Microsoft Network Monitor is a packet analyzer for Windows that allows users to analyze network packets and protocols. The tool can help to diagnose performance issues within a network.

Microsoft has archived the tool and it’s no longer under development. Although Microsoft moved users over to their Microsoft Message Analyzer (MMA) for updated parser support, it too was also retired in November of 2019.

While both tools had their uses and fans, there are many other alternative packet analyzers on the market that provide a similar if not better monitoring experience.

Here is our list of seven best Microsoft Network Monitor alternatives:

  • SolarWinds NetFlow Traffic Analyzer EDITOR’S CHOICE Our top pick is based on its ease of use. A network packet analyzer with a web-based GUI with support for NetFlow, sFlow, J-Flow, IPFIX, and NetStream. Try it risk-free on a 30-day free trial.
  • ManageEngine NetFlow Analyzer (FREE TRIAL) A live monitoring tool for network traffic flows that includes analysis and capacity planning features. Available for Windows Server and Linux.
  • Paessler PRTG Network Monitor (FREE TRIAL) Unified network monitoring tool and packet analyzer that supports IP, TCP, and UDP traffic.
  • Wireshark Open-source packet analyzer for Windows and UNIX with filters, and packet colorization.
  • WinPcap Packet analysis tool and a programming interface that was used to create the same filtering engine used by Wireshark and Nmap.
  • Colasoft Capsa Free packet capture software that can monitor traffic in real-time with TCP flow analysis and VoIP analysis.
  • Tcpdump Command-line-based packet analyzer that allows you to run basic network scans.

Microsoft Network Monitor Alternatives

The following tools are ranked according to their ease of implementation, usability, and overall reliability.

Our methodology for selecting an alternative to Microsoft Network Monitor 

We reviewed the market for network monitoring systems like Microsoft Network Monitor and analyzed tools based on the following criteria:

  • An easy-to-use package with a good graphical user interface
  • Live graphs that show network activity
  • Traffic flow statistics from several points on the network
  • The ability to communicate with switches and routers to extract data
  • Network discovery
  • A free trial, a demo, or a free tool for a cost-free assessment
  • A free tool that provides valuable insights into the network activity or a value-for-money paid tool

With these selection criteria in mind, we identified a number of network monitoring systems that will more than replace the functionality that was offered by Microsoft Network Monitor.

1. SolarWinds NetFlow Traffic Analyzer (FREE TRIAL)

SolarWinds NetFlow Traffic Analyzer is a web-based network packet analyzer that allows you to monitor network protocols and traffic. It supports multiple protocol types including NetFlow, sFlow, J-Flow, IPFIX, and NetStream. Traffic can be viewed through the dashboard, which displays application traffic. For example, you can view the Top 5 Applications as a graph or the Top 10 Applications as a pie chart.

Key Features

  • On-premises package
  • Communicates with switches and routers
  • Uses NetFlow, sFlow, J-Flow, IPFIX, and NetStream
  • Integrates with a performance monitor
  • Alerts for problems

If you want to take a closer look at performance data then you can use the custom network traffic reports to view performance data. Creating a report on historical data can help you see if there are any long-term performance trends that you need to be aware of.

Alerts keep you notified if there is an abnormal amount of traffic traveling through the network. Alerts are invaluable for giving you a heads up so that you can check out whether the usage has temporarily peaked or indicated something more malicious such as a DDoS attack).

SolarWinds NetFlow Traffic Analyzer is one of the top Microsoft Network Monitor alternatives because it provides complete visibility over network users and protocols. It has the right balance of simplicity and customization to support most enterprises. Prices start at $1,945 (£1,516) You can download the 30-day free trial

Pros:

  • Excellent user interface, easy to navigate, and remains uncluttered even when used on high volume networks
  • Supports multiple networking technologies such as Cisco Netflow, Juniper Networks J-Flow, and Huawei Netstream, making it a hardware-agnostic solution
  • Pre-built templates allow you to pull insights from packet capture right away
  • Installs on Windows as well as on multiple flavors of Linux
  • Built for the enterprise, offers SLA tracking and monitoring features

Cons:

  • Built for enterprise companies who process a lot of data, not the best fit for small LANs or home users

2. ManageEngine NetFlow Analyzer (FREE TRIAL)

EDITOR’S CHOICE

The NetFlow Traffic Analyzer leads the pack as it can capture and analyze data from a host of vendors, provide alerts for changes in flow data, assists in troubleshooting malformed or malicious traffic.

The dashboard is one of the best we’ve seen as it has an uncanny ability to turn raw data into charts and tables. This tool will help you stay on top of anything irregular traffic from devices on your network.

