+5 votes
582 views
How to install and use Microsoft Network Monitor 3.4

in VPN and Routing by (552k points)
reopened | 582 views

1 Answer

+3 votes
Best answer

1. How to install and use Microsoft Network Monitor 3.4
2. How to use filters in Microsoft Network Monitor
3. Microsoft Network Monitor usage parameters

Network administration is one of the essential keys in any organization (regardless of its size) since the network plays a crucial role in all kinds of internal and external processes such as:

  • Sending and receiving mails
  • System updates
  • Download applications
  • Online connectivity and much more

Networks have a series of variables that together can become complex to manage, such as protocols, structures, devices or environments. There are hundreds of tools that have been created to help administrators control and manage networks, but today we will talk about a proprietary utility of Microsoft called Microsoft Network Monitor in version 3.4..

What is Microsoft Network Monitor
It is basically a utility developed as a protocol analyzer with which it is possible to carry out routine tasks such as:
  • Capture, view and analyze data from the local or external network
  • Solve problems with applications on the network or devices integrated in the architecture
Advantages
By using this free Microsoft utility we will have advantages such as:
  • It integrates a script analyzer model with updates that are carried out with rapid frequency.
  • We can use simultaneous sessions for the live capture of the transported packages.
  • It has support for 32-bit and 64-bit platforms.
  • Supports network analysis and process monitoring.
  • Enhancements to the scanner configuration manager as it now allows simple switching between scanner settings using the button on the Analyzer Profiles toolbar.
  • Add an API to have access to the packet capture and analysis engine.
  • It integrates a column manager with which the column layout will be opened based on the type of file that is opened.
  • Improvements in color rules for protocols.
  • With this version we can define the bandwidth to use for data capture.
  • New window layout dropdown menu.
  • Compatible with 802.11n and Raw IP Frame protocols.
  • Option to track processes in NMCap.
  • New in the UTC timestamps since now all the information related to the worked time zone will be captured and saved.
  • High performance filters.
Aspects to consider
There are some conditions that we must take into account when we use this application at the level of equipment components such as:
  • Memory usage : the tool adds a conversations function which can significantly increase memory usage in the system, this is because the top-level protocol filters request access to the conversation properties.
  • Hard Drive Space : When a capture session occurs, the Network Monitor utility will store frames using a sequence of capture files in the \ Temp folder. Each of these files is 20 MB by default. If we do not stop capturing, the tool will continue to create these files only until the available disk space is less than 2 percent, which is a critical storage point.
  • CPU use : in the network conversation mode we can get to use a high percentage of the CPU, so TechnoWikis recommends that you take the necessary precautions.

The Microsoft Network Monitor 3.4 utility can be downloaded for free at the following link:

Microsoft Network Monitor 3.4

1. How to install and use Microsoft Network Monitor 3.4

Step 1

Once we download the utility we proceed to its execution and the following warning will be launched:

image

Step 2

We click "Yes" to confirm the installation process:

image

Step 3

We click Next and follow the steps of the wizard:

image

Step 4

We click on “Finish” and the installer of the network conversation functions will be launched:

image

Step 5

Once the process ends we can access the utility where we will see the following:

image

Step 6

To start our process we will click on the line "New capture tab" or directly click on the button "New capture" where we will see the following:

image

Step 7

To give way to the capture and monitoring process we click on the "Start" button and we may see the following error:

image

Step 8

In this case we must run the application as administrators and this time pressing "Start" will start the process: image
Step 9

We can see on the left side the "Network Conversations" which are the various apps that have associated network use. For example, we can click on Skype to view all the network aspects that it is managing at the moment: image
Step 10

Now, in the central console we have various columns, some of them are:
  • Frame Number: is the ID of the detected object
  • Time Date Local Adjusted: is the date and time when the detection was made
  • Process Name: indicates the real name of the selected process
  • Source: is the resource where the process is hosted
  • Destination: destination IP
  • Protocol Name: is the protocol currently used
  • Description: references the entire route implemented by said process

2. How to use filters in Microsoft Network Monitor


For a simpler administration we can apply specific filters by protocols and thus focus on something special.
Step 1

For this we click on the "Load Filter" button and then we can choose the desired option from "Standard Filters":

image

Step 2

Once we define the filters we can see that the sequence of them is created in the upper column: image

After this we click on “Apply” to see the results of said filter:

image
Note
To remove the filter we click on the “Remove” button.
Step 4

Alternately we can create our custom filters. For this we go to the column where the filters are entered (upper column) and there we enter the name of the protocol followed by a dot (.) And automatically the filtering suggestions will be launched:

image

Step 5

There we can add the desired filters, for example:
 DNS.QuestionCount AND DNS.ARecord.TimeToLive == 20 

image


3. Microsoft Network Monitor usage parameters


For this case we have some options that allow us to obtain a much more complete visualization of the collected information.
Step 1

For example, from "Columns" we can select which data columns will be displayed:

image

Step 2

From the "Tools - Options" menu we access a series of variables such as:
In the "General" tab we can activate options such as the display of headings, NPL structure or frame summary:

image

Step 3

From the “Capture” tab it will be possible to define the temporary size of each capture, define the temporary folder, specify in what percentage of disk the capture should stop, record the filter capture and more:

image

Step 4

In the tab #Color Rules ”we have the opportunity to specify color rules for the protocols:

image

Step 5

In the "Parser Profiles" tab we find the current versions of use and it is possible to add more if we want:

image

Step 6

In the "Updates" tab we can find updates for the network monitor:

image

Step 7

Network Monitor offers us some visualization options based on the use we give it, we have the simple option, developer or diagnostic:

image

Step 8

From the "Capture Settings" button we can specify which network cards will be linked to the analysis:

image

With this we have a simple tool, but with which to perform the network analysis will be something simple, but totally comprehensive and functional.


by (3.5m points)
edited

Related questions

+3 votes
1 answer
+3 votes
1 answer
asked Sep 22, 2019 in Linux / Unix by backtothefuture (552k points) | 236 views
+5 votes
1 answer
+3 votes
1 answer
+4 votes
1 answer
Sponsored articles cost $40 per post. You can contact us via Feedback

Most popular questions within the last 30 days

10,659 questions
10,791 answers
510 comments
3 users