Remotely connecting to the desktop of a client device

The administrator can obtain remote access to the desktop of a client device through a Network Agent installed on the device. Remote connection to a device through the Network Agent is possible even if the TCP and UDP ports of the client device are closed.

Upon establishing the connection with the device, the administrator gains full access to information stored on this device and can manage applications installed on it.

Remote connection must be allowed in the operating system settings of the target managed device. For example, in Windows 10, this option is called Allow Remote Assistance connections to this computer (you can find this option at Control PanelSystem and SecuritySystemRemote settings). If you have a license for the Vulnerability and patch management feature, you can enable this option forcibly when you establish connection to a managed device. If you do not have the license, enable this option locally on the target managed device. If this option is disabled, remote connection is not possible.

To establish remote connection to a device, you must have two utilities:

To connect to the desktop of a client device:

  1. In MMC-based Administration Console, in the context menu of the Administration Server, select Properties.
  2. In the Administration Server properties window that opens, go to Administration Server connection settings → Connection ports.
  3. Make sure that the Open RDP port for Kaspersky Security Center Web Console option is enabled.
  4. In Kaspersky Security Center Web Console, go to Assets (Devices) → Managed devices.
  5. In the Current path field above the list of managed devices, click the path link.
  6. In the left-side pane that opens, select the administration group that contains the device to which you want to obtain access.
  7. Select the check box next to the name of the device to which you want to obtain access.
  8. Click the Connect to Remote Desktop button.

    The Remote Desktop (Windows only) window opens.

  9. Enable the Allow remote desktop connection on managed device option. In this case, the connection will be established even if remote connections are currently prohibited in the operating system settings on the managed device.

    This option is only available if you have a license for the Vulnerability and patch management feature.

  10. Click the Download button to download the klsctunnel utility.
  11. Click the Copy to clipboard button to copy the text from the text field. This text is a Binary Large Object (BLOB) that contains settings required to establish connection between the Administration Server and the managed device.

    A BLOB is valid for 3 minutes. If it has expired, reopen the Remote Desktop (Windows only) window to generate a new BLOB.

  12. Run the klsctunnel utility.

    The utility window opens.

  13. Paste the copied text into the text field.
  14. If you use a proxy server, select the Use proxy server check box, and then specify the proxy server connection settings.
  15. Click the Open port button.

    The Remote Desktop Connection login window opens.

  16. Specify the credentials of the account under which you are currently logged in to Kaspersky Security Center Web Console.
  17. Click the Connect button.

When connection to the device is established, the desktop is available in the Remote Desktop Connection window of Microsoft Windows.

Page top