ISL AlwaysOn 1.0 Manual

Transcription

Contents
2
Table of Contents
Foreword
0
Part I Introduction
3
Part II Security Statement
4
Part III System requirements
6
Part IV Setting up ISL AlwaysOn on a computer
7
...............................................................................................................................................................................
1 Register ISL Online account
7
...............................................................................................................................................................................
2 Login at ISL Online Netw ork
8
...............................................................................................................................................................................
3 Install ISL Alw aysOn on a computer
9
Part V Accessing ISL AlwaysOn computer
13
...............................................................................................................................................................................
1 Login at ISL Online Netw ork
13
...............................................................................................................................................................................
2 Connect
16
...............................................................................................................................................................................
3 Control
18
Part VI Enable / Disable access to a remote
computer
Part VII Instruct remote user how to install ISL
AlwaysOn
Part VIII FAQ
Index
22
23
28
0
© 2014 Xlab d.o.o., Ljubljana
2
1
Introduction
3
Introduction
ISL AlwaysOn is a business software for fast and secure access to your PC over the Internet. ISL AlwaysOn
automatically handles all special network configurations, therefore remote access can be easy even if both
computers are behind a firewall and complex networks. Be more flexibile and save time. You can work on your
office PC or administer a remote server from home, while on vacation or anywhere else.
This document explains the following topics:
security aspect
system requirements
setting up ISL AlwaysOn
accessing a remote computer
enabling / disabling access
instructing a remote user how to install ISL AlwaysOn
2
Security Statement
4
Security Statement
Introduction
Security should be a crucial part of a remote access product, no matter for what purposes you are using it;
business or personal. ISL AlwaysOn uses maximum security.
ISL AlwaysOn is secured on multiple layers:
1. ISL AlwaysOn computer to ISL Online products user visibility.
2. ISL AlwaysOn computer access password.
3. ISL Light remote desktop session security.
4. MS Windows OS access security scheme.
An ISL AlwaysOn connection from a computer to a ISL Conference Proxy server is encrypted with SSL.
The ISL AlwaysOn's activities can be monitored by tracking the history of accesses to a computer. This report
shows which ISL Online users accessed the computer and when they accessed it.
A user can always lock access to his/her computer. By disabling access, the computer becomes inaccessible
until further action.
Security, 1st layer - ISL AlwaysOn computer to ISL Online products user visibility
To access a remote computer, you need to establish a link between your ISL Online account and a computer
you want to add access to. To do this, you need to log into your ISL Online product account at
www.islonline.com (see detailed instructions in the Setting up AlwaysOn chapter), where you install ISL
AlwaysOn on your computer. Each user has its own digitally signed executable identifying his/her ISL Online
user account. No other ISL Online user will be able to see or try to start a remote connection if an ISL AlwaysOn
computer administrator has not installed a customized ISL AlwaysOn program.
Security, 2nd layer - ISL AlwaysOn computer access password
Installing ISL AlwaysOn on a computer does not yet enable the access. To enable the access, a strong access
password must first be set. ISL AlwaysOn accepts only a strong access password. This password is stored in
the Local Machine registry as MD5 hash. The plain text password is not available anymore.
After installing ISL AlwaysOn and setting an access password, remote access for the specific ISL Online user
is finally enabled. Whenever the ISL Online user wants to connect to the remote computer, he/she needs to
enter the ISL AlwaysOn access password for each remote access session he/she starts. When connecting to
an ISL AlwaysOn computer, the protocol is the following:
Step
1.
ISL Online products user
ISL AlwaysOn computer
send encrypt("connect")
2.
3.
<challenge> = generate challenge
send
"encrypt(authentication_required({chmd5,
<challenge>}))"
request input of password
make
chal-pass-
Security Statement
5
md5=md5(challenge,md5(password))
send encrypt("authenticate({chmd5, <chal-passmd5>})")
4.
5.
request = decrypt(received_data)
if request[key] = chmd5 then
load md5-password from registry into memory
if request[1] = md5(challenge, md5-password)
then
set authenticated user = true
send encrypt("get_code")
else
send encrypt("error authentication failed")
end
else
send encrypt("error authentication not
supported")
end
if received = get_code then
start ISL Light Desk, request code
send encrypt("code <ISL Light session code>")
else
goes again to step 3.
end
6.
7.
received = decrypt(recieved_data)
if received = "code <code>" then
start ISL Light Client with --connect <code>
set authenticated user = false
end
ISL Light Desk is connected into session
ISL Light Client is connected into session
Security, 3rd layer - ISL Light remote desktop session security
The remote desktop control session is enabled by ISL Light. ISL Light (version 3.1) enables to create an instant
remote desktop control session, which is secured with SSL (a 1024-bit RSA key for the handshake and a 256bit AES session key). Once a session is established, no one can see this session's encrypted data. And when
an ISL Light session is ended you cannot connect to the same session again. Read more on ISL Light security
at http://www.isllight.com/help/security_statement.htm.
