TamoSoft: Network Analysis Tools & Security Software
Contents

LAN Analyzer and Protocol Decoder - CommView
Site Survey Tool - TamoGraph Next Page
 
Introduction
About CommView
What's New
Using the Program
Overview
Selecting Network Interface for Monitoring
Latest IP Connections
Packets
Logging
Viewing Logs
Rules
Advanced Rules
Alarms
Reconstructing TCP Sessions
Reconstructing UDP Streams
Searching Packets
Statistics and Reports
Using Aliases
Packet Generator
Visual Packet Builder
NIC Vendor Identifier
Scheduler
Using Remote Agent
Using RPCAP
Capturing Loopback Traffic
Port Reference
Setting Options
Frequently Asked Questions
VoIP Analysis
Introduction
Working with VoIP Analyzer
SIP and H.323 Sessions
RTP Streams
Registrations
Endpoints
Errors
Call Logging
Reports
Call Playback
Viewing VoIP Logs
Working with Lists in VoIP Analyzer
NVF Files
Advanced Topics
Capturing High Volume Traffic
Working with Multiple Instances
Running CommView in Invisible Mode
Command Line Parameters
Exchanging Data with Your Application
Custom Decoding
CommView Log Files Format
Information
How to Purchase CommView
Contacting Us

Using Remote Agent

CommView Remote Agent is a companion product that can be used for monitoring network traffic remotely. All you have to do is to install Remote Agent on the target computer, and then use CommView to connect to Remote Agent. Once you are connected and authenticated, you can start monitoring as if you were there.

 

Important: This chapter describes how to use CommView to connect to Remote Agent and capture traffic remotely. For detailed information on Remote Agent installation and configuration, please refer to the help file that comes with Remote Agent. It is highly recommended that you carefully read the Remote Agent documentation prior to using it. CommView Remote Agent can be downloaded from our site.

 

To switch to remote monitoring mode, click File => Remote Monitoring Mode. An additional toolbar will appear in the CommView main window next to the main toolbar. If you are behind a firewall or proxy server, or using a non-standard Remote Agent port, you may need to click on the Advanced Network Settings button to change the port number and/or enter SOCKS5 proxy server settings.

 

remote1

 

Click on the New Remote Agent Connection button to establish a new connection, or click on the Load Remote Agent Profile toolbar button to load a previously saved Remote Agent connection profile. A previously saved profile may also be loaded from the New Remote Agent Connection window.

 

A Remote Agent Connection window will appear where you can enter the IP address of the computer running CommView Remote Agent into the IP address input area, enter the connection password and click on the Connect button, and if the password is correct, a connection will be established. You will then see the Link Ready message in the status bar, and the adapter selection box will list the remote computer's adapters.

 

remote2

 

Now is the best time to configure the capturing rules using the Rules tab. It's very important to configure the rules correctly so that the volume of traffic between the Remote Agent and CommView doesn't exceed the bandwidth limit on either side of the connection, or you will experience noticeable lag. Be sure to filter out unnecessary packets (see more on this topic below). You can also apply a custom set of capturing rules to this connection and override the current rules defined in CommView by checking the Override current rule set box, clicking on the Edit Formula button and entering the rules formula in the field below. The formula syntax is the same as the one used in Advanced Rules. Once you're ready to start monitoring, select the network adapter from the list and click the Start Capture toolbar button. CommView allows you to save the Remote Agent Connection settings as a connection profile for quick and easy access in the future. Click on the Save Remote Agent profile toolbar button in the New Remote Agent Connection window and enter a name for the file.

 

remote3

 

CommView will start to capture the remote computer's traffic as if it's your local network traffic; there is virtually no difference between using CommView locally and remotely. When you are done with remote monitoring, just click on the Stop Capture toolbar button. You can then change the adapter or disconnect from Remote Agent by clicking the Disconnect toolbar button. To return to the standard mode, click File => Remote Monitoring Mode, and the additional toolbar will disappear.

 

Please note that CommView can work with multiple Remote Agents simultaneously. You can open several remote connections, each having its own settings and an independent set of rules and collect the traffic from remote network segments in one CommView instance.