2018-04-24 21:45:39 +02:00
![logo ](https://fastnetmon.com/wp-content/uploads/2018/01/cropped-new_logo_3var-e1515443553507-1-300x146.png )
Community Edition
2013-11-14 09:23:10 +01:00
===========
2022-11-17 13:29:25 +01:00
FastNetMon - A high performance DDoS detector / sensor built on top of multiple packet capture engines: NetFlow, IPFIX, sFlow, AF_PACKET (port mirror).
2015-03-10 23:38:10 +01:00
2018-03-01 20:33:13 +01:00
What do we do?
--------------
2022-11-17 13:29:25 +01:00
We detect hosts in the deployed network sending or receiving large volumes of traffic, packets/bytes/flows per second and
perform a configurable action to handle that event. These configurable actions include notifying you, calling script or making BGP announces.
2015-06-15 11:59:12 +02:00
2023-03-01 14:23:19 +01:00
Legal
--------------
FastNetMon is a product of FastNetMon LTD, UK. FastNetMon ® is a registered trademark in the UK and EU.
2018-03-01 20:33:13 +01:00
2023-03-01 14:24:48 +01:00
CI build status
--------------
2022-04-18 20:23:45 +02:00
[![CircleCI ](https://circleci.com/gh/pavel-odintsov/fastnetmon/tree/master.svg?style=svg )](https://circleci.com/gh/pavel-odintsov/fastnetmon/tree/master)
2022-04-02 02:39:06 +02:00
2015-10-06 17:37:27 +02:00
Project
-------
2022-12-01 11:41:53 +01:00
🌏️ [Official site ](https://fastnetmon.com )
2022-12-01 11:53:01 +01:00
⭐️ [FastNetMon Advanced, Commercial Edition ](https://fastnetmon.com/product-overview/ )
2022-12-01 11:41:53 +01:00
🌟️ [FastNetMon Advanced, free one month trial ](https://fastnetmon.com/trial/ )
📜️ [FastNetMon Advanced and Community difference table ](https://fastnetmon.com/compare-community-and-advanced/ )
📘️ [Detailed reference ](https://translate.google.com/translate?sl=auto&tl=en&u=https%3A%2F%2Ffastnetmon.com%2Fwp-content%2Fuploads%2F2017%2F07%2FFastNetMon_Reference_Russian.pdf )
🔏️ [Privacy policy ](https://fastnetmon.com/privacy-policy/ )
2018-10-06 14:18:42 +02:00
2015-10-06 17:37:27 +02:00
Supported packet capture engines
--------------------------------
2022-10-02 22:41:13 +02:00
- NetFlow v5, v9, v9 Lite
2015-03-23 11:39:08 +01:00
- IPFIX
2022-02-26 21:12:06 +01:00
- ![sFlow ](http://sflow.org/images/sflowlogo.gif ) v5
2019-07-11 22:00:33 +02:00
- PCAP
2022-04-19 13:14:21 +02:00
- AF_PACKET (recommended)
2022-12-01 11:53:01 +01:00
- AF_XDP (XDP based capture)
2022-11-17 13:29:25 +01:00
- Netmap (deprecated, stil supported only for FreeBSD)
2022-04-23 16:01:26 +02:00
- PF_RING / PF_RING ZC (deprecated, available only for CentOS 6 in 1.2.0)
2015-03-23 11:37:29 +01:00
2017-12-03 13:21:04 +01:00
You can check out the [comparison table ](https://fastnetmon.com/docs/capture_backends/ ) for all available packet capture engines.
