An essential tool found in the toolbox of every Service Provider is remote control software, a type of software that allows to execute commands and actions on a computer situated in another place, leveraging an Internet connection. Let’s see what are the characteristics of a good remote control software, also introducing some of the available solutions.

The architecture

All remote control solutions we cover in this article are based on an architecture that calls for a host, a gateway and a client (also called guest). The host is the computer to be controlled, on which we can install an agent that sets the remote connection while being executed as service (in Windows) in order to let it run as soon as the operating system is loaded.
The client is the local computer where we can run a specific software, called viewer, which can visualize the remote screen and we use to perform operations.
If both host and client are on the same subnet, on a VPN if needed, visibility is direct and there aren’t any issue in terms of configuration and security (save for the overall network security), but if both computers are on different networks, then some problems arise as there are NAT systems to overcome and it’s mandatory to leverage at least a secure authentication and traffic encryption system for the sake of security.

In order to overcome the obstacle, a third element is introduced in the architecture: a gateway server which abstracts the connection between host and client. Such server is provided by the software produces and guarantees the proper security of connections. Solutions belonging to this review all adopt a combination of public/private key authentication and data encryption. In this way Man in the Middle (MiM) attacks are avoided and intercepted data are unusable thanks to encryption.

aeroadmin2

How it works

The client can start two connection modes: attended or unattended.
With the attended mode, a request for remote control is sent to the host which has to confirm it, when the client effectively can control the host. In general, clients permissions can be set from the host, that is, the host can decide which actions can be performed by the client and which can’t.
That’s the typical case of support requests: the client asks for a remote control, the technician sends a client activation link (the specific modes changes according to each specific solution), then the connection between host and client can be established. The remote computer to connect with is usually identified by an IP address or by a software-assigned ID.

With the unattended mode the connection is directly established by the client instead, requiring no confirm from the host; for instance, because it has already been given and the “remember the preference” option was checked. In this case remote activities can be performed without another person sitting at the other edge of the connection. It’s the typical case of remote control of servers and unattended computers (or in remote places).

Host side, the software is downloaded by means of a link straight from the producer’s site or, if the licence allows to, from your own site; some products offer MSI packages that can be propagated with Group Policy to all computers belonging to the same Active Directory domain. It’s a very useful option in case of big installation volumes and indeed it’s offered only by those software, like ScreenConnect, TeamViewer and LogMeIn, which are also addressed to corporate environments and not just MSP or reduced habits.
Ammyy, Aeroadmin and Anydesk are conceived for 1:1 remote support activities and offer a single installation package that includes both roles of host and client; obviously the host role will be choose for computers to control and the client role for the machine used for remote control.
Authentication is with several methods: Windows account, dedicated password, “one-time-use” password (one single use, then it expires and is no longer valid), LDAP or 2-Factor Authentication.

Anatomy of a remote control software

The main purpose of a remote control software is to control a computer by performing all the actions that are usually done: creating, modifying and deleting files and folders, installing and uninstalling programs, modifying computer settings, executing programs, reading/writing emails, executing scripts and command from the command line, modifying network settings, using network resources (shares, printers, etc..), login and logout, powering off and restarting the computer (also in safe mode and re-establishing the remote connection). Some products can power on a computer leveraging Wake on LAN (which basically consists in sending a signal through the network that “wakes up” the computer), an important feature if there’s no option to have physical access to the computer. In this case both computers must be on the same physical network or connected with a VPN.

The remote computer’s screen is visualized on your own computer, and the user experience is by all means similar to the one when sitting in front of the remote computer. Video quality is determined by the characteristics of the Internet connection and usually there are settings that optimize the output according to the connection itself (sometimes, like with TeamViewer, it’s done automatically). The viewer can scale the original resolution of the remote screen, extend it full-screen or on multiple monitors. Some programs allows to invert the visualization direction: on the host (remote) screen the client (local) screen is visualized: in practice, roles are inverted. It’s a very interesting feature especially with meetings.

Mouse and keyboard inputs have effect on the remote terminal, however some keys like function keys (F1, F2, etc..), the Windows key and special combinations (like Ctrl+Alt+Del) might be interpreted as local, ie directed towards the client computer itself; every product we’ve tried allows to send the remote computer such signals with dedicated buttons or menus. Remote audio too can be shared, as the screen, and in some cases it’s possible to establish voice calls between computers.

