Microsoft Network Monitor 3.4 Released

Many of my colleagues use tools like Wireshark or Ethereal to capture network packets, but I can honestly say that I prefer Microsoft’s “native” tool over the 3rd party alternatives.

Early on, there was no competition.  NetMon was lacking in many key features, but over the years (especially since version 3x) it’s gotten a lot better.

My favorite feature is NetMon’s ability to group traffic by the application that generated it.  To my knowledge, Wireshark and Ethereal cannot do this.  The feature is of course useful when you want to quickly locate traffic from a source without first filtering on ports and addresses.

image

So as mentioned in the title, version 3.4 of Network Monitor was released today!  You can download it for yourself here:

http://www.microsoft.com/downloads/details.aspx?FamilyID=983B941D-06CB-4658-B7F6-3088333D062F&displaylang=en

image

If you have an earlier version installed, you do not need to uninstall.  The 3.4 installer will upgrade it.

For more information about Network Monitor, including this version, stop by the NetMon blog here: http://blogs.technet.com/b/netmon

I have not seen any release notes published on the web, but you can find them, including a “What’s new” within the program installation directory.

I’ll save you the trouble by listing them here:

—————————————–
What’s New in Network Monitor 3.4
—————————————–

• User Interface Refresh: The Network Monitor UI has evolved. New features
  have been added and previously hard-to-find features have been made more
  readily available:
  • Parser Configuration Management: Parsers are now installed with profiles
    that allow you to easily switch between parser configurations with the
    Parser Profiles toolbar button.  These configurations are also cached,
    removing the need to recompile when you switch between them.
  • Column Management: Network Monitor will automatically choose a column layout
    based on the type of file being opened. This column layout is applied to the
    Frame Summary Window. This layout can be modified and saved for future use.
    In addition, two extra layouts for HTTP and TCP diagnostics are included.

  • Color Rules: Network Monitor can now save sets of Color Rules to files for
    easy sharing. You can also right-click in the Frame Summary and Frame Details
    windows to add a new Color Rule.

  • Window Layout Dropdown: The new window layout dropdown provides multiple
    configurations for window arrangement. You can move windows by holding down
    the Shift key while clicking on their title bars. Arrangements are saved
    for each of the three layout options. The Restore Default Layout option
    will reset the currently selected layout back to the default.
  • “Live” Experts: Experts can now be run during a live capture session. Also,
    experts that have been recently installed now appear automatically in the
    Experts menu, without requiring you to open another tab.
  • Fixed-Width Font: You can now use a fixed-width font in the Frame Summary window.
  • Auto-Apply Aliases: Aliases are now automatically applied and re-applied
    when created using the right-click add-to-alias feature.
• High Performance Filtering: Network Monitor will now enter a high-performance
  capturing mode when you specify fully qualified capture filters with certain
  fields in the UI or nmcap (e.g. Frame.Ethernet.IPv4.TCP.Port == 8080).
• UTC Timestamps: Network Monitor will now capture and save Time Zone related
  information in a trace. By default, traces opened with Time Zone information
  will automatically have times adjusted to your local Time Zone. The original
  time or Time Zone can be viewed by adding the “Time and Date” column or viewing
  the Properties under the File menu.
• 802.11n & Raw IP Frame Support – Network Monitor now supports monitor mode on
  802.11n network on Microsoft Windows Vista SP1 and later operating systems as
  well as Raw IP Frames on Microsoft Windows 7.

• Process Tracking in NMCap: It is now possible to capture process tracking
  information in the NMCap command-line tool. It will automatically be enabled
  when using a filter, or can be manually enabled using the “/CaptureProcesses” flag.

2 thoughts on “Microsoft Network Monitor 3.4 Released

  1. Pingback: Network Monitor 3x “How To” Videos « Mike Crowley's Whiteboard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s