Security, 4th layer - MS Windows OS security
Once an ISL Online user is connected to a remote computer, he/she can see the Windows console desktop
session running on the computer. It is recommended that the user sets passwords for all Windows
accounts and disables accounts which are not in use. The user should always log off the computer when not
present, so when accessing the computer he/she needs to type in the Windows account password.
3
System requirements
6
System requirements
Operating Systems:
Microsoft Windows Vista
Microsoft Windows XP
Microsoft Windows 2000
Microsoft Windows Server 2000
Internet Connection:
ISL AlwaysOn uses less than 1KB/minute when a computer is connected to ISL Online Network servers. When
connected to a remote computer, the required bandwidth minimum is not defined, although we recommend at
least a 50kbits/s connection for more comfortable work.
4
Setting up ISL AlwaysOn on a computer
7
Setting up ISL AlwaysOn requires the following steps:
1. Register ISL Online account.
2. Log into ISL Online Network
3. Install ISL AlwaysOn on a computer
Please read the following text carefully as it is very important for ISL AlwaysOn's successful setup.
4.1
Register ISL Online account
If you already have an ISL Online account, please use your existing username and password (ISL Light
username and password). Please continue with the next step.
Before you start using ISL AlwaysOn, you will need to create your ISL Online account. You are welcome to
register your ISL Online account now.
Once you are finished with the registration procedure, you will get an ISL Online account together with your ISL
Online products username and password.
Next step: Login at ISL Online Network
4.2
8
Login at ISL Online Network
To install ISL AlwaysOn on a computer, you need to have ISL Online products username and password.
You need to be at the computer that you want to add remote access to. You also need administrative
privileges to install ISL AlwaysOn.
Please open your Web browser, navigate to the ISL Online home page (http://www.islonline.com) and click the
Product login button in the ISL AlwaysOn window.
You can also login by opening your browser and entering the direct Web address: http://www.islonline.net
Login with your ISL Online products username and password.
9
If you have created an ISL Online domain on your ISL Online account, the username should be entered in a
\\your-domain\username form (example: \\CompanyName\Tom)
Next step: Install ISL AlwaysOn on a computer
4.3
Install ISL AlwaysOn on a computer
When logged at your ISL Online product account, you need to download the ISL AlwaysOn executable file.
Please find the download link under the "Add new computer" option.
10
Continue to install ISL AlwaysOn by pressing Run.
File Download - security warning appears. Select Run.
11
The ISL AlwaysOn Setup Wizard screen appears. Select Next to continue and follow the wizard.
The program will download and install in seconds. Now, you need to select a strong access password to
additionally secure access to your computer.
As an important part of security, you need to set a strong access password. You will need to provide the
access password each time trying to access that remote computer. Without the access password you will not
be granted access. You can change the access password in the Computer Access Configurations, but must
inform everybody that has access to your computer about the change. The password is stored locally in a
registry.
12
And finally click OK to grant the access.
After the access is granted, you will see the ISL AlwaysOn Computer Access Configuration screen with some
basic information about accessibility settings.
Next step: Accessing ISL AlwaysOn computer
5
Accessing ISL AlwaysOn computer
13
Please read the following text carefully as it is very important for ISL AlwaysOn's successful setup.
Once ISL AlwaysOn is set up and you have created a list of remote computers, you can access them
immediately practically from any computer using Windows 2000 and newer. As the access is done through a
Web page, you only need to have an Internet connected computer.
Accessing ISL AlwaysOn computer requires the following steps:
1. Login at your ISL Online Network account
2. Connect
3. Control
5.1
Login at ISL Online Network
To access one of your remote computers, you need to:
1. Open a Web browser and navigate to http://www.islonline.com.
2. Click Product login in the ISL AlwaysOn window.
14
3. Login with your ISL Online products username and password.
15
4. A list of accessible computers appears.
16
Next step: Connect
5.2
Connect
Once you are logged into your ISL Online Network account, you need to:
1. Click Connect beside the remote computer that you want to access.
17
2. Confirm the Internet Explorer File Downloading - Security Warning. Choose to Run the ISL AlwaysOn
Connect program.
18
3. Enter the remote computer's access password and click OK.
Next step: Control
5.3
Control
The remote desktop control session is enabled by ISL Light. The ISL View window automatically opens in
about 30 seconds. In this window you have full view and control over the remote computer's desktop. During a
remote desktop session, you are empowered to use the following features: screen viewing, keyboard and
mouse control, file transfer, whiteboard, and video call.
19
The ISL Light Desk application opens in the right bottom corner of your desktop and the ISL Light Client
application opens in the right bottom corner of the remote desktop. You can Minimize them or Minimize them to
tray.
20
Resizing the ISL View Window
The remote desktop viewing window, ISL View, is very dynamic and can be modified according to your needs
and wishes. You can easily enlarge it or scale it down. You can zoom in to fit the remote screen in the viewing
window or adjust the zoom to show the remote desktop in real size. You can also switch to a full-screen
viewing mode.
21
Closing the remote desktop connection
During a remote desktop session there are ISL Light Desk and ISL Light Client applications running on your
computer. Closing either the ISL Light Desk application or the ISL Light Client application will close the remote
desktop session itself.