The basic features go along with other advanced features as file transfer (better if with resuming transfer capability if the connection drops; some products offer a dedicated window for file transfer management, while others, in a more advanced and easier way, offer drag-and-drop), clipboard synchronization, remote printing and video-recording of the session (with audit, diffusion or revision of the session itself purposes). In some cases it’s possible to blank the remote screen, thus not showing control actions to the remote side, and block remote inputs (from mouse and keyboard) in order to work flawlessly or for security/secrecy purposes.

A well-ordered visualization of controlled computer, perhaps with a hierarchical visualization like an address book, allows to manage hosts to connect in a easier and more comfortable way, in particular when administering several devices; some products show information on the host, like operating system and hardware characteristics, without having to connect, so that a proactive management can be carried out. LogMeIn, ScreenConnect and MSP Anywhere also allows to execute scripts and command line commands (cmd and PowerShell) straight from the client.
Despite an entire category of software specifically conceived for the purpose, some solutions (TeamViewer, MSP Anywhere and LogMeIn) offer an host monitoring system by visualizing in real time the consume of computational resources and running processes and services.

Another way of using remote control software, as hinted before, is meeting, which basically consist in the sharing of your own screen with the clients connected. It’s really useful for webinars, long-distance tuition, conferences, presentations and all situations that require a main screen to be shared among participants. The event, after being created by the host, is sent and shared with invites. Addressees will decide whether to confirm or not the invitation and participate to the meeting. They will have access to the shared screen but without any form of interaction with the host computer (ie mouse and keyboard inputs). However some software with the meeting feature (like TeamViewer) offer some user interaction capabilities, like text and voice chat, video recording and reverse-sharing, that is, sharing the screen of one of the participants instead of the host’s.ScreenConnect and TeamViewer also offer a user client for Android and iOS devices to participate to meetings without a desktop setting (in addition for remote control in situations of emergency). Chat is a service that is usually available and allows local user and remote user to talk, for instance to illustrate what’s going on during a support session or to explain in detail during a video lesson. Text chat is usually offered, and some products also offer a voice chat so that you can communicate with free hands. Ammyy offers only a voice chat.
ScreenConnect and TeamViewer also have VoIP capabilities.

Mobile devices like tablets and smartphone are nowadays part of the daily technological supply of most MSP and Service Providers, and, following this trend, many producers offer Android and iOS apps, thus covering most of the market, dedicated to remote control.

Such apps work as client and allow to perform remote control activities from mobile devices, albeit with less comfort than with a desktop in most cases.
The list of features of a good remote control software is closed with reporting and logging capabilities, which are always useful to troubleshoot issues or to calculate how much time has been dedicated to remote activities.

Licence and users management

Almost every product we have tried allows to manage operator users that perform remote control actions assigning specific permissions and subdividing into groups: in this way you can create a structured organization that can give different permissions to the members of the company to perform certain actions. Obviously if the software is used with a personal, and not commercial, scope, then there is a single user and the need of managing different users is not present.
Products are usually licenced with offers that varies not in terms of features, rather than the number of operators e simultaneous sessions. Licences can be annually or monthly according to the service (or to how the expenditure is to be distributed through time): for instance ISL Online also offer a physical appliance to host inside the walls of your infrastructure that is, in practice, the proxy server used by the remote computer to connect and overcome the NAT system of its network and become easily reachable.

 anydesk2 evo

The products we’ve analyzed share -at least generally- the same licensing model: the number of operators (ie the number of users for the technicians providing remote support) and the number of simultaneous sessions (a remote control is a session) are what determines the licence. In some cases the licence is determined also by the number of endpoints that can be controlled and the number of client-side installations.

Only ISL Online offers a different licensing model: the number of licenses is equal to the number of simultaneous sessions. There’s also a prepaid option without limitations in terms of sessions, and credit is calculated according to the length of the connection.
If you just look for a personal use, ie controlling just a couple of remote devices, many software offer a free license for personal use, naturally not suitable for commercial use.
Every product offer a trial version to test features and decide whether to buy it or not.

