icon                         AnyRouter Tech, Tup Software Ltd.

___________________________________________________________________________________________________

 

User’s Manual

 

TupView 2.2

 

 

 

TUPTHANK

 

 

 

Last revised: Sept. of 2006

 

 

WWW.TUPSOFT.COM

 

 

Contents

 

 

1     Introduction. 3

2     Installation Procedure. 5

2.1      Pre-installation Preparation. 5

2.2      Installation Steps. 5

2.3      Registering TupView.. 6

3     Operation Guide. 8

3.1      Starting TupView System.. 8

3.2      Connecting to the Server.. 10

3.3      The Main Interface. 11

3.4      Host Information and Administration. 11

3.4.1       Managing Workgroups 12

3.4.2       Managing Computer Hosts 13

3.4.3       Exporting/Importing System Settings 17

3.4.4       General Filtering Settings 18

3.5      Operator Password.. 18

3.6      Monitoring Operations. 19

3.7      Looking Up Running Records and System Information. 21

3.8      Activity Restriction. 25

 

 

 

 

1         Introduction

 

 

 

The fusion of computer and communications technology is just bringing a radical structural transformation to the business society. The dimensions of this revolution are so vast that none can easily discern.  The emergence of a new networked computerized workplace will finally fulfill the mission of information integration where the weaving together of all the computers enables every authorized employee in a company to exploit fully the resources scattered all over the information environment. TupView 2.2, the latest product developed by the Tup Software Ltd., is intended to provide a topview for a small & medium business owner/executive who is in need gaining real-time insight/control over the every detailed activity on a PC host over the whole LAN. This is an essential step forward in the process of evolving a business into an organic living entity, since it abolishes space and time, making everywhere here and anytime now, for the executive (brain) to make day-to-day decisions based on the information fed by every PC host (neuron) in real time manner, with direct and remote software and hardware management over the whole organization.

 

TupView 2.2 logs every meaningful action performed on a PC host to enforce acceptable-use computing and record keeping; it generates statistical reports on software and hardware uses to give a quick glance into overall resource effectiveness and employees’ work habits; it is able to record, track, and play back continuously the screen activities appearing on a specific PC host for appropriate investigative operation; it restricts installation and use of computer applications and peripherals for the purposes of software compliance and data protection and security; and it automatically acquires the system information (both software and hardware) of PC hosts over the whole LAN for better management of information technology environment.

 

More specifically, the main functions of TupView 2.2 can be summarized as follows:

 

1)       Logging activities on a PC host in real time, so you can know what the employee is doing right now.

2)       Taking a snapshot of an active screen for further information and investigation.

3)       Tracking down and recording continuously the screen activities at a preset time interval (default 3 seconds and 4 PC hosts simultaneously).

4)       Recording the use of applications such as time opened and closed and the total running period, and giving statistical analysis on how effectively the application is used.

5)       Logging window switch events so as to calculate the active time spent on an application.

6)       Recording printing events including the user, time, file name, and total pages.

7)       Logging in detail how a file and its content are modified by an employee.

8)       Logging software and hardware changes such as when an application is deleted or a device removed, and listing the software and hardware installation details on a computer.

9)       Regulating and restricting the use of applications with a preset blocking list, and enforcing through application identification, effectively preventing bypass via renaming or application modification.

10)   Limiting the use of some hardware devices such as removable storages and CD drives for data protection.

 

2         Installation Procedure

 

 

This procedure provides instructions for installing a TupView system and its registration.

 

 

2.1         Pre-installation Preparation

 

 

(1)     Download the latest version of the TupView program from http://www.tupsoft.com/.

(2)     TupView must be installed on a PC host with one of the following operation systems, i.e., Windows 2000 Pro/2000 Server/XP/2003.

(3)     The minimum requirements for the hardware are Pentium III 500 MHz (or higher) with 256 MB memory and 1GB storage. The suggested systems are:

 

 

CPU

Memory

Free Hard Disk Space

Server (10 licenses)

Pentium IV 2.8 GHz

512 MB

20 GB

Server (100 licenses)

Pentium IV 2.8 GHz

1024 MB

40 GB

Server (>200 licenses)

Pentium IV 2.8 GHz

1024 MB

80 GB

Console

Pentium III 800 MHz or higher

512 MB

30 GB

Workstation

Pentium III 500 MHz or higher

256 MB

1 GB

 

 

 

2.2         Installation Steps

 

The TupView 2.2 package comprises three modules: the server, console, and workstation (Agent). They are independent from each other and can be installed on the same PC or separate PC hosts. The workstation (Agent) is to be installed on the PC hosts to be monitored for collecting and forwarding data; multiple consoles can be installed on different PC hosts that are used to look up the captured data; and one local area network (LAN) must have one and only one server installed for the monitoring purposes.

