A new version of Network monitor is available for download from Microsoft website. The tool designed to allow IT professionals to perform protocol capturing and analysis in relation to network traffic. are some great new features, UI enhancements, performance updates, and new APIs. Let’s take a quick gander and see what’s new.
UI Enhancements
-
Window Layouts – We now include 3 different, completely customizable layouts.
-
Column Management and Layouts – Besides making it dead simple to find the column customizer, we provide a set of column layouts that you can customize and switch between.
-
Color Rules – Again we created a button upfront so our color feature is exposed and simple to access.
-
"Live" Experts – Previously you could only run experts on a saved trace. This limited the usability of experts and many folks complained that they couldn’t find the menu item.
Performance Enhancements
-
Parser Configuration Management – Parser performance has always been a nagging issue. The more complete the parsing, the slower the performance. And switching to a simpler parser set required some acrobatics not easily accessible by mere mortals. Now switching between parsers sets is as easy as choosing one from the Parser Profiles drop down menu.
-
-
High Performance Filtering – So you’re trying to capture a trace from your tricked out, 1gig network connected, File/SQL/HTTP server. But the traffic is coming in so quickly that you drop frames left and right. Using a High Performance Filter may be the solution for you.
High-precision Timestamps – In the past our driver didn’t use the highest precision time stamp possible. Now instead of seeing a bunch of frames the same time, they appear with more granular time stamps.
Other Features
- Process Tracking in NMCap – By adding the /CaptureProcesses switch to NMCap you can capture process information just like the UI.
- UTC Timestamps – One problem in the past with captures is that the time stamp was always based on the time zone where it was taken. This made it difficult to compare time stamps with data, for instance Event Logs, whose time stamps are displayed relative to your local time zone. You now have the option to view new traces taken with Network Monitor 3.4 using UTC relative timestamps. As I mentioned above, the column layout feature is related. When you open a capture we detect the capture file format and pick the appropriate column layout. But if you need the view the trace with the old behavior for new 3.4 traces, you can always manually select the 3.3 column layout.
- 802.11n & Raw IP Frame Support - Network Monitor now supports monitor mode on 802.11n networks on Microsoft Windows Vista SP1 and later operating systems as well as Raw IP Frames on Microsoft Windows 7. Raw IP interfaces provide traffic from the IP level up. Network Monitor 3.4 now supports seeing this traffic properly from those types of interfaces in Windows 7.
- API Updates – We’ve added support for the new profile sets in the API so you can take advantage of this new feature. You can also create Driver Level filters using an offset/pattern match. This performance enhancement can provide even great capture speeds with less process overhead. Check out the Help file for full details about the new API.