UltraVNC, based on the VNC protocol, is the only free product also for commercial use of this review; despite the number of features is scarce and limited to the essential ones, it’s a solution that should be carefully evaluated given the licence that allows the free use without constraints in terms of users or simultaneous connections, also in a commercial implementation. PcHelpware is the package that includes the repeater used to overcome NAT systems and let client and VNC server to talk on different networks.

Finally, branding.
Branding consists in the customization of the graphical aspect of the host executable file with colours and logo of your own company, which is a useful feature that can offer a feeling of security and familiarity to users, in particular to the less tech-savvy, and to enrich your own offerings with a product that, at least on a visive side, is yours.
Several products offer this capability, and ScreenConnect also offers the opportunity of translating the software in your own language (if available) in order to guarantee and even more comfortable experience to clients.


Comparative table

Concluding, here’s a comparative table with all the software we have tried so that you can have a complete overview (PDF available for download here).

AeroadminAmmyyAnydeskgotomypcISL OnlineMSP AnywhereLogMeInScreenConnectTeamViewerUltra VNC
Attended/UnattendedY/YY/YY/YY/YY/YY/YY/YY/YY/YY/Y
NAT and firewall bypassYYYYYYYYYY
File transferY (with resume)YYY (with synchronization)YYYYYY
CryptographyAES + RSAAES-256 / AES-256+RSA-1024TLS 1.2AES 256 bit + RSA 1024 bitAES 256 bitTLS 1.x (AES 128 - 256 bit or 3DES 168 bit)AES-256AES-256 + RSA-2048TWF 256
Log-reportYYYYYYYYYN
Address bookYYYYYYYYYY
Host informationNNNNYYYYYN
Remote script and commands from command lineN?NNNYYY?N
MSI package for Group Policy installationNNYNNNYYYN
Meeting-WebinarYYYNYYYYYN
Remote monitoringNNNNNYYNYN
VoIPNNNNYYNYYN
BlackboardNNNNYNYYYN
Transfer session to another operatorNNNNYYYYYN
Multiple monitorsYNYYYYYYYN
Support Ctrl+Alt+Canc, Win key, etcYNYYYYYYYY
Poweroff/rebootYYNYYYYYYN
Reboot in Safe ModeNNNNYYYYYY
ChatNY (voice only)YNYYYYYY
Video record sessionNNNNYYYYYN
Executable file with client and host rolesYYYNNNYNNY
Invite join session (meeting)NNNYYYYYYN
Remote monitoringNNNYYNYYYN
Remote printingNNYYYYYgroups with permissionsN
Wake-on-LANNNNYYYYYYN
AuthenticationID, password, manual, combinedID, passwordpassword2FApersonal, one timeWindows account, personalWindows, LDAP, 2FA, custom2FA, password one timepassword
Audio supportNNYYYYYYYN
Reverse visualization directionNNYNNNNNYN
Clipboard synchronizationYYYYYYYYYY
Viewer in browserNNNYNNNNYY
Blank remote screenNNYYYYYYYN
Block remote inputsNNYYYYYYYY
Licence
Supported operating systems for remote controlWindows (from 2003 to 8, 32 and 64 bit)Windows 2000/Server 2000 or superior, 32 and 64 bitWindows (XP or superior), OS X, Linux, FreeBSDWindows 2000 or superior, OS X 10.5 or superiorWindows, OS X, Linux, iOS, Android, Windows Mobile 6.5Windows, OS XWindows, OS XWindows, Linux, OS X, iOS, AndroidWindows (2000 or more recent, Server 2000 or more recent), OS X, Linux, Android, iOS, BlackBerry, Windows PhoneWindows (95 or superior)
Client operating systemsWindows (from 2003 to 8, 32 and 64 bit)Windows 2000/Server 2000 or superior, 32 and 64 bitWindows (XP or superior), OS X, Linux, FreeBSDWindows 2000 or superior, OS X 10.4 or superiorWindows, OS X, Linux, iOS, Android, Windows Mobile 6.5Windows, OS XWindows (XP SP3-Server 2003 onwards, 64 bit), OS X (10.7 Lion onwards), Android, iOSWindows, Linux, OS X, iOS, AndroidWindows (95 or superior)
Free licence for personal useYYYNNNNNYY
Licensing modelPro/Business/Corporate - per operatorFree/Starter/Premium/CorporateFree/Lite/Professional/EnterprisePersonal/Pro/CorporateSubscription/Enterprise + Prepaid3 tiersPersonal use/Intensive use/Small businessesOne (1 user, up to 20 computers), Standard (1 admin, 2-50 users), Premium (10 admins, 10.000+ users)Business/Premium/Corporatefree also for commercial use
Number of operators01-50Licences are for computers to control1/1 (extendible)/unlimited/unlimited1 admin, 1 user/1 admin, 2-50 users/1+ admin, 10+ userssee below1-3/4-10/10+unlimited1 user, up to 20 computer/1 admin, 2-50 users/10 admins, 10.000+ users 1-200unlimited
Multiple sessions1/2/unlimited1/unlimited/2/unlimited1/1/1 (extendible)/unlimited?number licences = number of simultaneous sessionsunlimited (per operator)03/01/101-3unlimited
Remote computers controlled?unlimited?1/2/unlimited?30005/02/1010/unlimited/unlimited?unlimited
Mobile appNNNYYYYYYN
Self-hosted on-premisesNNNNYNNYNY
BrandingYYYNYYYYYY
Users management
GroupsNNNYYYYYYN
Users permissionsYYYYYYYYYN

