Kaspersky Security Center Linux allows you to establish a remote connection to managed devices. The administrator can obtain remote access to the managed device through a Network Agent installed on the device. Remote connection to a device through the Network Agent is possible even if the TCP and UDP ports of the client device are closed. Upon establishing a connection with the device, the administrator gains full access to information stored on this device and can manage applications installed on it.
The methods for establishing a remote connection depend on which platform is used on the device with Kaspersky Security Center Web Console. Kaspersky Security Center Web Console can be installed on a device other than the Administration Server device, on a Windows- or a Linux-based device.
From Kaspersky Security Center Web Console installed on a Linux device, you can establish the following connections:
From Kaspersky Security Center Web Console installed on a Windows device, you can establish the following connections:
To establish a remote connection to a device, you must have the following:
The Kaspersky utility is used for tunneling the connection between a managed device and Administration Server.
Kaspersky Security Center Linux allows tunneling TCP connections from Kaspersky Security Center Web Console via the Administration Server and then via Network Agent to a specified port on a managed device. Tunneling is designed for connecting a client application on a device with Kaspersky Security Center Web Console installed to a TCP port on a managed device—if no direct connection is possible between Kaspersky Security Center Web Console and the target device.
Connection tunneling between a remote client device and Administration Server is required if the port used for connection to Administration Server is not available on the device. The port on the device may be unavailable in the following cases:
The utility can be downloaded when a remote connection is established through Kaspersky Security Center Web Console or manually. The klsctunnel utility is installed on the Administration Server device.
The klsctunnel utility is used for all types of the remote connection (RDP, VNC, WDS).
An RDP or VNC client is installed on the Administration Server device. This client allows you to obtain remote access to the managed device by using the address and port for the local connection provided by the klsctunnel utility.
An RDP connection to the current remote desktop session of the user is established without the user's knowledge. Once the administrator connects to the session, the device user is disconnected from the session without notification.
This feature allows you to connect to an existing session on a client device without disconnecting the user in this session. In this case, the administrator and the session user on the device share access to the desktop.
When connecting to an existing session of the remote desktop, the session user on the device receives a connection request from the administrator. No information about remote activity on the device and its results will be saved in reports created by Kaspersky Security Center Linux.
The administrator can configure an audit of user activity on a remote client device. During the audit, the application saves information about files on the client device that have been opened and/or modified by the administrator.