If your organization is considering a remote desktop access product this quick guide spotlights the four offerings worth considering as you make your buying decision. The products come from LogMeIn, SolarWinds, Citrix, and Bomgar, all established vendors in the remote access field.
These tools can handle most technical support calls where the computer is still working — i.e., the operating system is up, and a Web browser and other applications are running — and where the computer is connected to the company LAN or the Internet.
As the name suggests, a remote desktop access solution reaches out from the IT admin’s device across the network, connects to the employee’s computer, and takes control of it, with the employee device appearing as a window on IT’s system.
“Remote desktop access is used for support activities including remotely diagnosing the device, troubleshooting, helping with applications, and firmware updates,” says Rob Brothers, Director Hardware & Software Support Services, IDC.
Typical support uses for remote desktop access include
o Checking and changing OS and software configuration
o Troubleshoot and resolving user problems
o User training.
Current OSs include remote desktop access tools. For example, Microsoft offers its Remote Desktop Connection (formerly known as Terminal Services), using Microsoft’s Remote Desktop Protocol (RDP), and most Linux/Unix distros include the classic (but unsecured) telnet and its secured sibling ssh (Secure Shell).
But where SOHOs, SMBs and non-business users simply need a tool that does remote desktop access, many enterprises want or need other features, such as:
o LAN and WAN performance. Some enterprises use remote desktop access only behind the firewall (possibly including to remote accesses via VPN). Others need to serve users via the Internet.
o Scaling. IT may be serving thousands, tens of thousands, or more users — especially for enterprise providing third-party support. Similarly, the tools may be being used by dozens, even hundreds, of IT or Help/Support Desk staff, running hundreds to thousands of concurrent sessions total.
o Security. Remote desktop access can be a major vector for network attacks, so many companies prioritize security. Some enterprises will want appliance or on-premises software, especially for working within the firewall. Web-based remote access software can use HTTP; other tools may need firewall port numbers opened up to work with external systems.
o Performance. Like with thin clients, the quality of the graphic presentation of the remote screen can vary depending on how the remote desktop product works.
o Agent versus agentless. Remote desktop access requires software on both ends. Some remote desktop tools require a software agent to be pre-installed — especially for when the machine is on but unattended. Others allow the user to download and install the agent, from their web browser, on demand as part of requesting a support session.
o Integration. Many enterprises want remote desktop access to be part of a larger system management tool, or integrate with Help Desk and other tools like BMC Remedy.
Other capabilities that some companies look for in these tools include remote hardware inventory, scripting, and pushing software updates and patches.
Here’s a quick look at some of the leading enterprise-oriented remote desktop access applications, and what they can be used for.
LogMeIn offers two products:
o LogMeIn Central, requiring a pre-installed agent, for providing managed and unattended support. LogMeIn Central can do tasks including inventory, and applying Windows update patches.
o LogMeIn Rescue, which is SaaS-based, for providing end-user support from a PC, Mac or mobile device, letting IT access, diagnose and troubleshoot computers — including ones that the enterprise may not own (BYOD, “other people’s computers).
Rescue end users can escalate from a support chat session to a remote control session. Base price (volume pricing available): $1,088 per technician per year, for up to 10 simultaneous sessions. (Add $768 to also support mobile devices, for configuration — remote control not currently an option).
According to Lee Weiner, VP of Customer Care Product Group, LogMeIn, LogMeIn Rescue includes enterprise-oriented features that a support desk will want, like management APIs that can hook into other systems, and administrative reporting, “so as you scale your business and add technicians, you can build a bigger help desk.”
Typical tech activities using LogMeIn, according to Weiner, could include:
o remotely troubleshooting apps or the OS
o training/help/solving mobile device issues, such as set-up for email or WiFI.
o virus removal
o email configuration.
Pricing starts at (less in quantity): Rescue $1,188/year; Central is $299/year. Unlimited sessions per license.
Mini Remote Control is for remotely controlling servers and Windows machines, and troubleshooting user problems. The current version includes
o Chat Support, allowing the IT admin to start a chat session with a remote machine, even if they’re not currently viewing the remote user’s screen
o Screenshot support, of the current remote-control session
NT Utilities, in addition to Mini Remote Support’s capabilities, can also do tasks that doing require logging in to the remote machine, such as checking event logs or local policies, or connect to and look at a group of machines, and also handle many Active Domain administrative tasks from within NTU. “NTU is a power tool to be more efficient managing a bunch of machines,” says Craig McDonald, Senior Product Manager for DameWare.
Dameware is optimized for the LAN, and is intended primarily for use in the enterprise, behind the firewall, including branch offices connected by VPNs or dedicated lines, according to McDonald. “It isn’t optimized for WAN connections, but it can do them, with IPv6-to-IPv6 connectivity. It’s not currently good for mobile employees.
