Programs give support staff remote access to users' computers
Anyone who has tried to help a remote employee fix a computer problem knows the frustration of trying to visualize a desktop you can't see and describe menus and mouse clicks from memory. Even the simplest problems, such as changing the default printer, can drag into an hour-long festival of hair pulling and frazzled nerves. Good training for a therapist, maybe, but valuable use of your technical staff it most certainly is not.
Thankfully, several products can help solve this problem. Remote-access and control programs for the desktop enable support staffers to dial directly into a remote desktop system and perform operations on that computer just as if they were sitting in front of it. The befuddled user can watch every move on his or her monitor and even communicate with the support staff via a chat window.
Remote-access and control programs also provide tools for moving files from one computer to another. With the increasing features and portability of laptop computers, more and more professionals are treating their desktop systems as home base — a repository for critical information they might need to access from remote locations. With remote control and access, all it takes is a dial-up connection to the desktop back at the office and you can have access to anything you need on that computer.
We rounded up the top contenders in this group—LapLink Gold, ControlIT and pcAnywhere,—to see how each could best serve an agency looking to give its users remote access to their information while giving support staff the ability to remotely control users' computers.
LapLink.com Inc.'s LapLink is hands-down the easiest-to-use application of the bunch. Its interface is well designed and includes helpful—though at times annoying—instructions that pop up to guide you through just about anything. Connecting to another computer, for example, is as easy as choosing "Connect Over" from the toolbar and then either modem, network, Universal Serial Bus network, cable or Internet. And as always, LapLink comes with the proper cables (serial, parallel and USB) in case you don't have a working Network Interface Card or modem connection.
Of course, security is a major concern whenever you open a computer to outside users. Accordingly, LapLink's default setting denies incoming requests, and you must define accepted callers in the log-in list or open it wide to the public.
What's more, each caller can be given specific rights, such as file transfer, remote control, print redirection, and voice and text chatting. In addition, users can blank the host machine's screen (very useful for stopping eavesdroppers from watching your remote operations) and disable the mouse and keyboard.
Other security features include encryption (to stop snoopers from capturing information in transit), folder and drive-level security, call logging and automatic callbacks to predefined phone numbers only. LapLink's security measures should put department administrators at ease.
While connected, the two primary applications are remote control and file transfer. The remote control works well in most instances. The only time we got an unexpected result was when launching videos remotely. This was a problem with all the products we tested. No matter how fast the connection, videos do not run adequately via remote control.
Apart from videos, however, all other applications work like a dream. You can easily run any application or get access to any file that the host machine has access to—you can even run a monstrous database application via your puny laptop.
Likewise, the file-transfer application is easy to use and works well. You can either transfer files manually, picking and choosing from a directory tree similar to Microsoft Corp.'s Internet Explorer, or you can set up automatic synchronization of directories between your remote and local computers.
There were two drawbacks to Lap-Link. Although its file-transfer speeds were the fastest of the programs we tested, remote-control browsing was noticeably slower than we experienced with the competition. Not only was it slow for the guest to show what the host was doing, we noticed it even slowed down operations on the host machine.
The other weakness was in its administration tools. The latest versions of pcAny-where and ControlIT boast enterprise-class features, such as centralized administration and security tools, but LapLink is rather light in these areas.
If simplicity and ease of use are more important than remote-control performance and manageability, LapLink is an attractive package.
ControlIT 5.1 Enterprise Edition
If manageability and security are top concerns, then Computer Associates International Inc.'s ControlIT may be just what you need. ControlIT offers virtually all the functionality the other two products give Windows users, with the added benefit of centralized administration via Windows NT or Computer Associates' venerable Unicenter TNG.
The administrator has the option of installing one of two versions of ControlIT: a managed version or a stand-alone version. The stand-alone one is similar to LapLink in that it puts a premium on ease of use. For example, users do not need to designate whether they want to be in "host" or "guest" mode, as they do with pcAny-where. If the application is running, either mode can be employed. This simple feature is a huge boon when someone tries to log in to a remote computer they specifically left running only to find out they can't because they forgot to put it in host mode.
The managed version is also easy to use, but is about as locked down as any agency could hope for. This version requires a single, designated Windows domain controller or the TNG framework from which an administrator can manage, configure and deploy hundreds or thousands of identical copies of ControlIT in a fraction of the time required to visit each machine. More important, none of the versions can be manipulated to breach security policies.
For the same reasons that remote-control products are so powerful for end users, they can be disastrous in the wrong hands. ControlIT is the best at ensuring that corporate security policies can only be manipulated by those with permission. For example, while configuration options are visible to the viewer, they are grayed out and cannot be altered. While for the user this is the least flexible application, for management it is the most secure.
Like pcAnywhere, Con-trol-IT comes with a management utility that scans all ports on all machines on the network to see whether other versions of remote-control software are installed and running. This alerts administrators to unauthorized activities.
PcAnywhere by Symantec Corp. offers the richest features of the group. This product has been around for about 15 years and has heaps of features both for end users and administrators. But we also found a few glitches.
For starters, pc-Anywhere can work with any Microsoft operating system—from DOS to Windows 2000. It also offers the best remote- control operations and has a bevy of features and options, including folder syn-chronization, true color screen resolution and transmission capabilities over virtually any net-work operating system.
Although not quite as tight as ControlIT, Version 10 of pcAnywhere includes a number of enterprise-class features that make this ideal for all but the most secure networks. For example, a fast port scanner utility quickly and effectively scans the network for virtually any remote-control software running on any system to ensure that only authorized systems are accessible to outside users.
In addition, the new version comes with an MMC (Micro-soft Management Console) snap-in that enables you to build, configure and deploy identical versions of the application for your users. As with ControlIT, different groups can be designated different features and control privileges. Unlike ControlIT, however, with pcAny-where the end users can still change the configurations on their own.
Also with the other two, pcAnywhere allows you to use existing NT users and passwords for authentication, rather than creating a new set for this application. Detailed event logging and even session recording also are options, allowing the IT manager to make sure the system is not being abused, or track down the culprit when it is.
Although certainly complete, pcAny-where is not the easiest to use, nor the most compelling for the administrator. Its breadth of features offers an attractive alternative to the thinner LapLink or the more rigid ControlIT.
So Close, Yet So Far
Despite the progress in this field, there are a few things we would like to see addressed in future releases.
First, we'd like to have the ability to use any browser to control a host. ControlIT, for example, requires software to be installed on the guest machine, but it did not always behave the way it should.
Second, we'd like to see an easy way to use these products with firewalls. Right now, especially if you are using Network Address Translation, you need to manually punch a hole in the firewall to give travelers access to the corporate goods.
Another big issue that needs to be addressed also relates to security. When a guest calls up a remote machine, he or she gets access to everything connected to it. A more secure solution would be for the caller to have access only to those resources his or her network log-in allows.
Finally, we'd like to see better integration of the file-transfer capabilities with the remote-control applications. In each system, you cannot simply drag and drop a file or folder from the host to the guest system. Instead, you need to invoke a proprietary file-transfer program that closely resembles an FTP application.
We were surprised that these graybeard applications are just as compelling today as they were before Windows shipped. Thankfully for vendors, Windows was not designed to be a networked operating system, and until Windows shifts from a desktop-centric model, there will always be a need for applications like these.
Jefferson is a freelance analyst and writer based in Honolulu who has been covering tech-nology for several years.
NEXT STORY: Plunge shows value of diversifying