Microsoft Network Monitor is a packet analyzer for Windows that allows users to analyze network packets and protocols. The tool can help to diagnose performance issues within a network.
Microsoft has archived the tool and it’s no longer under development. Although Microsoft moved users over to their Microsoft Message Analyzer (MMA) for updated parser support, it too was also retired in November of 2019.
While both tools had their uses and fans, there are many other alternative packet analyzers on the market that provide a similar if not better monitoring experience.
Here is our list of seven best Microsoft Network Monitor alternatives:
- SolarWinds NetFlow Traffic Analyzer EDITOR’S CHOICE Our top pick based on its ease of use. A network packet analyzer with a web-based GUI with support for NetFlow, sFlow, J-Flow, IPFIX, and Netstream. Try it risk-free on a 30-day free trial.
- Paessler PRTG Network Monitor (FREE TRIAL) Unified network monitoring tool and packet analyzer that supports IP, TCP, and UDP traffic.
- Wireshark Open-source packet analyzer for Windows and UNIX with filters, and packet colorization.
- WinPcap Packet analysis tool and a programming interface that was used to create the same filtering engine used by Wireshark and Nmap.
- Colasoft Capsa Free packet capture software that can monitor traffic in real-time with TCP flow analysis and VoIP analysis.
- ManageEngine NetFlow Analyzer NetFlow analyzer with support for NetFlow, sFlow, IPFIX, Netstream, J-Flow, and Appflow.
- Tcpdump Command-line-based packet analyzer that allows you to run basic network scans.
Microsoft Network Monitor Alternatives
The following tools are ranked according to their ease of implementation, usability and overall reliability.
1. SolarWinds NetFlow Traffic Analyzer (FREE TRIAL)
SolarWinds NetFlow Traffic Analyzer is a web-based network packet analyzer that allows you to monitor network protocols and traffic. Itsupports multiple protocol types including NetFlow, sFlow, J-Flow, IPFIX, and Netstream. Traffic can be viewed through the dashboard, which displays application traffic. For example, you can view the Top 5 Applications as a graph or the Top 10 Applications as a pie chart.
If you want to take a closer look at performance data then you can use the custom network traffic reports to view performance data. Creating a report on historical data can help you see if there are any long-term performance trends that you need to be aware of.
Alerts keep you notified if there is an abnormal amount of traffic traveling through the network. Alerts are invaluable for giving you a heads up so that you can check out whether the usage has temporarily peaked or indicated something more malicious such as a DDoS attack).
SolarWinds NetFlow Traffic Analyzer is one of the top Microsoft Network Monitor alternatives because it provides complete visibility over network users and protocols. It has the right balance of simplicity and customization to support most enterprises. Prices start at $1,945 (£1,516) You can download the 30-day free trial
The NetFlow Traffic Analyzer leads the pack as it can capture and analyze data from a host of vendors, provide alerts for changes in flow data, assists in troubleshooting malformed or malicious traffic.
The dashboard is one of the best we’ve seen as it has an uncanny ability to turn raw data into charts and tables. This tool will help you stay on top of anything irregular traffic from devices on your network.
Get 30 Day Free Trial: solarwinds.com/netflow-traffic-analyzer
OS: Windows Server 2016 or 2019
2. Paessler PRTG Network Monitor (FREE TRIAL)
Paessler PRTG Network Monitor is a unified network monitoring tool for Windows that can capture packets. It can monitor IP, UDP, and TCP traffic throughout your network. The software supports a handful of protocol types including NetFlow, IPFIX, sFlow, and jFlow.
Configuring PRTG is easy, but you need to set up sensors first before you can monitor anything. For packet sniffing, you can use the preconfigured Packet Sniffer Sensor, which can monitor total traffic, web traffic, mail traffic, infrastructure traffic, UDP traffic, and TCP traffic. There are also sensors for other protocols included out-of-the-box (although you can design your own if you wish).
So you don’t miss any performance issues, PRTG has an alerts system. The user configures alert conditions by selecting thresholds and then the software generates a notification if a sensor matches that criteria. Notifications can be sent through a variety of means including email, SMS, push notifications, Slack messages, Microsoft teams messages, and more.
Paessler PRTG Network Monitor is an ideal packet analyzer for those who want a general network monitoring solution as well. There is a freeware version that supports up to 100 sensors. Paid versions start at $1,600 (£1,247) for 500 sensors. You can download the 30-day free trial.
Wireshark is perhaps the most widely used open-source packet analyzer on the market. With Wireshark, you can conduct deep packet inspection of network traffic captured from network interfaces and monitor the results through an intuitive GUI. The platform enables you to monitor live captures and offline data with the assistance of color-coding.
