Saturday, October 19, 2019

My boss wants me to put ntop-ng on the internet

I have an SMB client with a plane jane Ubiquiti Edge Router 4 and Aruba Instant On access points. DPI in the ER as well as the DPI on the access points is too limited and my client wants better application visibility.

No problem; ntop-ng community edition works great for that. My proposition to my boss was to mirror a trunk port and create an ntop-ng + openvpn appliance using a dual NIC mini PC. I have the appliance deployed and now my boss says that our client will never be able to figure out how to connect to the (split tunnel) VPN. He wants me to run ntop-ng on some random port and put it on the internet.

I know this is probably a bad idea but how bad?



No comments:

Post a Comment