Remotely connecting to the desktop of a client device
The administrator can obtain remote access to the desktop of a client device through a Network Agent installed on the device. Remote connection to a device through the Network Agent is possible even if the TCP and UDP ports of the client device are closed.
Upon establishing the connection with the device, the administrator gains full access to information stored on this device and can manage applications installed on it.
Remote connection with a device can be established in one of the following ways:
By using a standard Microsoft Windows component named Remote Desktop Connection. Connection to a remote desktop is established through the standard Windows utility mstsc.exe in accordance with the utility's settings.
Connection to the current remote desktop session of the user is established without the user's knowledge. Once the administrator connects to the session, the device user is disconnected from the session without an advance notification.
By using the Windows Desktop Sharing technology. When connecting to an existing session of the remote desktop, the session user on the device receives a connection request from the administrator. No information about remote activity on the device and its results will be saved in reports created by Kaspersky Security Center.
The administrator can connect to an existing session on a client device without disconnecting the user in this session. In this case, the administrator and the session user on the device share access to the desktop.
The administrator can configure an audit of user activity on a remote client device. During the audit, the application saves information about files on the client device that have been opened and/or modified by the administrator.
To connect to the desktop of a client device through Windows Desktop Sharing, the following conditions must be met:
Microsoft Windows Vista or a later Windows operating system is installed on the client device.
Microsoft Windows Vista or later is installed on the administrator's workstation. The type of operating system of the device hosting Administration Server imposes no restrictions on connection through Windows Desktop Sharing.
To check whether the Windows Desktop Sharing feature is included in your Windows edition, make sure that there is CLSID\{32BE5ED2-5C86-480F-A914-0FF8885A1B3F} key in the Windows Registry.
Microsoft Windows Vista or later is installed on the client device.
Kaspersky Security Center uses a license for Vulnerability and patch management.
By using the Virtual Network Computing (VNC) system. The administrator can use the VNC system to connect to macOS devices.
Connection to a remote desktop is established through a VNC client installed on the device with Administration Server. The VNC client transmits the keyboard and mouse input from the client device to the administrator.
When the administrator connects to the remote desktop, the user does not receive notifications or connection requests from the administrator. The administrator can connect to an existing session on the client device without disconnecting the user in this session.
To connect to the desktop of a client macOS device through the VNC client, the following conditions must be met:
The VNC client is installed on the device with Administration Server.
Remote login and remote management are allowed on the client device.
The user has allowed the administrator access to the client device in the Sharing settings.
To connect to the desktop of a client device through the Remote Desktop Connection component:
In the Administration Console tree, select the device to which you need to obtain access.
In the context menu of the device, select All tasks → Connect to device → New RDP session.
The standard Windows utility mstsc.exe starts, which helps to connect to the remote desktop.
Follow the instructions shown in the utility's dialog boxes.
When connection to the device is established, the desktop is available in the Remote Desktop Connection window of Microsoft Windows.
To connect to the desktop of a client device through Windows Desktop Sharing:
In the Administration Console tree, select the device to which you need to obtain access.
In the context menu of the device, select All tasks → Connect to device → Windows Desktop Sharing.
In the Select remote desktop session window that opens, select the session on the device to which you need to connect.
If connection to the device is established successfully, the desktop of the device will be available in the Kaspersky Remote Desktop Session Viewer window.
To start interacting with the device, in the main menu of the Kaspersky Remote Desktop Session Viewer window, select Actions → Interactive mode.
To connect to the desktop of a client device through the Virtual Network Computing system:
In the Administration Console tree, select the device to which you need to obtain access.
In the context menu of the device, select All tasks → Connection Tunneling.
In the Connection Tunneling window that opens, do the following:
In the 1. Network port section, specify the network port number of the device to which you need to connect.
By default, port 5900 is used.
In the 2. Tunneling section, click the Create tunnel button.
In the 3. Network settings section, click the Copy button.
Open the VNC client and paste the copied network attributes into the text field. Press Enter.
In the window that opens, view the certificate details. If you agree to use the certificate, click the Yes button.
In the Authentication window, specify credentials of the client device and click OK.