Get 30 Day Free Trial: solarwinds.com/netflow-traffic-analyzer

OS: Windows Server 2016 or 2019

ManageEngine NetFlow Analyzer is a bandwidth monitor that identifies the capacity of each link on your network and then watches traffic flows to see whether any stretches are approaching overloading.

  • On-premises system for Windows Server and Linux
  • Uses NetFlow, sFlow, J-Flow, IPFIX, NetStream, AppFlow, and FNF protocols
  • Displays traffic problems
  • Alerts to attract technicians

This tool doesn’t look at the cable – network cable can’t provide feedback. Instead, it examines the interfaces of the switches on the network. Each switch logs all of its throughput capacity as it copies data from one port to another. The NetFlow Analyzer extracts this data as it gets recorded on the switch.

Switches communicate their traffic statistics through a built-in query language and different manufacturers use different standards for this function. NetFlow Analyzer can communicate with the NetFlow, sFlow, J-Flow, IPFIX, NetStream, AppFlow, and FNF protocols. Those statistics break down by source and destination and also protocol, so the NetFlow Analyzer dashboard is able to show segmented data as well as overall traffic statistics.

The traffic analysis protocols used by switches also enable the NetFlow Analyzer to extract passing packet headers, either as a flow or as samples. The NetFlow Analyzer includes packet analysis screens that enable you to sort and filer packet headers to identify traffic from specific sources or applications. It can also highlight the exchanges in conversations between two endpoints.

The NetFlow Analyzer is a software package that installs on Windows Server and Linux. It is available in three editions: Free, Essential, and Enterprise. The Free edition is limited to monitoring only two interfaces. The Essential edition is designed to monitor a single site and multi-site businesses should opt for the Enterprise edition because that has distributed monitoring capabilities. You can get a 30-day free trial of ManageEngine NetFlow Analyzer.

  • Supports multiple protocols like NetFlow, great for monitoring Cisco equipment

  • Both tools work well alongside each other to help view traffic patterns and bandwidth usage

  • Easy to use interface automatically highlights bandwidth hogs and other network traffic outliers

  • Can proactively monitor switch port status to identify failing ports and misconfigurations

  • Built for enterprise use, not designed for small home networks

ManageEngine NetFlow Analyzer Fully Functional Free 30 Days Trial

3. Paessler PRTG Network Monitor (FREE TRIAL)

Paessler PRTG Network Monitor is a unified network monitoring tool for Windows that can capture packets. It can monitor IP, UDP, and TCP traffic throughout your network. The software supports a handful of protocol types including NetFlow, IPFIX, sFlow, and jFlow.

  • Monitors networks, servers, and applications
  • Uses NetFlow, IPFIX, sFlow, and jFlow protocols
  • Live traffic throughput graphs

Configuring PRTG is easy, but you need to set up sensors first before you can monitor anything. For packet sniffing, you can use the preconfigured Packet Sniffer Sensor, which can monitor total traffic, web traffic, mail traffic, infrastructure traffic, UDP traffic, and TCP traffic. There are also sensors for other protocols included out-of-the-box (although you can design your own if you wish).

So you don’t miss any performance issues, PRTG has an alerts system. The user configures alert conditions by selecting thresholds and then the software generates a notification if a sensor matches that criteria. Notifications can be sent through a variety of means including email, SMS, push notifications, Slack messages, Microsoft teams messages, and more.

Paessler PRTG Network Monitor is an ideal packet analyzer for those who want a general network monitoring solution as well. There is a freeware version that supports up to 100 sensors. Paid versions start at $1,600 (£1,247) for 500 sensors. You can download the 30-day free trial.

  • Designed to be an infrastructure monitoring tool that supports multiple sensors types such as NetFlow, sFlow, and J-Flow

  • Offers additional monitoring on the same platform, supporting infrastructure, network, and application performance monitoring

  • Supports multiple channels and integrations for alerts

  • Uses easy to read graphing for traffic visualization

  • A very detailed platform takes time to learn and fully utilize all of the features available

Paessler PRTG Network Monitor Download 30-day FREE Trial

See also: Full Paessler PRTG Network Monitor Review

4. Wireshark

Wireshark is perhaps the most widely used open-source packet analyzer on the market. With Wireshark, you can conduct deep packet inspection of network traffic captured from network interfaces and monitor the results through an intuitive GUI. The platform enables you to monitor live captures and offline data with the assistance of color-coding.

  • Free to use
  • Packet analyzer
  • Uses coloring rules to highlight traffic patterns

Color coding highlights different types of traffic in different colors. For example, TCP, UDP, ICMP, HTTP, and ARP packets each have a different color so you can easily differentiate different types of traffic when scanning your network. These rules can be changed by editing Coloring Rules, which allows the user to customize how traffic is displayed.

