Performance analysis of open source solution "ntop" for active and passive packet analysis relating to application and transport layer

Abstract

A key issue facing operators around the globe is the most appropriate way to deal with spotting black in networks. For this purpose, the technique of passive network monitoring is very appropriate; this can be utilized to deal with incisive problems within individual network devices, problems relating to the whole LAN (Local Area Network) or core network. This technique, however, is not just relevant for troubleshooting, but it can also be castoff for crafting network statistics and analyzing network enactment. In real time network scenarios, a lot of applications and/or processes simultaneously download and upload data. Sometimes, it is very difficult to keep track of all the uploaded and downloaded data. Wireshark is a tool that is normally used to track packets for analysis between two particular hosts during two particular sessions on the same network. However, Wireshark as some limitations such as it is not a good tool for keeping track of bulky network data transferred among various endpoints. On the other side, an open source solution "ntop" offers active as well as passive packet analysis which can be handy for system administrators, networkers and IT managers. Additionally, with ntop VoIP traffic can also be monitored. In this research work, the ntop solution has been deployed to a network facility and performance analysis of ntop solution for various application processes (on application layer) such as HTTP, SSDP (based on HTTPU) against their associated protocols such as TCP/IP, UDP, and VoIP have been analyzed. Additionally, above said processes and protocols have been comprehensively analyzed relating with their client/server breakdown, duration of the connection, actual throughput, total bytes (bytes received and sent) and total bandwidth consumed. This study has been helpful to see the weakest and strongest areas of a particular network in terms of analyzing and deploying network policies. This research work will help the research community to deploy ntop solution for real-time monitoring actively and passively.