WIXLIB

October 20142copyright 2014 Concentrated Technology, LLC

Executive OverviewThis CompareScope paper looks at four solutions designed to facilitate remote administration of MicrosoftWindows-based client and server computers. Some of these solutions have advanced to better manage theclient platforms outside of the traditional Microsoft domain by offering remote administration of Mac andLinux systems. These solutions aim to improve IT worker productivity and to reduce end user impact onsystems being fixed or maintained.Solutions in this category vary widely not only in base functionality, but also in the details of theirimplementation. Fine differences in user interface, workflow, and efficiency can make all the difference for anIT technician or administrator. Deployment details and impact can also differ, which impacts an organization’sability to pilot, deploy, and maintain a solution over time.2copyright 2014 Concentrated Technology, LLC

Remote AdministrationRemote administration of distributed client systems is an essential capability of IT support staff. Solutionsin this category are designed to facilitate remote administration of distributed client and server computers,typically in real-time. For many of the tasks enabled by these solutions, the native alternative is either aphysical desk visit, or a Remote Desktop connection. Either of those alternatives is interruptive to the userof the affected system, and carries a high price in IT personnel overhead. Additionally, solutions in thiscategory offer at least some capability for batch administration of multiple computers. Batch administrationmay include pushing out a software application or patch, applying one or more configuration changes,or generating reports based on queried data. Solutions in this category may also offer enhanced remotecontrol features, either by integrating with native Windows features (Remote Desktop, Remote Assistance)or by providing their own remote control protocol. An increased expectation is that these solutions alsooffer remote administrative solutions for the entire enterprise, not just Windows. Solutions adopting anenterprise approach will offer remote management to Mac and Linux clients, normally through VirtualNetwork Computing (VNC) or Secure Shell (SSH).Solutions in this category may replicate or emulate the native Windows user interface for specific maintenancetasks, such as configuring a firewall or working with device drivers. This approach provides a familiaradministrative surface for IT workers, while the actual work is conducted “under the hood” against one ormore remote computers.In the past, several of the solutions in this category have not maintained a historical configuration database,preferring to query information from systems in real-time. This differentiates them from pure configurationmanagement products, which typically aggregate information into a database and maintain some degreeof configuration history, but do not provide access to real-time configuration values. In some cases, theinventory data can become stale and have possible poor effects on batch management decisions andaccurate reporting.Several solutions are evolving to support both real-time query of configuration data and the retrieval of storedinformation in times when the remote system is offline. Permitting IT to utilize aggregate data from realtime online systems and stored data of offline systems improves the decision making process and reportingaccuracy. While some solutions provide this hybrid approach seamlessly, former database-driven data systemsmay require additional steps to manually gather real-time data, which is first stored in the database beforedelivery in a report or batch-processing job.For this paper, we examine several functional areas we deemed key to this category.Products in this category often provide functionality that seems to point at other categories. For example, byenabling IT personnel to query configuration information from remote computers, one might presume thatthese solutions also provide a means of managing or enforcing a desired configuration – but that is not a partof this category. Some solutions in this category do provide functionality that extends at least partially intoother categories; where appropriate, we note those.3copyright 2014 Concentrated Technology, LLC

Products ComparedThis paper is a product comparison, designed to provide a comparative look at four solutions in this category.This paper is not an exhaustive analysis of the suitability of any particular solution for a given market space.Products included in this CompareScope are: Goverlan Remote Admin Suite v8 Dameware Remote Support v11 LanDesk Management Suite v9.6 ManageEngine Desktop Central v9The Goverlan and Dameware solutions adopt a similar approach, and one that is consistent with mostsolutions in this category. Using Active Directory and network discovery, they identify unmanaged computerson your network and provide the ability to query basic information from them by means of WindowsManagement Instrumentation (WMI). You also have the ability to push the solution’s client agent (small inboth of their cases) to unmanaged computers, making them managed computers. The client agent gives thesolution more coverage and reach into the remote computer, enabling a broader range of management tasksand reporting. Data is queried from systems in real-time, and changes are also applied in real-time, althoughboth solutions allow for scheduled application of batch changes. Manageability with Dameware is availableonly when managed systems are turned on and awake, and both solutions support various techniques tocontrol the power state.The Goverlan solution differentiates itself by providing a storage database for real-time gathered information.The SURE-DATA approach improves data accuracy and availability by supplying real-time informationcombined with stored data for offline systems. This improves manageability by allowing the scheduling ofactions for systems, regardless of state, as is common in larger database-driven solutions.The LanDesk solution is a complex, server-and-agent-based product that compares (from a featureperspective) to Microsoft System Center Configuration Manager. This comparison examines only thoseaspects of the LanDesk product that relate directly to real-time remote client management; the product doesinclude significant additional features that are not considered here.The ManageEngine solution contains several product solutions along with a collection of tools to build acustomized solution similar to LanDesk. This comparison examines only those aspects of Desktop Central thatrelate directly to real-time client management, and in some cases will require additional free tools from theManageEngine collection to provide the desired functionality.4copyright 2014 Concentrated Technology, LLC