2015-04-28 21:39:08 +02:00
2022-02-10 14:38:13 +01:00
Official support groups:
-------
2022-10-20 16:39:17 +02:00
- [Mailing list ](https://groups.google.com/g/fastnetmon )
2022-10-20 16:38:11 +02:00
- [Slack ](https://slack.fastnetmon.com )
2022-04-27 15:34:23 +02:00
- IRC: #fastnetmon at irc.libera.chat:6697 (TLS) [web client ](https://web.libera.chat/?channels=#fastnetmon )
2022-02-10 14:38:13 +01:00
- Telegram: [fastnetmon ](https://t.me/fastnetmon )
2022-10-20 16:38:11 +02:00
- Discord: [fastnetmon ](https://discord.fastnetmon.com )
2022-02-10 14:38:13 +01:00
Follow us at social media:
-------
- [Twitter ](https://twitter.com/fastnetmon )
- [LinkedIn ](https://www.linkedin.com/company/fastnetmon/ )
- [Facebook ](https://www.facebook.com/fastnetmon/ )
2018-03-01 20:33:13 +01:00
Complete integration with the following vendors
2016-07-27 09:25:16 +02:00
--------------------------------
2018-12-06 23:00:01 +01:00
- [Juniper integration ](src/juniper_plugin )
2016-07-28 16:54:16 +02:00
- [A10 Networks Thunder TPS Appliance integration ](src/a10_plugin )
2022-02-10 14:38:13 +01:00
- [MikroTik RouterOS ](src/mikrotik_plugin )
2016-07-27 09:25:16 +02:00
2015-10-06 17:37:27 +02:00
Features
--------
2022-02-10 14:38:13 +01:00
- Detects DoS/DDoS in as little as 1-2 seconds
- Scales up to terabits on single server (sFlow, Netflow, IPFIX) or to 40G + in mirror mode
2016-05-25 16:46:50 +02:00
- Trigger block/notify script if an IP exceeds defined thresholds for packets/bytes/flows per second
2022-02-10 14:38:13 +01:00
- [Complete support ](https://fastnetmon.com/docs/detected_attack_types/ ) for most popular attack types
- Thresholds can be configured per-subnet basis with the hostgroups feature
2022-02-10 14:38:13 +01:00
- [Email notifications ](https://fastnetmon.com/docs/attack_report_example/ ) about detected attack
2022-08-08 17:43:06 +02:00
- Complete IPv6 support
2023-02-11 19:08:48 +01:00
- Prometheus support: system metrics and total traffic counters
2023-02-12 22:17:05 +01:00
- Flow and packet export to Kafka in JSON and Protobuf format
2022-08-08 17:43:06 +02:00
- Announce blocked IPs via BGP to routers with [ExaBGP ](https://fastnetmon.com/docs/exabgp_integration/ ) or [GoBGP ](https://fastnetmon.com/docs/gobgp-integration/ ) (recommended)
2022-11-17 13:29:25 +01:00
- Full integration with [InfluxDB ](https://fastnetmon.com/docs/influxdb_integration/ ) and [Graphite ](https://fastnetmon.com/docs/graphite_integration/ )
2022-02-10 14:38:13 +01:00
- [API ](https://fastnetmon.com/docs/fastnetmon-community-api/ )
2017-12-03 14:08:51 +01:00
- [Redis ](https://fastnetmon.com/docs/redis/ ) integration
2017-12-03 14:05:39 +01:00
- [MongoDB ](https://fastnetmon.com/docs/mongodb/ ) integration
2022-11-17 13:29:25 +01:00
- VLAN untagging in mirror and sFlow modes
2018-03-01 20:33:13 +01:00
- Capture attack fingerprints in PCAP format
2014-11-22 14:17:26 +01:00
2022-02-10 14:38:13 +01:00
Running FastNetMon
2015-10-06 17:37:27 +02:00
------------------
2015-05-19 00:14:27 +02:00
2016-08-20 14:15:01 +02:00
### Hardware requirements
2022-02-10 14:38:13 +01:00
- At least 1 GB of RAM
2016-08-20 14:15:01 +02:00
2022-02-10 14:38:13 +01:00
### Installation
2022-02-15 18:11:11 +01:00
- Linux (Debian, CentOS, RHEL, Ubuntu), [install instructions ](https://fastnetmon.com/install/ )
2022-02-10 14:38:13 +01:00
- [VyOS ](https://fastnetmon.com/fastnetmon-community-on-vyos-rolling-1-3/ )
2022-02-10 14:38:13 +01:00
- FreeBSD: [official port ](https://www.freshports.org/net-mgmt/fastnetmon/ ).
2015-10-06 17:37:27 +02:00
### Router integration instructions
2017-12-03 14:11:26 +01:00
- [Juniper MX Routers ](https://fastnetmon.com/docs/junos_integration/ )
2015-07-22 22:07:33 +02:00
2015-10-06 17:37:27 +02:00
2018-03-01 20:33:13 +01:00
Screenshots
2015-10-06 17:37:27 +02:00
------------
2023-03-11 12:57:58 +01:00
Command line interface
2015-03-22 11:45:52 +01:00
![Main screen image ](docs/images/fastnetmon_screen.png )
2014-06-08 12:29:37 +02:00
2023-03-11 12:57:58 +01:00
------------
Standard Grafana dashboard
![Grafana total traffic ](docs/images/grafana_total.png )
2022-02-10 14:38:13 +01:00
Example deployment scheme
2022-02-10 14:38:13 +01:00
--------------
2014-12-02 14:42:40 +01:00
2022-02-10 14:38:13 +01:00
![Network diagramm ](docs/images/deploy.png )
2022-11-26 13:45:35 +01:00
Upstream versions in different distributions
--------------
[![FastNetMon upstream distro packaging status ](https://repology.org/badge/vertical-allrepos/fastnetmon.svg )](https://repology.org/project/fastnetmon/versions)