntop, feel free to download it here. If you have any questions or comments, feel free to do so below and I’ll make sure to get back to you!
Bradley Tinder, Systems Integrator, SPK & Associates