 

Installation of a server:

 

1)       Back up the data and files using backuptool.exe in the server installation package, if an early version of TupView had been installed (before Ver. 2.0).

2)       Download the newest package from http://www.tupsoft.com/.

3)       Double-click on the installation file and follow the instructions.

4)       After the installation, restore the settings using the backup tool.

 

Installation of consoles:

 

1)       Uninstall the existing console program.

2)       Download the newest version from http://www.tupsoft.com/

3)       Double-click on the installation file and follow the instructions.

 

Installation of workstations:

 

1)       Download the newest packages from http://www.tupsoft.com/.

2)       Double-click on the installation file and follow the instructions.

3)       There is no need to uninstall the existing program on the PC host to be monitored. Rather, download the patch and then follow the instructions to upgrade on a console.

 

 

2.3         Registering TupView

 

 

After the installation, you can go ahead to register the product at http://www.tupsoft.com/. The evaluation copy will expire in 15 days and is limited to monitoring up to 5 computers.

 

1)       Connect the console to the TupView server to be registered.

2)       Select About from the main menu and open Registration.

3)       When the following window appears, input the serial number.

 

 

4)       Press the Register button to display the license information.

 

 

 

3         Operation Guide

 

 

 

3.1         Starting TupView System

 

 

When the host computer is turned on, the TupView server will auto-start. The TupView console can be executed at any later time you want. The server module is used to store and manipulate the configuration settings and collected data from all the workstations. On a local area network where each PC host can directly visit each other, there is only one server is needed. If there are many server modules installed on a LAN, only the one started earliest will be running and the others will be deactivated.

 

After the installation, the server will run automatically without the need for a user to intervene.

 

You can also manually start the server from Services in the Administrative Tools dialog from the Windows Control Panel, as shown below.

 

fig1

 

 

After the first running, there will be two processes shown for the TupView system inside the Windows Task Manager, i.e.,

 

1)           ArServer.exe --- TupView Server Process

 

2)           ArServerDaemon.exe --- TupView Server Protection Process

 

 

 

fig2

 

Unlike TupSight, another monitoring system also developed by Tup Software Ltd., workstation modules, called the Agents, must be installed on the PC hosts to be monitored for TupView. The installed modules are so designed that they automatically hide themselves and are highly unlikely to be detected and deleted from the PC hosts. In case that it is removed from a PC host, the console will be warned of the deletion for further action.

When a host PC is turned on, the workstation will auto-start itself and cannot be stopped manually. The main task of an agent module is to collect data and forward them to the server. It consists of the application running information, network data, file action, printer activity, and PC system (software and hardware) information. Since it adopts high-speed image capture, high compression storage, and efficient remote file transmission, the workstation uses very little system resources of a PC host.

An agent module can be started and stopped via the console interface (Tools à Host à Upgrade Agent). It can be automatically upgraded via the console ever since installed on a PC host.

The console is the operation interface of the TupView system. All the functions of TupView can be realized through the interface. To run the console, Click on Start, All programs, Tupsoft TupView, and select Console.

 

fig3

 

When the console is started, a process will be added into the Windows Task Manager:

    ArConsole.exe

There will be also a TupView icon inside the Windows Toolbar, as shown below.

 

 

    fig4

 

 

3.2         Connecting to the Server

 

1)       After starting the TupView console, you need to connect it to the server from the following logon window. By default, the server is Local, user name Admin, and password blank (NULL).

 

 

2)       If the server and console are installed on different host machines, in the Server field locate/enter the IP address or hostname for the computer. The console can display IP addresses in the drop-down menu by automatically scanning the whole LAN.

3)       Enter your user ID and password, and then click Logon. (If you want to logon automatically next time, also mark the box Save the password and auto logon).

 

3.3         The Main Interface

 

 

After successfully logging on the console, the main interface will look like the above shown.

 

 

3.4         Host Information and Administration

 

 

TupView’s simple and straightforward administration panel makes it easy for the user to manage the data and information of hosts.

 

 

3.4.1        Managing Workgroups

 

 

TupView simplifies the management tasks by dividing hosts into meaningful groups, and you have the flexibility to select/combine hosts into different workgroups. Initially, TupView automatically sets up a workgroup called “Default” containing all the hosts on the LAN, and whenever a new host is detected, it will also add that host into the “Default.” The console program can scan and automatically display the workgroups it has detected. To disable this auto-scan function, you can uncheck the box of “The server will automatically scan PC hosts over the whole LAN” through the Host Info interface.