We have particularly appreciated ScreenConnect and TeamViewer given the very rich assortment of features, but the licence price can be an insurmountable limit; among the cheapest solutions, Ammyy and Aeroadmin offer a good compromise between price and features but don’t offer a centralized user management. Anydesk is a really interesting project that you should keep an eye on; unfortunately development is really slow.

banner eng

fb icon evo twitter icon evo

Word of the Day

The term Edge Computing refers, when used in the cloud-based infrastructure sphere, the set of devices and technologies that allows...

>

The acronym SoC (System on Chip) describes particular integrated circuit that contain a whole system inside a single physical chip:...

>

The acronym PtP (Point-to-Point) indicates point-to-point radio links realized with wireless technologies. Differently, PtMP links connects a single source to...

>

Hold Down Timer is a technique used by network routers. When a node receives notification that another router is offline...

>

In the field of Information Technology, the term piggybacking refers to situations where an unauthorized third party gains access to...

>
Read also the others...

Download of the Day

Netcat

Netcat is a command line tool that can be used in both Linux and Windows environments, capable of...

>

Fiddler

Fiddler is a proxy server that can run locally to allow application debugging and control of data in...

>

Adapter Watch

Adapter Watch is a tool that shows a complete and detailed report about network cards. Download it here.

>

DNS DataView

DNS DataView is a graphical-interface software to perform DNS lookup queries from your PC using system-defined DNS, or...

>

SolarWinds Traceroute NG

SolarWinds Traceroute NG is a command line tool to perform advanced traceroute in Windows environment, compared to the...

>
All Download...

Issues Archive

  • GURU advisor: issue 18 - April 2018

    GURU advisor: issue 18 - April 2018

  • GURU advisor: issue 17 - January 2018

    GURU advisor: issue 17 - January 2018

  • GURU advisor: issue 16 - october 2017

    GURU advisor: issue 16 - october 2017

  • GURU advisor: issue 15 - July 2017

    GURU advisor: issue 15 - July 2017

  • GURU advisor: issue 14 - May 2017

    GURU advisor: issue 14 - May 2017

  • GURU advisor: issue 13 - March 2017

    GURU advisor: issue 13 - March 2017

  • GURU advisor: issue 12 -  January 2017

    GURU advisor: issue 12 - January 2017

  • GURU advisor: issue 11 -  October 2016

    GURU advisor: issue 11 - October 2016

  • 1
  • 2
  • 3
  • BYOD: your devices for your firm

    The quick evolution of informatics and technologies, together with the crisis that mined financial mines, has brought to a tendency inversion: users that prefer to work with their own devices as they’re often more advanced and modern than those the companies would provide. Read More
  • A switch for datacenters: Quanta LB4M

    You don’t always have to invest thousands of euros to build an enterprise-level networking: here’s our test of the Quanta LB4M switch Read More
  • Mobile World Congress in Barcelona

    GURU advisor will be at the Mobile World Congress in Barcelona from February 22nd to 25th 2016!

    MWC is one of the biggest conventions about the worldwide mobile market, we'll be present for the whole event and we'll keep you posted with news and previews from the congress.

    Read More
  • 1