The administrator can obtain remote access to the desktop of a client device through a Network Agent installed on the device. Remote connection to a device through the Network Agent is possible even if the TCP and UDP ports of the client device are closed.
Upon establishing the connection with the device, the administrator gains full access to information stored on this device and can manage applications installed on it.
Remote connection must be allowed in the operating system settings of the target managed device. For example, in Windows 10, this option is called Allow Remote Assistance connections to this computer (you can find this option at Control Panel → System and Security → System → Remote settings). If you have a license for the Vulnerability and patch management feature, you can enable this option forcibly when you establish connection to a managed device. If you do not have the license, enable this option locally on the target managed device. If this option is disabled, remote connection is not possible.
To establish remote connection to a device, you must have two utilities:
Kaspersky Security Center allows tunneling TCP connections from Administration Console via the Administration Server and then via Network Agent to a specified port on a managed device. Tunneling is designed for connecting a client application on a device with Administration Console installed to a TCP port on a managed device—if no direct connection is possible between Administration Console and the target device.
Connection tunneling between a remote client device and Administration Server is required if the port used for connection to Administration Server is not available on the device. The port on the device may be unavailable in the following cases:
Connection to the current remote desktop session of the user is established without the user's knowledge. Once the administrator connects to the session, the device user is disconnected from the session without an advance notification.
To connect to the desktop of a client device:
The Remote Desktop (Windows only) window opens.
This option is only available if you have a license for the Vulnerability and patch management feature.
A BLOB is valid for 3 minutes. If it has expired, reopen the Remote Desktop (Windows only) window to generate a new BLOB.
The utility window opens.
The Remote Desktop Connection login window opens.
When connection to the device is established, the desktop is available in the Remote Desktop Connection window of Microsoft Windows.
Page top