 

 

fig5

 

1)       Creating a New Workgroup

 

You can set up a new workgroup manually by doing the following:

 

1.       From the host tree list area, select Localnet and then right-click the mouse.

2.       Select Add Workgroup, enter a name, and click on OK.

 

fig6

 

 

2)       Transferring a Host to Another Workgroup

 

Whenever a new host is connected to the network, the TupView console scans automatically and moves it into a workgroup where it belongs. You can also move manually a host from one workgroup to another by doing the following:

 

1.       From the host tree list area, highlight a host (or hosts using CTRL key) and right-click the mouse to select Move Workgroup.

2.       From the sub-menu, select the destined workgroup.

 

3)       Deleting a Workgroup

 

From the host tree list area, highlight the workgroup to be deleted and click on the “Delete” button. When a workgroup is deleted, all the hosts inside the workgroup will be moved into the workgroup “Default” first. The “Default” is un-deletable by default.

 

 

3.4.2        Managing Computer Hosts

 

 

1)       Scanning Computer Hosts

 

In its first running TupView will automatically scan computer hosts over the whole LAN. You can also manually scan the network by the following steps:

 

1.       From the main menu, select Host and then click on the “Scan & Renew” button.

2.       Input the starting and ending addresses and single-click the “Begin” button on the pop-up screen.

3.       Select those hosts that you want to add from the scanned results and click on the “Confirm” button.

 

Alternately,

 

1.       You can also input an IP address on the bottom of the pop-up window, and then click on the “Acquire MAC Address” button.

2.       Input a corresponding nickname, and then click on the “Add to List” button.

3.       If the system is unable to get the MAC address for some reasons, you can also fill in manually.

 

note   Note: In the following cases, the computer hosts are not detectable:

a)       The machine has been turned off.

b)       The computer is not connected to the network.

c)       The computer and the server are not on the same network segment.

d)       The firewall settings of the computer block the scanning of the server.

 

 

fig7

 

 

2)       Modifying Host Information

 

1.       Modifying Hostnames

 

A hostname is the computer name corresponding to a specific IP address. By default, the TupView console will automatically fetch the computer name for a host.

 

Fig26 copy

 

 

You can decode the hostname manually by right-clicking a host in the host tree list area and select “Decode Name.” You can also do that from the “Host Info” window by selecting the host(s) and then hit the “Decode Name” button.

 

Due to a great variety of networking infrastructures, the console might not get the name for some reasons. If this is the case, just rename the host corresponding to the IP address by right-clicking a host in the tree list area and select “Rename” to input a name.

 

2.       Modifying IP addresses

 

When an IP address is changed for a computer host on the LAN, TupView will automatically correct the IP address on the console accordingly. This process might take about 1 min.

 

 

3.       Deleting Hosts

 

1.       From the main menu, select Tools and then Host.

2.       Highlight the host to be deleted and click on the “Delete Host” button.

 

When a workstation is deleted from the list, it does not mean the Agent program is uninstalled from the PC host. Rather, the program will not capture and forward data temporally. If you want to restart the capture at a later time, you can go to Host to select the object to be monitored (Tools à Host à Scan & Renew).

 

 

3.4.3        Exporting/Importing System Settings

 

 

When upgrading the older TupView system than Ver. 2.0 (No action is required for newer ones), the system settings of the engine must be exported and then imported again. The settings contain the information of hosts and workgroups as well, and blocking and filtering configurations.

 

Before uninstalling the engine, the settings should be downloaded first using Backup Tool.

 

 

 

Backup action is to export data or settings from the database file ArServer.mdb to a backup directory. When you have set up a backup directory, the tool will automatically back up a file everyday.

 

To import a file into the system, you simply click the Import button on the above screen.

 

3.4.4        General Filtering Settings

 

 

By default, TupView will perform the listed operations, unless you instruct otherwise. Select the settings accordingly on the following window and then click on Confirm. For instance, if you are not interested in the everyday screen activities on a specific PC, checking the “Screen Tracking” box below will greatly reduce the burdens on both the server storage (about 15 MB per day) and the CPU of the monitored PC (to 1-2% for 512 MB memory).

 

 

fig8

 

 

 

3.5         Operator Password

 

 

To change the console password, from the main menu open Tools à Password, enter the old and new one and then click on the “Confirm” button.

