Remote management of computers

Remote management of computers – RDP, webRTC, VNC / UVNC, Intel VPro / AMT

Remote desktop is a solution that allows you to share a user’s screen image of another computer. The eAuditor WEB AI system allows remote connection via RDP, VNC, Intel vPRO/AMT and webRTC.

In addition to providing a remote desktop, webRTC technology allows file management and real-time terminal access.

Remote desktop is most often used by IT professionals, who use the remote session to help other employees with computer or software configuration problems.

The remote desktop function of eAuditor has a built-in tool to monitor online processes and services. The following functionalities are available:

• stopping the service,
• restarting the service,
• service startup,
• process stopping.

In addition, directly from the application it is possible to send a command to the computer to:

• wake up,
• sleep,
• reset,
• shutdown.

In the eAuditor system, it is possible to use 4 remote desktop solutions:

RDP

Remote Desktop Protocol allows you to connect to other computers on your local network It uses peer-to-peer connections. This gives the user access to the actual monitor image of the remote computer, as well as the ability to manage the device’s resources. It quickly, easily and securely accesses the desktop of any computer integrated with the eAuditor system. It also seamlessly adjusts the connection parameters for requirements to reduce network load. RDP has the ability to scale the connection window.

This feature also allows remote management of user files. It is possible to add, modify and copy files to remote computers. In addition, with this feature, it is possible to connect in real time directly under the CMD console on each computer to multiple monitors simultaneously – in separate browser windows.

webRTC

This technology allows real-time communication over the Internet for remote access to computers on the local network and also outside NAT webRTC is an open source project.

The webRTC technology – thanks to the use of web sockets – makes it possible to transmit not only audio or video, but also files. Data transmission is carried out using SRTP, which guarantees secure business communications.
webRTC provides a high level of security, the ability to connect to a computer outside of NAT, and the use of a remote file manager or terminal.

n addition, it allows the selection of a specific computer monitor that the administrator wants to manage during a remote session. It also seamlessly adjusts connection parameters to the administrator’s requirements. . WebRTC has configurable the following parameters:

• connection quality,
• scaling,
• number of frames per second.

WebRTC’s remote desktop function has a built-in tool to monitor online processes and services. The following functionalities are available:

• stopping the service,
• restarting the service,
• service startup,
• process stopping.

This functionality also allows remote management of user files. It is possible to add, modify and copy files to remote computers. In addition, this functionality allows you to connect directly under the CMD console on each computer, to multiple monitors simultaneously in real time.

VNC

The VNC system allows you to transmit video from a virtual desktop environment. By using Virtual Network Computing, it is possible to access a user session. VNC uses the RFB (Remote Frame Buffer) protocol, which operates at the frame buffer level, so it is available in any windowed operating system.

With VNC, the administrator has a view of both monitors that are on the same screen, but it is not possible to separate them. In addition, it is possible to select the specific monitor the administrator wants to manage during a remote session. It also seamlessly adjusts connection parameters to the administrator’s requirements.

VNC’s remote desktop feature has a built-in tool to monitor online processes and services. When connected to a remote desktop or locally, the following functionality is available:

• stopping the service,
• restarting the service,
• service startup,
• process stopping.

multiVNC

This is a feature available as part of the VNC solution that allows you to manage multiple monitors simultaneously. It allows access to up to 12 desktops at the same time. Thanks to this, the administrator has an overview of the computers and can perform any actions on each of them. This significantly streamlines work, but most importantly reduces time, thanks to the ability to manage multiple desktops from a single device.

his feature also offers additional convenience for the administrator, including the ability to connect to monitors using keyboard shortcuts. A full-screen view of each computer is also possible. The multiVNC functionality also has a preview mode, with which the administrator can look at the user’s work without any interference. The multiVNC functionality also has a preview mode, with which the administrator can look at the user’s work without any interference. In addition, he has oversight of the actions taken by employees and can lock the user’s keyboard or mouse on a selected computer at any time.

