This article looks at how to use Remote Assistance in an environment where your desktop 
computers have Windows Firewall enabled. Topics covered include using Group Policy to create a Remote Assistance exception for desktop computers, configuring computers to receive offers of Remote Assistance, and tips on using Remote Assistance.
Remote Assistance is one of those features that hasn’t quite lived up to its initial promise. It first appeared in Windows XP and was promoted by Microsoft in two ways: as a way for Help Desk departments to save on the cost of supporting users, and as a tool for home users to receive help from "experts" over the Internet. Unfortunately the second use hasn’t turned out to be as helpful as it was originally intended. The reasons for this are mainly related to networking hardware. With the advent of home networks having broadband connections to the Internet and protected behind NAT-enabled routers, the plain fact of the matter is that Remote Assistance doesn’t always work. In particular, if both the Novice (the user/computer needing assistance) and the Expert (the user/computer providing assistance) are both hidden behind NATs, then traditional invitation-based Remote Assistance just doesn’t work. And even if only one of them is behind a NAT-enabled router, Remote Assistance usually won’t work unless the router is Universal Plug and Play (UPnP) compliant so that incoming packets directed to port 3389 can be mapped to the client needing assistance. Finally, there are firewall issues associated with Remote Assistance and the bottom line here is that generally both the Expert and Novice computers must have their firewalls configured to allow both inbound and outbound traffic on port 3389. For Windows Firewall, this means opening up port 3389 for inbound connections only as no outbound filtering is performed, but this will soon change in Vista where the firewall will filter both outbound and inbound traffic. All this—hardware difficulties and firewall complexity—make Remote Assistance a difficult feature for many home users to make use of, and I personally don’t know anyone who has used it at home to get help for their computer problems.
Reducing support costs for Help Desks however is another thing, and that’s really where Remote Assistance shines. What’s not so well known however is that Help Desks can use Remote Assistance in two ways: users can request help when they need it, and experts can offer help when they feel users might benefit from it. Let’s briefly review the first type of Remote Assistance (invitations) and then go on and look how to implement the second type (Remote Assistance offers) in an enterprise where Group Policy is used to manage desktop configuration settings. Using Remote Assistance with Windows Firewall Enabled
From around the Web
- Windows Vista Service Pack 2 Latest Release Schedule
- Vista SP2: What is inside?
- NetWitness releases free version of security software
- Three Reasons Why Users Won’t Buy Into Security
- Automated security testing & its limitations
- Google Wants to Preinstall Chrome Browser on PCs
- Mozilla warns of Firefox China add on
- Firefox No Longer an Automatic Defense Against Browser Drive Bys
- Google patches Chrome file stealing bug
- Apple plays catch up, adds anti fraud safeguard to Safari
- Researchers find vulnerability in Windows Vista
- How to Use Network Behavior Analysis Tools
- The insider security threat in IT and financial services
- Windows 7 security: An overall improvement?
- Windows 7 UAC could be less of a nag
0 comments for this entry ↓
There are no comments yet for this entry.
You must log in to post a comment.