Take control of remote machines
Remote control software lets systems administrators exercise control over remote machines—even at 2:00 a.m. from home after being called by the night shift. In its infancy, remote control software was buggy and unsecure and often conflicted with other applications. Today, remote control software is much more mature, stable, and secure and includes Help desk and remote assistance functionality.
Choosing Remote Control Software
When considering remote control software, ask yourself how you will deploy it. Do you plan to connect to workstations and servers over the Internet, intranet, through a dial-up connection, or some combination of the three? Each connection method has its own set of requirements. Although a particular product might not support dial-up or dial-up with dial-back support, you might be able to run the software through a RAS connection.
You also need to examine the types of systems you plan to connect to. If you're running in a heterogeneous environment, you'll need software that will support all your platforms. Determine how you'll use the software. If administrators will use the software solely to control servers, your requirements will be different from those of an environment in which a Help desk staff would use the software to access users' desktops to resolve trouble tickets. You also should determine whether you'll require the remote control software to work with firewalls, proxy servers, or Network Address Translation (NAT). Some products might have difficulty establishing connections through firewalls or in environments that use NAT.
Security Basics
For network-based access through your corporate intranet, you might not be too worried about data encryption between the remote system and the client from which you control the remote system. For Internet connections, however, you likely want to encrypt all data that's sent back and forth. Be extremely cautious about remote control software that touts proprietary encryption methods, and stick with products that employ standard algorithms. IP Security (IPSec) or Secure Sockets Layer (SSL) functionality can dramatically reduce the likelihood of eavesdropping or the hijacking of remote control sessions. When you use a modem to connect to a server in a remote data center, you might want dial-back functionality to prevent intruders from successfully connecting to your server.
Pay attention to the remote control software's authentication and authorization features. Does the software make use of OS mechanisms, or does it rely on its own mechanisms for authentication? For products that use OS mechanisms, make sure you can limit authorizations to only those accounts that you want to use for remote control. For products that employ their own authentication mechanisms, verify that connection credentials are stored securely on the remote system. You might want to consider only those packages that provide an audit trail of connection attempts.
Desirable Features
After you're satisfied that a product fits your security needs, consider some of the other features that each package offers. At a minimum, you'll want the ability to transfer files between the client and the system you're controlling remotely. Also consider how the software maps client-side peripherals such as smart card readers, removable disk drives (i.e., CD-ROM drives, CompactFlash—CF—card readers), and printers to the remote system. Mapping features are especially useful for Help desk staff who need to install or update software on users' desktops from a CD-ROM in the Help desk staff member's local drive. Some of the products in this Buyer's Guide are specifically designed with Help desk functions. Last but not least, check for usability before settling on a particular product. Most vendors offer trial licenses.
