I first started using ntop about eight or nine years ago. I was technology director of a K-12 public school, and we were looking for network analysis tools that would not break our budget. I found ntop through a Google search and installed it on an extra computer we had that was running CentOS.
My team and I were pleasantly surprised and excited that ntop gave us a great deal of information about our network that we certainly hadn't known before. Today, I continue to use ntop as a diagnostic tool when helping clients who need network analysis. To dig a little deeper into the goals and strategy behind the company, I contacted Luca Deri, who graciously agreed to an interview.
Ntop's open source code is available on GitHub and licensed under GPL.
Tell us about yourself and your background.
I started to play with networks while studying at the university in the early 90s. I had not been very interested in network infrastructure, but rather about information exchanged on the network. This has been the driving force that pushed me to enter into the network monitoring arena.
I started from legacy OSI network monitoring, moved to SNMP, and finally to network traffic monitoring. This is how I started ntop, first as a side project, then as main daily activity. It was grounded on open source principles, focusing on creating efficient tools for analyzing and visualizing network traffic. In order to implement efficient network monitoring it is necessary to process packets efficiently, so I started to accelerate packet capture by creating a Linux kernel module named PF_RING, on top of which I put all the monitoring applications I have developed.
In essence, I enjoy playing with packets, and doing that efficiently. Through the years I have created a set of tools that simplify that task.
How did you get into open source?
During my early working days, my employer was very strict on sharing information, results, and code. So, I decided that open source was the right answer to my need to share what I was doing and accept contributions and suggestions from users. In addition, I was an independent developer with access to small university networks, and open source was the right way to encourage people to test our tool in environments because we had no access to otherwise improving it.
Finally, if you want to be known, I believe there are only two options: Hire some marketing people and start attending trade shows. Or, spread the code around as much as possible, in a free fashion, and let more talented people teach you something good. We believe the latter is the right way to work for us.
How do you engage and animate your community?
We would like to spend more time on community. We try to listen to people on our mailing lists in order to understand what they would like to see implemented and what problems we have not yet addressed. We plan to run some free webinars in the near future in order to educate people, and we have started to create videos on YouTube to visually demonstrate what manuals are not able to describe.
Unfortunately, we are not receiving too many contributions from our community (we mostly have users), but we have seen that our recent move to GitHub has helped improve that, so we are confident that the situation will get better.
How has that engagement helped ntop?
I think that ntop without open source would simply not exist. We are developing ntop because we like what we do, and without a community of users it would not be fun or possible at all for us.
How did ntop get started?
It started as a side project for understanding why the network we were in was sometimes slow or unresponsive. In the late 90s, many network lines were slow, so we developed ntop as a text-based command line tool that then turned into a web-based tool as soon as the web started to become pervasive. In essence, it solved a problem we had, and then thanks to the feedback of the user community, we decided to extend it and make it helpful not just for our needs but also for others.
Could you tell us more about your enterprise model? Where do most of your customers come from, and how they use ntop?
The open source side of ntop is good for being known outside of our community, but it does not allow us to survive or pay our expenses. So, we have created some commercial products on top of our open source tools, that allow us to make some revenue that we reinvest in ntop.
As we know how hard is to fund ourselves, and buy tools and devices to do our development, we decided from day one to give away all of our products to non-profits, research institutions, and people who cannot afford to pay us because they are temporarily without a job and would like to learn something new. Most of our revenue comes from our commercial tools. We try to do as little consulting as we can because it consumes a lot of time, and thus we have little time left for further improving our products.
Where do you see ntop headed in the short term?
We would like to enlarge our community and make our products more widely known.
In this view, for instance, we have decided to make ntopng for Windows freely available (this used to be one our commercial products). In essence, we want to consolidate what we have done in the past years and make sure that as many users are as possible are using it.
What are your long range plans for ntop?
We want to enlarge the areas of interest, while still being active in network monitoring. We have started for instance to look more closely at security-related issues, and how to use what we have done in the past years in this field. We will soon introduce a new product that can be used to both detect and mitigate network attacks (both volume or slow speed attacks) that could combine our tools and offer a low-cost/low-complexity tool for effectively enforcing network security policies without using costly hardware devices.
In essence, we plan to continue along the line we have drawn years ago that means offer better, simpler, and more open solutions to existing problems currently not properly solved by available tools.