Working with Network Monitor (Part 1)

Brien M. Posey

Even though a computer network is quite reliable, sometimes problems arise. For example, a network may be slow compared to its capabilities or a device on this network may have problems communicating with another device. In such situations, an analytical tool often needs to be used. In this article, I will show you how to install and use a free analytics tool called Network Monitor.

To get Network Monitor

Strictly speaking, Network Monitor is not completely free. However, it can be considered free because it is included in another Microsoft product, in Windows Server 2003. There are two different versions of Network Monitor; Basic version and full version. Basic version is available in Windows Server 2003, and the full version is for SMS Server. Both versions allow network traffic to be analyzed, but there are some differences between the two versions. The following table shows these differences.

Features Basic Version FullPacket Capturing VersionOnly capture packets sent to and from local hostsCapture traffic from the entireCapture Remote FramessegmentSupported NotsupportedSee bandwidth consumption by protocolNotsupported SupportedView user bandwidth consumptionNotsupported SupportedChange and playback of network trafficNotsupported SupportedDifferences between routers and Network HostNot supported SupportedsupportSolving device names in MAC addressesNotsupported Supported

As you can see in the above table, there are many differences between the two versions of Network Monitor. The biggest difference is that the Basic version is only capable of analyzing the traffic sent or coming from a computer using Network Monitor, while the full version can analyze all the traffic on the whole network segment. At first this difference seemed very big but these two versions are not the same as you think.

To understand this issue you need to understand the difference between hub and switch. When networked computers are connected to a hub, all computers are in a common conflict domain. This means that when a computer transmits a packet, other computers on the network segment can see the packet. Each computer will check the destination's MAC address to see if it must receive the packet or ignore it.

The problem with using hubs is that if two computers transmit packets simultaneously, a conflict will appear, the packets will be destroyed and must be retransmitted. Therefore, networks built on hubs have low performance. Most modern networks today are designed with switches. When the computer on this network transmits a packet, the switch sees the receiving machine's MAC address and then sends the packet directly to the receiving host. This approach has overcome the problem as in the hub network that computers do not have to see this packet sent.

Using a switch instead of a hub has significantly improved network performance and security, but it also limits what can be done with the protocol analyzer. As introduced, the full version of Network Monitor can analyze all traffic across the network segment. The problem here is that the switch creates a logical segment consisting only of the sender and the receiver. Therefore, on switch networks, the full version of Network Monitor has the same limitations as the Basic version. However, Network Monitor is still a great troubleshooting tool and is also good for increasing your network knowledge. To use Network Monitor effectively, you need to secure and run it directly on the computers you are troubleshooting.

Install Basic version

The Basic version of Network Monitor is available in Windows Server 2003. Therefore, to install it, simply select Add / Remove Programs from the server's Control Panel. When you do, Windows will display the Add / Remove programs window. Click the Add / Remove Windows Components button and wait a bit Windows will launch the Windows Components Wizard. Find in the available components the Management and Monitoring Tools option . Select Management and Monitoring (do not check the box), click the Details button. Windows will display a list of different monitoring and management tools. Select the Network Monitor Tools check box and click OK . Now click Next and follow the prompts to complete the installation process. Depending on how the server is configured you may be required to provide a Windows Server 2003 installation disk.

Install the full version - Full

Installing the full version of Network Monitor is really easy. To install, simply insert the SMS Server 2003 installation disc into the CD drive and navigate through the CD's directory structure to NETMONI386 . Double click the NETMONSETUP.EXE file to start the installation wizard.

Click Next to bypass the wizard's Welcome screen, the screen will display the user's subscription agreement. After accepting the license agreement, click Next , the wizard displays the required disk space for installation and the available disk space on the machine. After making sure there is enough free disk space for installation, click Next , and Network Monitor will automatically install it. Click Finish to complete the installation process.

Network Monitor Agent

Network Monitor is primarily designed to check I / O network traffic for a computer running it (except for the Full version that allows the entire network to be tested). Sometimes you need to perform a detailed analysis of network traffic related to computers other than the computer itself running this test tool. In such a case, you should install the Network Monitor Agent (this tool is also known as the Network Monitor driver) on the computer you want to check.

The Network Monitor driver will be installed automatically when Network Monitor is installed. For example, if the computer you need to check does not install Network Monitor, the Network Monitor driver must be installed manually. The Network Monitor driver is compatible with Windows XP and Windows Server 2003.

To install Network Monitor Driver on a computer running Windows XP, open the Control Panel, click the Network and Internet Connections link , and then the Network Connections link. Now, right-click the network connection that corresponds to the NIC you want to check and select Properties from the right-click menu. When this connection's properties window appears, click the Install button, where you will be asked if you want to install Client , Service , or Protocol . Select the Protocol option and click the Add button. Finally select Network Monitor Driver from the list of available protocols and then click OK . You may be prompted to provide the Windows installation disc.

Conclude

In this article, I have explained that Network Monitor is a great tool for checking network problems. The article also shows the differences between the two versions of this tool and finally goes into the process of installing it. In Part 2, I will show you how to use Network Monitor, please continue to follow up in part two.

Working with Network Monitor (Part 2)
Working with Network Monitor (Part 3)
Working with Network Monitor (Part 4)
Working with Network Monitor (Part 5)