 

 

 

 

3.6         Monitoring Operations

 

The captured data are classified into the following categories:

 

Real-Time Log: It displays the activities on a PC host in real time so that you can know what its operator is doing right know. The logged activities include the file action, running applications, window switch, printer events, software and hardware (un)installation, online status, FTP, and Email.

 

 

fig9

 

 

Screen Monitoring: It consists of three parts: screenshot taking; screen tracking; and playing back the records.

 

1.       Screenshot Taking: It takes a screenshot for a specific PC host at a specific time.

 

fig10

 

 

2.       Screen tracking: It continually tracks one or more screens on the LAN at a given time interval. The tracking interval can be changed arbitrarily.

 

 

fig11

 

 

3.7         Looking Up Running Records and System Information

 

Printer Event: It logs the activities of both local and network printers.

 

System Information (Both Software and Hardware): It will remotely acquire the system information of PC hosts for better management of IT resources. When a physical device or application program is installed or uninstalled, the action will be logged in real time.

 

 

fig12

 

 

File Action: It records the creation of a new file and modification/deletion of an existent one.

 

 

fig13

 

 

Program Statistics: It generates the statistical report of active applications.

 

 

fig14

 

 

URL Visits: It gives the percentage report of website visits.

 

Flow Analysis: It calculates the data flow of each PC host and gives the online statistics.

 

Each statistical report can be shown in the form of tables, pie charts, and column graphs.

 

fig15

fig16

 

3.8         Activity Restriction

 

The computer activities can be limited or blocked in the following ways:

 

1.       Blocking Programs

2.       Blocking Devices

3.       Limiting Data Flow

4.       Blocking URLs

5.       Blocking Emails

6.       Blocking Ports

 

fig17

 

 

The computer can be controlled in the following ways:

 

1.       Locking Computer

2.       Unlocking Computer

3.       Logging Off User

4.       Restarting Computer

5.       Shutting Down Computer

 

Before performing the operations, the operator will be prompted to input a password.

 

note Note: The local computer is unlockable.

 

The devices that can be blocked include USB, CD, and floppy disk drives.

 

Running of an application is recorded to show time opened and closed, active and total time. The logs can be viewed by opening the Activity Log.

 

 

fig18

 

 

On the other hand, running of application programs can be blocked as shown below.

 

 

fig19

 

 

The class of programs can be added, deleted, or renamed.

 

fig20

 

 

Adding Program Class: Highlight “Program List”, right-click the mouse, select “Add the class of programs,” input a name, and then hit “OK.”

 

Deleting Program Class: Highlight the class to be deleted, right-click the mouse, and select “Delete Program Class.

 

Renaming Program Class: Highlight the class to be renamed, right-click the mouse, select “Rename Program Class,” input a name, and hit “OK.”

 

Accordingly, the applications can be added, deleted, and renamed also.

 

Adding Application: Highlight the program class, right-click the mouse, and select “Add Program.

 

 

fig21

 

 

In the pop-up window, click the “E” button to select the program.

 

 

 

 

note Note: The name of a program should not be input directly. Rather, you must browse into the corresponding program folder to select it. In this way, the system will record the characterization of the application, effectively preventing bypassing via renaming or program modification. 

 

Deleting Application: Highlight the application to be deleted, right-click the mouse, and select “Delete Program.

 

Renaming Application: Highlight the application to be renamed, right-click the mouse, select “Rename Program,” input a name, and then hit “OK.”

 

 

 

NAT Gateway

NAT Gateway

NAT Gateway

NAT Gateway

NAT Gateway

NAT Gateway

NAT Gateway

NAT Gateway

NAT Gateway

NAT Gateway

Proxy Server

Proxy Server

Proxy Server

Proxy Server

Proxy Server

Proxy Server

Proxy Server

Proxy Server

Proxy Server

Proxy Server

NAT Router

NAT Router

NAT Router

NAT Router

NAT Router

NAT Router

NAT Router

NAT Router

NAT Router

NAT Router

DNS Forwarding

DNS Forwarding

DNS Forwarding

DNS Forwarding

DNS Forwarding

DNS Forwarding

DNS Forwarding

DNS Forwarding

DNS Forwarding

DNS Forwarding

Port Mapping

Port Mapping

Port Mapping

Port Mapping

Port Mapping

Port Mapping

Port Mapping

Port Mapping

Port Mapping

Port Mapping

Reverse Proxy

Reverse Proxy

Reverse Proxy

Reverse Proxy

Reverse Proxy

Reverse Proxy

Reverse Proxy

Reverse Proxy

Reverse Proxy

Reverse Proxy

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Connection Sharing

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Internet Activity Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Parental Internet Monitoring

