Freigeben über


Network Monitor 3.4 Beta Released on Connect!

We are extremely excited to announce that the Network Monitor 3.4 Beta has released on Connect. If you haven't done so already, please sign-up (for free) and help us test the new version while exploring it. There are some great new features, UI enhancements, performance updates, and new APIs. Let's take a quick gander and see what's new.

UI Enhancements

Our focus in this arena was to provide a better user experience and make some great features easier to find. In that respect there are a few more buttons which make things like Color Rules, Aliases, and Columns easier to locate. And now we provide text next to each icon so that you no longer have to guess at what the hieroglyphic means. We also wanted to make it easier to customize the UI, as we understand there are many different ways you use our product. Let's highlight a few specifics:

  • Window Layouts - We now include 3 different, completely customizable layouts. Need more horizontal real-estate? Use the Diagnostic layout to use the full width of the screen to view the most columns possible. Don't like the way a layout looks? Then customize the layout by moving windows around. See our Customizing the User Interface blog for more information.
  • Column Management and Layouts - Besides making it dead simple to find the column customizer, we provide a set of column layouts that you can customize and switch between. Part of the reason for these layouts to support our new UTC Timestamp feature, explained below. But better yet, there are some trouble shooter layouts to help look at data from the TCP or HTTP layers.

For instance for the TCP Troubleshooter:

clip_image002

And for the HTTP Troubleshooter:

clip_image004

You can also customize any of these layouts to suit any need and save them for later.

  • Color Rules - Again we created a button upfront so our color feature is exposed and simple to access. But we also made it possible share color rule sets by exporting your color rules. Now you can create a color rule set to highlight a problem and share that along with the trace.

clip_image006

Creating a color rule is as easy as creating a display filter. Just right click on a field in the frame details and select, "Add Selected Value as Color Rule."

clip_image008

We’ll have some more information on using Color Rules effectively in our next guest Blog.

  • "Live" Experts - Previously you could only run experts on a saved trace. This limited the usability of experts and many folks complained that they couldn't find the menu item. So now we enable this feature on "Live" captures by creating a snapshot of the data before launching the expert. You’ll just be prompted to save your capture before the Expert runs.
  • Fixed-Width Font - We've heard that you want to view your frame summary information as a fixed width font. Enabling this feature allows you to look at data so that it lines up and is much easier to track with the eye, especially when looking for differences.

Performance Enhancements

In our continued effort to provide faster analysis and processing power, we have provided some new features which enhance your performance and help you get your work done more quickly.

  • Parser Configuration Management - Parser performance has always been a nagging issue. The more complete the parsing, the slower the performance. And switching to a simpler parser set required some acrobatics not easily accessible by mere mortals. Now switching between parsers sets is as easy as choosing one from the Parser Profiles drop down menu.

clip_image010

And not only is it easy, it's fast! We actually pre-build each of the default parser sets during the install. Furthermore, any parser sets you customize and make your own are also cached. So, you can use the Default or Faster Parsing set to drill down, and once you've narrowed your search down you can quickly switch to a more complete parser set to see the details.

If you have made customizations in the past, you will have to build parser sets for those. But even that process has improved. You can create parser sets based on existing ones. And when you create a new customized parser set, your local parsers directory under "Network Monitor 3" is automatically included.

clip_image012

  • High Performance Filtering - So you're trying to capture a trace from your tricked out, 1gig network connected, File/SQL/HTTP server. But the traffic is coming in so quickly that you drop frames left and right. Using a High Performance Filter may be the solution for you. Using a limited set of fully qualified filters, (like Frame.Ethernet.IPv4.TCP.Port == 8080), you can attempt to filter out more of the incoming traffic before it reaches the disk. This way you avoid the disk load to the system from buffering in situations where you are interested in a fraction of the total traffic. Please review the documentation in our Help file for more details. You can also find some example filters in the Standard Filters under NM34 High Perf Capture. We'll have a blog that talks specifically about this feature in the near future.
  • High-precision Timestamps - In the past our driver didn't use the highest precision time stamp possible. Now instead of seeing a bunch of frames the same time, they appear with more granular time stamps.

clip_image014

Other Features

While I'm not going to mention every little feature we've added, here are a couple more of the most notable additions. You can review the release notes in the help directory for a full list and explore the UI to see what else has been updated.