Mini Remote Control can be run without its local agent, if you’re willing to connect using Microsoft’s Remote Desktop Protocol, but this approach can’t provide an interactive session. Using the agent lets the IT tech have an interactive session, and can, for example, ask the user “show me what you did that caused the problem.” “With RDP, it’s effectively doing screen-scraping, which isn’t as efficient, and may seem sluggish or slow,” says McDonald. “The Mirror Driver taps into the video calls at the OS level, so it’s a faster experience.”
Other DameWare features, according to McDonald, include the ability to “open as many sessions as you want, and multiple admins can log into a single endpoint on the same session.”
MRC pricing is roughly $99/administrator, for any number of clients. NTU is roughly $350/seat plus annual maintenance. There is no per-endpoint charge, and DameWare lets the customer activate several copies per administrator; for example, so an admin can run it on their desktop and notebook devices.
Citrix GoToAssist And RemoteDesk
Citrix has two remote access tools: GoToAssist provides remote management of PC and Mac computers, for helping end users, and GoToMyPC, for remote access, including IT access to remote servers. All are cloud-based managed services. GoToAssist can be used from Windows and Mac systems, and Citrix’s free GoToAssist iOS and Android apps lets IT manage remotely from their tablets and smartphones.
End users get support by receiving an invitation link, or a code, which they enter in their browser. Starting a support session on a user machine downloads and installs the software on demand.
GoToAssist Remote Support can be used to access unattended machines by pre-installing the Citrix agent on them.
GoToAssist features include two-way screen sharing, in-session chat between the IT admin and each session, file transfers, and system reboot including reconnecting to the in-progress support session.
For multi-agent support teams, Citrix offers GoToAssist Corporate, which includes administrative, collaborative and customer-queuing features.
Citrix’s offers Personal, Pro and Corporate versions of its GoToMyPC remote desktop access product. The Corporate version includes an online administration console for managing users and groups.
GoToAssist’s Remote Support module includes live support, and also lets IT connect to unattended machines, such as desktops after working hours, and to servers. Remote Support includes licenses to do inventorying, and server health and monitoring, for up two 20 devices; above this number, IT needs to purchase GoToAssist Monitoring module licenses.
GoToAssist can be used from iPad and Android devices, but does not currently support remote access to them.
According to Citrix, GoToAssist is good for both LAN and WAN-connected devices, and works via standard HTTP ports, so no firewall tweaking is needed.
A GoToAssist license can be used with up to 8 customers at a time. Pricing per-technican (“named-user”)/per-month (named user licensing) starts at (less in volume) for ^69 for GoToAssist Remote Support, and $119 for GoToAssist Corporate. Additional GoToAssist Monitoring licenses are $89/month/technician, for monitoring and controlling up to each additional 100 devices. GoToMyPC licenses start at $11.99/user/month, with volume discounts.
Bomgar Corporation provides its eponymous remote desktop access solution as an on-premise appliance.
“This gets us a lot of interest from companies concerned with security” — and therefore concerned about using point-to-point or SaaS solutions, says
Nathan McNeil, Bomgar Co-Founder and Chief Strategy Officer. “Remote access is consistently an attach vector for data breaches, according to several studies. Having the appliance on the premise makes it easier to integrate with your Active Directory or other LDAP authentication. Many security people don’t like third-parties pinging their security systems. And the data is on your premises, instead of having to pass through a third party.”
Bomgar is intended primarily for customer supporting enterprise customers, such as companies with tens of thousands of users, or outsourced service desks. “We have access controls so you can limit what can be done, and we integrate with leading tools like BMC Remedy, so you can make it part of your service desk environment,” says McNeil.
The Bomgar appliance can connect to and support Windows, MacOS and Linux desktop OSs, and, includes integration for Intel vPro, letting the IT admin do vPro sessions from within the Bomgar console.
Bomgar also can work with iOS, Android, Windows Mobile and BlackBerry mobile devices, and via telnet/SSH, devices like network switches and routers. Bomgar does not support report control of iOS or Android devices, but does allow IT to do things including configuring settings, file transfer, chat, and co-browsing.
Bomgar is not for pushing patches or for system management, says McNeil. “Bomgar is typically for incident-based response to issues as they occur.
According to McNeil, Bomgar can be accessed and used from Windows, Mac, Linx, iPad/iPhone, and Android phone and tablet devices, and can be used over both LAN and WAN connections. “We’re optimized for use via the web over the Internet, but can be configured to work only within an internal network.”
Bomgar can also do “reverse sharing,” flipping the session to show the IT admin’s session to an end user, even do presentation-sharing to up to 15 users.
Bomgar isn’t cheap; it’s about $3,000 per concurrent IT user, plus about 20% maintenance fees. A single Bomgar appliance can support up to about 10,000 licenses.