ArchitectureThese products all rely primarily upon a locally installed client agent to do their work, although they typicallyprovide some minimal level of client-free functionality, including the ability to deploy said client via pushinstallation. Some care should be taken by customers when selecting a solution, as the client agent can playa crucial role in security and stability. The size of the client agent, its software dependencies, and so forthshould be considered.These products typically rely on a combination of Active Directory Domain Services (AD DS) and networkdiscovery (pinging IP ranges) to discover unmanaged systems. Solutions in this category do not necessarilyrely on a database.Solutions in this category may also offer centralization of certain auditing events for reporting and auditingpurposes, such as use of the solution’s remote control facilities. Where appropriate, we note the availability ofsuch centralized features, although these were not a major focus for this comparison.Note that both the Goverlan and Dameware solutions are desktop applications. They do not require a serverbased infrastructure and can be deployed for piloting without impacting the production network.LanDesk and ManageEngine have traditional centralized databases for inventory collection, primarily used forreporting and targeting resources. The inventory collection process can take several days depending uponconfiguration. This approach is similar to Microsoft System Center Configuration Manager (SCCM). For normalday-to-day tasks like deploying major application updates, the stale nature of the inventory data is generallynot seen as a problem. For real-time client support and troubleshooting, the delay in current inventoryinformation can be a factor.The Goverlan solution provides a unique hybrid solution in that it first gathers its inventory information inreal-time, then optionally storing this information (using SURE-DATA technology) to a local file or central SQLdatabase. This contrasts from LanDesk and ManageEngine by providing immediate real-time information asthe technician is working and displaying stored information for systems that may be offline, permitting moreaccurate queries for actions and reports. Inventory collection may also be scheduled, but the importance ofhaving real-time information immediately available is the foremost concern to the support technician.5copyright 2014 Concentrated Technology, LLC

Remote ControlRemote control is a core functional area for solutions in this category. Solutions typically support the builtin Remote Desktop Protocol (RDP), may support VNC and Telnet/SSH for cross-platform control, and oftenprovide their own proprietary remote control protocols. Proprietary protocols may offer better networkutilization or lower CPU utilization, file transfer and chat capabilities, additional user experience or securityoptions, and so on. The feature comparison below was performed using the product’s proprietary controlsolutions, when available.GoverlanRemote AdminSuite v8DamewareRemote Supportv11LanDeskManagement Suitev9.6ManageEngineDesktop Centralv9Yes;streamlined UIYes;standard UIYes, with additionalintegrationYesYes - fastConnectNoNoNoConnect to remotecomputers viasmartcard loginYesYesYesYesChat with usersYesYesYesNoTransfer filesYesYesYesYesProprietary remotecontrol protocolYesYesYesYesVNC supportYesYesNoNoTelnet/SSH supportYesYesYesYesRemote DesktopProtocol supportYesYesYesNoRemote AssistancesupportYesNoYesProprietaryCreate dashboardsshowing multipleremote computers’screensYesNoYesNoRemote shadowingof user sessionsYesNoYesUnknownFind users andcomputers in AD DSby using wildcardsand attribute namesDiscover computersby logged onusername6copyright 2014 Concentrated Technology, LLC

GoverlanRemote AdminSuite v8DamewareRemote Supportv11LanDeskManagement Suitev9.6ManageEngineDesktop Centralv9Various end-userapproval modesYesYesYesYesRemote controlnotification andauditing optionsYesYesYesYesLock out local useroptionYesYesYesYesBlank screen fromlocal user optionYesNoYesYesCapture screenshotsYesYesNoUnknownCapture video ofremote controlsessionYesNoNoUnknownCentral auditingof remote controlactivityYes;free GoverlanCentral Servercomponentrequired.NoYesYesExtensive:Color reduction,numerous visualoptionsBasicYesNoClipboardintegration viaremote controlYesNoYesNoClipboard-basedfile transfer fromremote computerYesNoNoNo“Observe only”remote optionYesYesYesUnknownIntegrated TaskManager duringremote controlYesNoNoNoIntegratedperformancedisplay optionsalong with remotecontrol/monitoringYesNoYesNoOptions to reducenetwork utilization/improveperformance7copyright 2014 Concentrated Technology, LLC