Naverisk offers flexible and secure remote access to managed devices from the Web interface. Whilst this is normally used to provide remote support and administration by IT departments and MSPs, it also provides a convenient way to provide remote working capability for staff, allowing them to remotely access their office computers from home, without the complexity of configuring VPNs or the security risks of connecting potentially insecure personal computers to corporate networks.
This guide will outline the necessary steps to allow your own staff, or those from any of your clients, to work from home using Naverisk Remote Access.
Ensure that every workstation in the office has a Naverisk agent installed and is showing in Devices under the correct client. By default, the Remote Control package is installed on all managed devices. This can be checked using the Package Manager. If the package is not installed, you can use the manager to remotely install it.
Once the package is installed, the Remote Control methods will show up for the device.
(Note that not all methods shown here may be available)
Note that for newly added devices, the remote control package will need time to install the required software on the device.
You can select the remote control methods to make available from Settings > Remote Control.
A User Group needs to be configured for each client that you wish to enable remote access for. This group will provide access only to the devices for that client so the users can initiate remote control sessions.
Under Settings > Users & Groups, select the desired Client from the client tree, then create a new group.
Enter an appropriate name and description. Ensure the client is set correctly, and Parent is set to (No Parent). If there are already users configured for the client, select those that you wish to provide remote control to. When completed, select Save.
From the list of groups, find the group you have just created, and click on the lock icon to edit the Group Rights
Configure the Rights as follows:
Home Tab: Tick Access and Edit. This will allow users to edit their profile and change their password.
Device Tab: Tick Access. This will allow the user to view the device and start remote control, but not manage the device, run scripts etc.
Leave all others unticked.
Under Clients, ensure that only the appropriate client is selected.
An account must be set up for each user needing to remotely access their PC. Under Settings > Users & Groups, select the correct client from the client tree, then select New User.
Under the General tab, enter the users details. Under Group Membership, select only the group you created for remote access.
On the Settings tab, configure the following settings:
Home Page: Devices
Login Timeout: as desired
Tickets can be assigned to this User: Unticked
Authentication Type: Password
Password: Configure an initial password.
Other settings leave as default.
Select Save when done
We strongly recommend that all user accounts with Remote Contol access are configured to use 2FA. Naverisk supports both AuthAnvil and Google-compatible 2FA methods. Documentation on configuring these are available from our KB:
We will cover configuring Google 2FA (or compatible apps) here, as this is the most commonly used. Note that each user must configure 2FA themselves, it cannot be done by the administrator. We recommend assisting users with this.
- The user must log in using the password created for them
- Go to Home > My Profile
- Under Settings, change Authentication Type to Google 2FA
- Using Google Authenticator, Authy or another compatible app, scan the barcode into the app, or enter the 2FA key.
- Enter a PIN number up to 6 digits.
- Select Save
Logging in using 2FA
The user should be advised on how to correctly log in using 2FA. On the logon screen, the user enters their username, and in the 2FA field, they enter the token displayed on the authenticator app, along with their PIN code – these are entered together without any space or other separator.