Remote control software comes with varying configurations, functionality, and costs, but it all makes the same promises: time savings and convenience for the IT department and timely support for end users. Many tools are either free or fairly cost-effective. I’ll outline how our organization determined that VNC was the right remote control tool for our needs and the lessons learned during the effort.
Documenting product features
Our first step was to create a spreadsheet of the strengths, weaknesses, costs, and any other measurable values for the packages available. There are a number of products to choose from and you may want to review them all. These are some of the more popular ones:
- Remote Desktop for Windows XP
- Carbon Copy
- Systems Management Server
- VNC/Tight VNC
Once we had completed the initial product evaluation, the next step was creating a short list of acceptable packages for our network type, based on network speed, platforms, and perceived budget for implementation. Then it was time to connect the technology to the enterprise need to get corporate approval for the project.
Package selection criteria
When selecting the best package, we considered the following:
- Benefits: These are the tangible, measurable, and repeatable gains that are gained from the software and are considered the must-have portions of the software.
- Advantages: It's nice to have parts of the software that will make life easier, such as the provision of a few helpful routines or automation.
- Features: Those are parts of the system that will probably never be used.
In other words, we determined the must-have items or requirements. Our must-have list looked like this:
- Remote deployment
- IP access at a minimum
- O/S compatibility: Windows XP, 2000, NT 4.0 Server, 98, 95, Linux 7.1, 8.1
- No reboot after installation
- Require password to logon to client
- Notification to users that a remote connection was made to their desktop
- View-only modes available
- Response must not be too slow—screen refreshes must not be drawing out slowly
- Allow sending of [CTRL][ALT][DEL]—reboot client and reconnect required
- Allow an address book for quick access
- Remote control of mouse and keyboard—must override client when necessary
- Allow tech support to view different machines simultaneously
- Allow multiple users to attach to one host
Making the product decision—VNC/Tight VNC
Once my team received the needed approval, we reviewed the products and ultimately chose Virtual Network Computing (VNC) as our remote control tool because it met our network needs and provided additional features. VNC requires a server (ordinary host PC) to have an IP address, and the VNC server software must be installed. The connecting client requires an IP address and a viewer (150-KB download). The viewer can also be run from a floppy disk.
This package was easy to install and was so simple to use, you would never need a manual. It connected to hosts using their IP addresses or their Net BIOS names. It supported all platforms that we had in the organization. While it didn't support dial-in, that was not necessary for our organization.
Security was not as good as the others but basic security features were present. Performance was adequate and, best of all, it was and still is absolutely free. You can download your copy here.
Remote deployment was easy using a logon script. The system met all of our requirements and even had a few additional useful features and advantages such as:
- A user can request assistance by pushing a request.
- The viewer can run from a floppy disk (150 KB).
- VNC is platform-independent—it will work in the Macintosh environment too.
- Viewer and server portions can be installed separately allowing general users to have the server portion installed on their systems, and only tech support to have both client and server to allow them to connect to others.
- Runs as a Windows service.
- A VNC Server also allows a connection through a browser using a Java viewer.
For the adventurous, VNC can be re-engineered to support RS232, FireWire, and other transport layers connections.
The installation options
Installing the software was a breeze. Of the many options available, these are some of the best:
- Manual Installation: Have an IT person move around to each client, install, and configure the software.
- E-mail the software and the instructions to all users: Double-check each installation by connecting and testing.
- Set up a scripted installation to run at logon time: This is useful if you have a Windows domain.
During installation, you may choose to install the viewer and/or the server. Install the VNC server software portion on all clients. Also, install the viewer on the systems of the support engineers and/or the support personnel of the IT department. You can even set the VNC program to run as a service and start when Windows starts. Depending on your needs, you can choose to script some or all of the installation processes.
VNC does not come without its share of issues. These fall into three key areas of security, screen refresh problems, and user acceptance.
VNC uses a challenge-response password scheme to make the initial connection. Although it is more secure than a telnet session, administrators can gain additional security by adding an encryption scheme or by tunneling it through SSH. You may also want to configure your firewall to allow traffic through port 5900 if you are connecting to a PC server that is behind a firewall. A VNC Server also allows a connection through a browser using a Java viewer. The system does not allow Windows authentication. This can be a plus in some administrators’ eyes; others may find it to be a problem, especially when they are involved in a lot of remote support.
Screen refresh problems
You may find that the viewer does not always refresh properly; you may find yourself "painting" an area with the mouse to see a dialog box that may have appeared on the server. This can be an annoyance but did not occur regularly.
Many users are very cautious about what software is being installed on what they consider their systems. Deployment can cause yet another upheaval and increased enmity between IT and users, especially among those users who will just “never understand.” However, the good news is that VNC is flexible enough to cater to this issue:
- If VNC is installed as a service or starts automatically, users can right-click on the VNC server icon on the system tray and choose Add New Client. The designated IT support’s IP address or hostname can be entered, and the user gives access to the IT support person. IT support systems must be running the listening daemon, which comes with the download. The password for connection need not be known by IT support.
- VNC can also be initiated by the end user. This allows some form of control over when support personnel can attach. Obviously, users would feel more comfortable with this approach. The password for the connection must be known by IT support personnel unless the user initiates the Add New Client command as well.
VNC provides a low-cost and reliable technology; it is up to the IT department to sell the users on the idea of remote support. Choosing a less pervasive means can also be useful for external support staff. VNC viewer is not without its share of issues, but for the cost of the software, I'm not complaining.
If you have a small department and would like support for your VNC installation, you may opt to purchase a modified version of VNC from Tridia called TridiaVNCPro that retails for $49.00 per client. Tridia also provides a free modified version of VNC that remains open source and has lots of useful add-ons—many of which are free downloads—that make TridiaVNC extremely flexible. There is, for example, a VNC manager that finds VNC hosts running on your network, a policy editor, a batch file installer, and a patch for dual-monitor support.