Filters enable you to search through the packets that you’ve captured and narrow down to certain protocol types. There are two types of filters; display filters and capture filters. Display filters allow you to filter information that you’ve already captured and capture filters allow you to filter the information that you’re capturing.

Wireshark is highly recommended for users who want an open-source packet capture tool that’s easy to use. The user experience holds up against the very best tools and is one of the top Microsoft Network Monitor alternatives. It’s available for Windows, Linux, macOS, Solaris, FreeBSD, NetBSD, and more. You can download the software for free.

  • One of the most popular packet analyzer tools, with a massive community

  • An open-source project that adds new features and plugins

  • Supports packet collection and analysis in the same program

  • Completely free

  • Has a steep learning curve, designed for network professionals

  • Filtering can take time to learn, collects everything by default which can be overwhelming without filters in place

5. WinPcap

WinPcap is a packet analysis tool and a programming interface that can capture packets and then filter these packets according to rules. WinPcap’s filtering engine has been used by many of the top networking products including Wireshark and Nmap. The platform offers kernel-level filtering and partial packet copy to help the user monitor traffic more efficiently.

  • Widely used for packet capture
  • Feeds through to analysis tools
  • Lightweight and efficient

One of the main advantages of working with WinPcap is the level of documentation there is available online. An extensive online user manual explains how to use the program and provides step-by-step tutorials. The high amount of resources is particularly useful to new users who want to learn how to use the program. However, it’s important to note that the program is no longer being maintained.

WinPcap is essentially the Windows version of libpcap. It is recommended to users who want a basic, free packet capture solution. The solution is available for Windows NT4, 2000, XP, 2003, Vista, 2008, Win7, 2008 R2, and 8. You can download the program from this link here.

  • Lightweight tool, uses very little resources

  • Extensive documentation and KB articles are available

  • Incredibly efficient traffic monitoring, performs well even at scale

  • The program is no longer officially supported

  • Designed for professionals, has a steeper learning curve than other tools

6. Colasoft Capsa

Colasoft Capsa is a free packet capture tool for Windows that allows you to monitor network performance in real-time. The software can monitor over 1800 different protocols giving you deep visibility into the conversations going on throughout your network. Through the dashboard, you can view an overview of performance with the assistance of charts and graphs.

  • Free to use on Windows
  • Graphs with traffic information
  • VoIP analysis

The analysis features are wide-ranging. TCP flow analysis allows you to troubleshoot the cause of a slow network and VoIP analysis lets you analyze VoIP calls for performance issues. These give you the ability to take a microscope to the issues most relevant to your environment.

A key advantage of Colasoft Capsa has over Microsoft Network Monitor alternatives is its network security analysis capabilities. The tool can detect DoS attacks, worms, ARP attacks, TCP port scanning, and other malicious activities that could derail your network. You also have the assistance of email and audio alerts to let you know when something happens that needs your attention.

Colasoft Capsa is a solid packet capture tool for enterprises of all sizes. The free version called Capsa Free supports monitoring for up to 10 IP addresses. The paid version, Capsa Enterprise costs $995 (£776.04) and supports unlimited IP addresses. You can download the free trial.

  • Supports over 1800 protocols for monitoring

  • Offers analysis for VoIP performance problems

  • Insights automatically highlight potential attacks and abnormalities

  • The interface can feel cluttered, especially when monitoring larger networks

7. tcpdump

tcpdump is a packet analyzer for Linux that’s based through the command line. With tcpdump, you can run basic network scans. For example, you can scan network interfaces, save the captured packets, or capture only TCP / IP address packets.

  • Free to use on Linux
  • Packet capture
  • File packets or feed to analyzers live

tcpdump is suitable for those users who are looking for a classic packet analysis experience through the command line. If you prefer a GUI experience with more features then you’re better off trying another tool. The software is available with most Linux distributions but you can use source code as well. You can download the program here. be sure to download our tcpdump cheat sheet.

  • Open-source tool backed by a large and dedicated community

  • Lightweight application, utilizes CLI for most commands

  • Completely free

  • Isn’t as user friendly as other options

  • Uses a query language for filtering, can be challenging for new users

  • Packet capture can only be read by applications that can read pcap files, not saved in plain text files

See also: What is tcpdump?

Choosing a Microsoft Network Monitor Alternative

Our editor’s choice is SolarWinds NetFlow Traffic Analyzer, followed by Paessler PRTG Network Monitor, and Wireshark. All of these tools offer users an affordable option to monitor network packets with GUIs that offer the perspective to make sense of raw data. Other reliable tools include Colasoft Capsa and ManageEngine NetFlow Analyzer.