Intel VPro / AMT

Intel vPro is Intel’s brand name for a computer’s hardware feature set. PCs that support vPro technology are the main components of a vPro-enabled processor, vPro microchip and vPro BIOS. Using Intel vPRO/AMT, it is possible to conduct a remote desktop session, remotely configure the network card or reinstall the operating system. n addition, the feature allows you to boot a shutdown computer. The software also recognizes the technology version, port, configuration and allows you to connect to the computer with a click. It also allows you to manage computers using Intel technology.

Multi-core, multi-threaded Xeon or Core processors.

Intel Active Management Technology (Intel AMT) – a set of hardware features that allow remote access to a computer to manage and perform security-related tasks when the operating system is down or the computer’s power is off. AMT is one of the components of vPro.

AMT remote configuration technology with certificate-based security. remote configuration can be performed on computers without an operating system.

Wired and wireless network connectivity (mobile computers).

Intel Trusted Execution Technology (Intel TXT) verifies the boot environment and establishes a source of trust, which in turn allows building a chain of trust for virtualized environments.

It supports the following security features on desktops: IEEE 802.1X, Cisco Self Defending Network (SDN) and Microsoft Network Access Protection (NAP) and laptops: 802.1x and Cisco SDN. this allows Intel vPro to store a computer’s security status. This allows the network to authenticate the system before the operating system and applications are loaded and before the computer accesses the network.

Intel VT-x technology accelerates hardware virtualization, which enables the creation of isolated memory areas for running critical applications on hardware virtual machines. The goal is to increase the integrity of the running application and the confidentiality of sensitive data. Intel VT-d technology, on the other hand, provides protected virtual memory address spaces to DMA peripherals connected to the computer via the DMA bus. This reduces the threat from malicious peripherals.

Intel vPro also has support for Microsoft Windows Vista, including Microsoft Windows Vista BitLocker with Trusted Platform Module version 1.2 and the Windows Vista Aero user interface.

System Status

The tab contains basic vPro status information such as:

• Power – the current state of the computer (on, off)
• Name & Domain – the name of the current domain to which the computer belongs
• Intel® ME
• Active Features – active functionalities
• Remote Desktop
• User Consent
• Power Policy – the current computer’s power policy (restricting access to Vpro depending on the power configuration)
• Data & Time

Remote Desktop – The eAuditor system, thanks to vPro technology, allows you to access the remote desktop from the hardware, so you can get into the BIOS and boot the media located in another hardware location. In addition, you can access power actions in terms of:

• on,
• off,
• reset,
• cycle boot,
• run in diagnostic mode,
• turn on and enter BIOS,
• reset and enter BIOS,
• power on or off and boot from disc, floppy disk, PXE.

Serial over LAN

With support for vPro, the eAuditor system enables console redirection through the LAN serial port.

Hardware Information

With the vPro module, the eAuditor system has access to the hardware information of a particular computer, such as:

• platform,
• motherboard,
• BIOS,
• processor(s),
• memory bank(s),
• storage media (hard drive, optical drives).

Event Log

The vPro module collects information about computer startups and puts it into event logs. A distinction is made between 3 types of logs:

• informational,
• errors,
• critical.

Audit Log

Provides information about the administrator’s activity, recording his access events to user systems via Intel AMT technology.

Network Settings

The Network Settings tab contains settings for network cards:

• the ability to edit power policies for the card (whether it will be active, e.g., when the computer is off and there is no access to the power supply, and you can use battery power),
• card settings options for ICMP & RMCP responses (such as PING),
• the ability to configure static TCP/IP addressing or use a DHCP server,
• adding a WLAN card profile, so we can configure it to use a wireless network.

Security Settings

In the Security Settings tab, it is possible to add a TLS certificate to encrypt the connection.

System Defence

The System Defense tab gives you the ability to create filters that are applied to incoming and outgoing network packets, to which actions are assigned. These should be taken when a packet meets / fails to meet the conditions in the filter.

Wake Alarm

The Wake Alarms tab gives you the ability to set with a given interval (days, hours, minutes) when the computer will start up automatically.

WSMAN Browser

WSMAN Browser tab contains the ability to make detailed queries about computer hardware and its configuration.