Architecture

Technical overview of Netureon's system design and components

System Architecture

Network Layer Local Network • Devices • Infrastructure Network Scanner net_scan.py • ARP Discovery • Device Profiling • Vendor ID Device Profiler device_profiler.py • OS Detection • Service Scan • Categorization Alert Daemon alert_daemon.py • Email Alerts • Telegram Bot • Notifications Web UI Flask App • Dashboard • Management • Config PostgreSQL Database • Device Records • Connection Logs • Alert History

Component Legend

Core Scanning
Alert System
User Interface
Data Storage

Core Components

🔍

Network Scanner

net_scan.py

Performs ARP-based network scanning to discover devices and monitor network changes.

Key Functions:

  • scan_network() - ARP-based device discovery
  • process_device() - Device information processing
  • validate_mac() - MAC address validation
  • resolve_hostname() - DNS resolution

Technologies:

Python ARP Protocol Network Interface Systemd Timer
🏷️

Device Profiler

device_profiler.py

Creates comprehensive device profiles with vendor identification and service detection.

Key Functions:

  • profile_device() - Complete device profiling
  • get_mac_vendor() - Vendor database queries
  • scan_ports() - Service detection
  • fingerprint_os() - OS identification

Technologies:

MAC Vendor DB Port Scanning OS Fingerprinting API Integration
🚨

Alert Daemon

alert_daemon.py

Monitors security events and sends notifications through multiple channels.

Key Functions:

  • monitor_events() - Event monitoring
  • send_email_alert() - SMTP notifications
  • send_telegram_alert() - Telegram bot integration
  • process_alert_queue() - Alert processing

Technologies:

SMTP Telegram Bot API PostgreSQL Triggers Async Processing
💻

Web Interface

webui/app.py

Flask-based web application providing real-time monitoring and management capabilities.

Key Components:

  • Dashboard with real-time updates
  • Device management interface
  • Configuration management
  • Alert history and status

Technologies:

Flask SQLAlchemy Jinja2 RESTful API
🗄️

PostgreSQL Backend

Database Schema

Centralized data storage for device information, connection logs, and alert history.

Key Tables:

  • devices - Device registry
  • connections - Connection history
  • alerts - Alert records
  • discovery_log - Scan history

Features:

ACID Compliance Triggers Indexing Connection Pooling

Service Integration & Deployment

netureon_web.service

Flask web interface service

Restart: on-failure Depends: postgresql.service

netureon_scan.timer

Network scanning scheduler

Schedule: every 30 seconds Triggers: netureon_scan.service

netureon-alerts.service

Alert notification daemon

Restart: always Depends: postgresql.service

Management Commands:

# Start services
sudo systemctl start netureon_web
sudo systemctl start netureon-alerts
sudo systemctl start netureon_scan.timer

# Enable auto-start
sudo systemctl enable netureon_web
sudo systemctl enable netureon-alerts
sudo systemctl enable netureon_scan.timer

# Check status
sudo systemctl status netureon*

Netureon

Main network monitoring service

Startup: Automatic Recovery: Restart service

NetureonAlerts

Alert notification service

Startup: Automatic Recovery: Restart service

NetureonWeb

Web interface service

Startup: Manual Depends: Netureon service

Management Commands:

# Start services
Start-Service Netureon
Start-Service NetureonAlerts
Start-Service NetureonWeb

# Stop services
Stop-Service Netureon
Stop-Service NetureonAlerts
Stop-Service NetureonWeb

# Check status
Get-Service Netureon*

Data Flow & Processing

1

Network Scanning

Systemd timer triggers ARP scan every 30 seconds to discover active devices on the network.

2

Device Processing

Discovered devices are processed for MAC validation, vendor lookup, and hostname resolution.

3

Database Storage

Device information is stored in PostgreSQL with connection logging and timestamp tracking.

4

Alert Processing

PostgreSQL triggers detect new devices and generate alerts for the notification daemon.

5

Notifications

Alert daemon sends notifications via email and Telegram based on configured rules.

Technical Specifications

System Requirements

  • CPU: 2+ cores recommended
  • RAM: 2GB minimum, 4GB recommended
  • Storage: 1GB+ for database and logs
  • Network: Ethernet interface required

Software Dependencies

  • Python: 3.8 or higher
  • PostgreSQL: 13 or higher
  • OS: Linux (systemd) or Windows
  • Libraries: Flask, SQLAlchemy, psycopg2

Performance Metrics

  • Scan Speed: ~100 IPs in 5-10 seconds
  • Memory Usage: <50MB per service
  • Database Size: ~1MB per 1000 connections
  • Response Time: <200ms web interface

Security Features

  • Encryption: TLS for all communications
  • Authentication: Database and web sessions
  • Privileges: Minimal required permissions
  • Logging: Comprehensive audit trails

Ready to Deploy Netureon?

Follow our comprehensive setup guide to get started with network monitoring today.

Installation Guide View Source Code