FWC Parser for Netmon 3.3 on CodePlex

Anyone who has spent any time at all with ISA Server or Forefront TMG has found themselves needing to evaluate the network traffic generated by the ISA Server Firewall client (TMG client for Forefront TMG). The problem with that effort is that none of the available network capture tools included a parser for this traffic.

Today that changes.  In collaboration with the Network Monitor and Forefront Edge Core teams, the Forefront Edge CS team is happy (little-girl-giggly, truth be told) to announce the public availability of a parser written specifically for Network Monitor 3.3. Now you can actually understand what happens between the client and the firewall when your favorite application is misbehaving. You can obtain the parser from CodePlex. The parser provides two new protocols for Network Monitor 3.3:

·         RWS (Remote WinSock): the control channel protocol used between the client and firewall

·         WSP (WinSock Proxy): the abstracted application protocol

Look for additional articles that describe this traffic and offer some hints on using the parser for troubleshooting.


HUGE Thanx to the Network Monitor and Forefront Edge Core teams for their support – we literally could not have done this without them!

Jim Harrison

Comments (6)
  1. Anonymous says:

    Michael Hawker (Network Monitor PM) just release a video about the first Network Monitor Experts Day.

  2. Anonymous says:

    This and similar information-sharing my vocabulary expanded again. Thank you for your writing …

  3. Anonymous says:

    Beautiful, perfect and thanks!


  4. bayrak says:

    This is very good news was well informed that the followers of the issue I am. Thanks…

  5. Anonymous says:

    ISA Server firewall to prevent harmful interference, is a very useful case…

Comments are closed.

Skip to main content