  • Process Tracking in NMCap - By adding the /CaptureProcesses switch to NMCap you can capture process information just like the UI.
  • UTC Timestamps - One problem in the past with captures is that the time stamp was always based on the time zone where it was taken. This made it difficult to compare time stamps with data, for instance Event Logs, whose time stamps are displayed relative to your local time zone. You now have the option to view new traces taken with Network Monitor 3.4 using UTC relative timestamps. As I mentioned above, the column layout feature is related. When you open a capture we detect the capture file format and pick the appropriate column layout. But if you need the view the trace with the old behavior for new 3.4 traces, you can always manually select the 3.3 column layout.
  • 802.11n & Raw IP Frame Support - Network Monitor now supports monitor mode on 802.11n networks on Microsoft Windows Vista SP1 and later operating systems as well as Raw IP Frames on Microsoft Windows 7. Raw IP interfaces provide traffic from the IP level up.  Network Monitor 3.4 now supports seeing this traffic properly from those types of interfaces in Windows 7.
  • API Updates - We've added support for the new profile sets in the API so you can take advantage of this new feature. You can also create Driver Level filters using an offset/pattern match. This performance enhancement can provide even great capture speeds with less process overhead. Check out the Help file for full details about the new API.

Join our Connect Community and Download the Beta

Access to the Beta does require that you join our "Network Monitor 3" Connection. But don’t worry, it’s free! And it’s really quick if you already have a Windows Live ID. Once you become a member you get access to the latest Beta's and occasional News Letters (if you opt-in) letting you know what is going on. As a member you can also help us improve the product by filing bug reports for problems you encounter. Hope you enjoy the new version and we look forward to your feedback and reports!

Comments

  • Anonymous
    January 01, 2003
    Are you a member of connect and connected with your LiveID?  If so, are you a member of our connection?  If you are it should show up on your dash board, if not, please join our connection by looking for "Network Monitor 3" in the list.  For further help please ask in our forums (social.technet.microsoft.com/.../threads) Thanks, Paul

  • Anonymous
    January 01, 2003
    We also just released a power point slide show that shows all the new features.  So join our connection and download today! https://connect.microsoft.com/site/sitehome.aspx?SiteID=216

  • Anonymous
    January 01, 2003
    The comment has been removed

  • Anonymous
    January 01, 2003
    Thanks for this latest update Paul. Good to see you are still developing new versions of this tool. After a year or so I was beginnning to wionder...:) Lots of great stuff in here reading the Powerpoint presentation of this. Glad to see there is more http troubleshoting stuff in there. Being a IIS web consultant I need tool like this a lot. It was a hassle ncily get the http traffic in teh old version I have great expectations for 3.4. Obviously I know it is MS policy not to give timelines for new releases but if you will so cheeky to answer what ballpark for a full release. I might just go ahead and install on production boxes anyway as I am configure a new build for serveral farms and envionrments atm.

  • Anonymous
    January 01, 2003
    why  can't i download NM3.4beta? Download page for NM3.4beta can't be opened. Error appears,ID: 73694f15-165a-4824-9ea6-467e9b45dbf1 (My English is not good, hope you can understand what I mean)

  • Anonymous
    January 01, 2003
    Assuming no unforseen issues, we hope to release in the next few weeks. Let us know your feedback, there's always a future version in the works. :)

  • Anonymous
    January 01, 2003
    If you want to give us feedback on the NM3.4 beta, please take our survery on Connect. http://go.microsoft.com/fwlink/?LinkID=142458

  • Anonymous
    January 01, 2003
    Thanks, paul. Error occurs because I did not apply for Network Monitor 3 project. In your reminder, the problem has been solved, thank you again.

  • Anonymous
    July 05, 2010
    Paul, sorry I cannot find netcap.exe which I assume is needed to run NM 3.4.  I am running Windows7 Prof.  I have used sniffer from many years before I retired.  I get the message on pressing "F5 start" of "none of the adapters are bound to netmon driver"   I must be a little on the out of touch state.