Internet Filtering

Internet Filtering

Internet Filtering

Internet Filtering

Internet Filtering

Internet Filtering

Internet Filtering

Internet Filtering

Internet Filtering

Internet Filtering

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Internet Activity Statistics

Employee Internet Management

Employee Internet Management

Employee Internet Management

Employee Internet Management

Employee Internet Management

Employee Internet Management

Employee Internet Management

Employee Internet Management

Employee Internet Management

Employee Internet Management

Web Access Control

Web Access Control

Web Access Control

Web Access Control

Web Access Control

Web Access Control

Web Access Control

Web Access Control

Web Access Control

Web Access Control

Online Restriction

Online Restriction

Online Restriction

Online Restriction

Online Restriction

Online Restriction

Online Restriction

Online Restriction

Online Restriction

Online Restriction

Network Monitoring

Network Monitoring

Network Monitoring

Network Monitoring

Network Monitoring

Network Monitoring

Network Monitoring

Network Monitoring

Network Monitoring

Network Monitoring

URL Block

URL Block

URL Block

URL Block

URL Block

URL Block

URL Block

URL Block

URL Block

URL Block

Email Capture

Email Capture

Email Capture

Email Capture

Email Capture

Email Capture

Email Capture

Email Capture

Email Capture

Email Capture

Chat Log

Chat Log

Chat Log

Chat Log

Chat Log

Chat Log

Chat Log

Chat Log

Chat Log

Chat Log

MSN Recorder

MSN Recorder

MSN Recorder

MSN Recorder

MSN Recorder

MSN Recorder

MSN Recorder

MSN Recorder

MSN Recorder

MSN Recorder

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Yahoo Messenger Sinffer

Skype Logger

Skype Logger

Skype Logger

Skype Logger

Skype Logger

Skype Logger

Skype Logger

Skype Logger

Skype Logger

Skype Logger

Computer Activity Log

Computer Activity Log

Computer Activity Log

Computer Activity Log

Computer Activity Log

Computer Activity Log

Computer Activity Log

Computer Activity Log

Computer Activity Log

Computer Activity Log

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Real Time Monitoring

Screen Tracking

Screen Tracking

Screen Tracking

Screen Tracking

Screen Tracking

Screen Tracking

Screen Tracking

Screen Tracking

Screen Tracking

Screen Tracking

Software Compliance

Software Compliance

Software Compliance

Software Compliance

Software Compliance

Software Compliance

Software Compliance

Software Compliance

Software Compliance

Software Compliance

Data Protection Security

Data Protection Security

Data Protection Security

Data Protection Security

Data Protection Security

Data Protection Security

Data Protection Security

Data Protection Security

Data Protection Security

Data Protection Security

Acceptable Computing

Acceptable Computing

Acceptable Computing

Acceptable Computing

Acceptable Computing

Acceptable Computing

Acceptable Computing

Acceptable Computing

Acceptable Computing

Acceptable Computing

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Employee Investigative Operation

Switch Sniffer

Switch Sniffer

Switch Sniffer

Switch Sniffer

Switch Sniffer

Switch Sniffer

Switch Sniffer

Switch Sniffer

Switch Sniffer

Switch Sniffer

Packet Sniffing

Packet Sniffing

Packet Sniffing

Packet Sniffing

Packet Sniffing

Packet Sniffing

Packet Sniffing

Packet Sniffing

Packet Sniffing

Packet Sniffing

Ethernet Capture

Ethernet Capture

Ethernet Capture

Ethernet Capture

Ethernet Capture

Ethernet Capture

Ethernet Capture

Ethernet Capture

Ethernet Capture

Ethernet Capture

Network Tap

Network Tap

Network Tap

Network Tap

Network Tap

Network Tap

Network Tap

Network Tap

Network Tap

Network Tap

MITM

MITM

MITM

MITM

MITM

MITM

MITM

MITM

MITM

MITM

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Poisoning

ARP Spooling

ARP Spooling

ARP Spooling

ARP Spooling

ARP Spooling

ARP Spooling

ARP Spooling

ARP Spooling

ARP Spooling

ARP Spooling

MAC Flooding

MAC Flooding

MAC Flooding

MAC Flooding

MAC Flooding

MAC Flooding

MAC Flooding

MAC Flooding

MAC Flooding

MAC Flooding

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode

Promiscuous Mode