Network Monitor 3.2 Beta has released!!!

I’m excited to announce that the Network Monitor 3.2 Beta has released. There are some exiting new features listed below of which many I have already spoken about in this blog:

https://blogs.technet.com/netmon/archive/2007/12/28/santa-s-bag-was-full.aspx

One feature I didn’t mention is our new capture buffer to avoid dropping frames. After adding our drop frames counter, we found out under certain busy situations it would go above zero and we just couldn’t have that. We now buffer the frames before parsing and displaying them. While this does add some complexities to capturing, it insures that packets are more reliably captured which is obviously very important. I will blog about this feature specifically, but I wanted to call it out here.

Where are the bits?

As usual we are hosting our beta at https://connect.microsoft.com under the Network Monitor 3 Project. If you are already signed up, you should have it listed on the main page. If not, look for the project and join up with us to help us find bugs. There is also a web page forum front end to our newsgroup if you need to get support or ask general questions.

What’s New since Netmon 3.1

  • Process Tracking: View all the processes on your machine generating network traffic (process name and PID).  Use the conversation tree to view frames associated with each process.

  • Find conversations:  Quickly isolate frames in the same network conversation.  Isolate TCP streams, HTTP flows etc.

  • PCAP capture file support
  • Capture engine re-architecture to improve capture rate in high-speed networks.   Network Monitor 3.2 drops significantly fewer frames that NM3.1
  • Extensive parser set:  Parsers for over 300 protocols!  Parsers for the protocols covered by the Windows Open Protocol Specifications (see https://msdn.microsoft.com/en-us/library/cc216517.aspx).
  • NM API: Create your own applications that capture, parser and analyze network traffic!
  • Better parser management:  By default only a subset of parsers are loaded.  You can load the full parser set by changing the parser search order in Tools>Options>Parser
  • Support for frame truncation.  Go to Tools>Options and limit the number of bytes captured per frame to improve performance.
  • More extensive documentation of the NPL which includes documentation on the new NMAPI.  Access the documentation from Help > NPL and API Documentation
  • Enhanced filtering on items within NPL while loops or arrays.  You can specify an index into the array or while loop to filter on
  • IA64 version now available.
  • ContainsBin Plug-in:  Search frames for arbitrary byte sequences or strings. For example, ContainsBin(FrameData, ASCII, “msn”).
  • More UI indications of conversation status, dropped frames and the number of frames in the capture buffer.

  • … and more.  See our Release Notes in the NM3.2 installation directory for a complete list of new features and known issues with the Beta.

Enjoy!

The Network Monitor Team