Color coding highlights different types of traffic in different colors. For example, TCP, UDP, ICMP, HTTP, and ARP packets each have a different color so you can easily differentiate different types of traffic when scanning your network. These rules can be changed by editing Coloring Rules, which allows the user to customize how traffic is displayed.
Filters enable you to search through the packets that you’ve captured and narrow-down to certain protocol types. There are two types of filters; display filters and capture filters. Display filters allow you to filter information that you’ve already captured and capture filters allow you to filter the information that you’re capturing.
Wireshark is highly recommended for users who want an open-source packet capture tool that’s easy to use. The user experience holds up against the very best tools and is one of the top Microsoft Network Monitor alternatives. It’s available for Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and more. You can download the software for free.
WinPcap is a packet analysis tool and a programming interface that can capture packets and then filter these packets according to rules. WinPcap’s filtering engine has been used by many of the top networking products including Wireshark and Nmap. The platform offers kernel-level filtering and partial packet copy to help the user monitor traffic more efficiently.
One of the main advantages of working with WinPcap is the level of documentation there is available online. An extensive online user manual explains how to use the program and provides step-by-step tutorials. The high amount of resources is particularly useful to new users who want to learn how to use the program. However, it’s important to note that the program is no longer being maintained.
WinPcap is essentially the Windows version of libpcap. It is recommended to users who want a basic, free packet capture solution. The solution is available for Windows NT4, 2000, XP, 2003, Vista, 2008, Win7, 2008 R2, and 8. You can download the program from this link here.
5. Colasoft Capsa
Colasoft Capsa is a free packet capture tool for Windows that allows you to monitor network performance in real-time. The software can monitor over 1800 different protocols giving you deep visibility into the conversations going on throughout your network. Through the dashboard, you can view an overview of performance with the assistance of charts and graphs.
The analysis features are wide-ranging. TCP flow analysis allows you to troubleshoot the cause of a slow network and VoIP analysis lets you analyze VoIP calls for performance issues. These give you the ability to take a microscope to the issues most relevant to your environment.
A key advantage of Colasoft Capsa has over Microsoft Network Monitor alternatives is its network security analysis capabilities. The tool can detect DoS attacks, worms, ARP attacks, TCP port scanning, and other malicious activities that could derail your network. You also have the assistance of email and audio alerts to let you know when something happens that needs your attention.
Colasoft Capsa is a solid packet capture tool for enterprises of all sizes. The free version called Capsa Free supports monitoring for up to 10 IP addresses. The paid version, Capsa Enterprise costs $995 (£776.04) and supports unlimited IP addresses. You can download the free trial.
6. ManageEngine NetFlow Analyzer
ManageEngine NetFlow Analyzer is a traffic analysis tool for Windows and Linux that supports NetFlow, sFlow, IPFIX, Netstream, J-Flow, and Appflow. The software enables you to monitor network performance in detail. Through the NetFlow Analyzer Dashboard, you can view a breakdown of the top applications and protocols used throughout your network, complete with visual displays. The dashboard can be customized with widgets of your choice.
Reports enable you to view more details on how bandwidth is consumed between different users and applications. Reports make it easier to see the top talkers who consume the most bandwidth with compare reports that let you compare the performance of multiple devices at once. If there’s a problem you can use troubleshooting reports to analyze historic usage and diagnose the cause of usage spikes.
You can also monitor through the use of alerts. The alerts system is threshold-based so you can set traffic parameters to receive notifications if network usage matches certain criteria. For example, you can set a bandwidth utilization limit for a device group and receive an alert when this limit has been exceeded.
ManageEngine NetFlow Analyzer is a packet analysis tool recommended to users looking for a proprietary platform with a polished GUI. Pricing starts at $595 (£464) for the Essential version, which supports one network and up to 50,000 flows. You can download a free trial.
tcpdump is a packet analyzer for Linux that’s based through the command line. With tcpdump, you can run basic network scans. For example, you can scan network interfaces, save the captured packets, or capture only TCP / IP address packets.
tcpdump is suitable for those users who are looking for a classic packet analysis experience through the command line. If you prefer a GUI experience with more features then you’re better off trying another tool. The software is available with most Linux distributions but you can use source code as well. You can download the program here.
Choosing a Microsoft Network Monitor Alternative
Our editor’s choice is SolarWinds NetFlow Traffic Analyzer, followed by Paessler PRTG Network Monitor, and Wireshark. All of these tools offer users an affordable option to monitor network packets with GUIs that offer the perspective to make sense of raw data. Other reliable tools include Colasoft Capsa and ManageEngine NetFlow Analyzer.