Closing only the ISL View window will not close the session with the host computer. To close the remote
desktop session completely, you should close either the ISL Light Desk application or the ISL Light Client
application.
6
Enable / Disable access to a remote computer
22
Enable / Disable access to a remote computer
Locking or unlocking access to a remote computer is very simple. You need to be at the remote computer, click
on the ISL AlwaysOn icon in the system tray and open Computer Access Configurations. Press the Enable or
the Disable button to change the status.
To be able to access a remote computer, you should leave it Enabled.
To change the computer's access password, click the Change Password button, enter a new password and
confirm it. If you have granted access to a third party, notify him/her of the change.
If you want to permanently disable access rights to a specific user, you can remove the user from the granted
access list. To do so, make a right click on the user and click Remove.
7
Instruct remote user how to install ISL AlwaysOn
23
An alternative option to adding access to a computer yourself is to instruct another user to install ISL AlwaysOn
on a remote computer. In this case, you don't need to be present at the remote computer.
To instruct the remote user on how to add access, please navigate to the ISL Online Web site
(www.islonline.com) and click the Product login button in the ISL AlwaysOn window. Login with your ISL Online
products username and password (see detailed instructions in the Setting up AlwaysOn chapter). When
logged in your account, check the Show more possibilities box to see instructions.
Checking the box will show the installation instructions for the remote user. You can send these instructions
directly to the client via email:
24
Instructing a remote user yourself
The remote user should navigate to the ISL Online Web page at www.islonline.com, enter the session code
and click Connect:
Clicking Connect opens the Grant remote access screen. The remote user should press "Grant Access" to
continue.
25
File Download - security warning appears. Select Run.
The ISL AlwaysOn Setup Wizard screen appears. Select Next to continue and follow the wizard.
26
The program will download and install in seconds. Now, you need to select a strong access password to
additionally secure access to your computer.
As an important part of security, you need to set a strong access password. You will need to provide the
access password each time trying to access that remote computer. Without the access password you will not
be granted access. You can change the access password in the Computer Access Configurations, but must
inform everybody that has access to your computer about the change. The password is stored locally in a
registry.
And finally click OK to grant the access.
27
After the access is granted, you will see the ISL AlwaysOn Computer Access Configuration screen with some
basic information about accessibility settings.
8
FAQ
28
FAQ
What is ISL Online account?
An ISL Online account is a common user account for all four ISL Online products. When logged in, you can
manage your ISL Online license, create and manage product users, and view reports on history of using your
ISL Online services.
A common ISL Online license was introduced in March 2008. One license grants you rights to use all four
products:
ISL Light - Instant Assistance
ISL AlwaysOn - Easy Remote PC Access
ISL Pronto - Live Chat
ISL Groop - Online Collaboration
To log into your account, open your Web browser and navigate to the ISL Online Web site at
www.islonline.com. Login by entering My account.
To create your ISL Online account, you need to register. At the same time, you will be assigned a free trial of
ISL Online products for full 15 days. If you want to proceed to the registration now, please follow this link: https://
www.islonline.com/account/register.
FAQ
29
What is ISL Online products username?
An ISL Online products username is the username for using ISL Online products - ISL Light, ISL AlwaysOn, ISL
Groop, and in the future also ISL Pronto. You are provided with the ISL Online products username at the ISL
Online account registration.
Access disabled?
If you get an error message when connecting to a remote computer saying "Remote computer has remote
access service temporarily disabled", the owner of that computer must have locked it. In this case, please
instruct the computer's owner to click the ISL AlwaysOn icon in the system tray, open the Computer Access
Configurations, and press the Enable button.
FAQ
30
For more detailed information on locking / unlocking access to a remote computer, please go here.
How do I access my computer?
After having successfully set up ISL AlwaysOn on your remote computers, you can access them anytime and
from anywhere you want. To access your remote ISL AlwaysOn computer, you need an Internet connected
computer. There, you open a Web browser, navigate to www.islonline.com and click Product Login in the ISL
AlwaysOn window. Use your ISL Online products username and password to login.
FAQ
31
When logged in, you can see the list of your remote ISL AlwaysOn computers. To access a computer, click the
Connect button beside it and then enter the computer password.
FAQ
32
Who can access the computer with installed ISL AlwaysOn?
A computer can be accessed remotely if all of the following conditions are met:
1. ISL AlwaysOn is installed on that computer.
2. ISL AlwaysOn access is enabled for that computer.
3. Access to that computer has been granted to a specific ISL Online user.
4. The ISL Online user knows that computer's access password.
If one of the four conditions does not comply, a user cannot access a computer.
1. ISL AlwaysOn is installed on your computer.
To check if ISL AlwaysOn is installed on your computer, go to Start / All programs / ISL AlwaysOn.
You can also check if there is a small ISL AlwaysOn icon minimized to the system tray:
FAQ
33
2. You have granted access to a third party.
If you have ever granted access to your computer to a third party, you can see that person in the ISL AlwaysOn
User list. To see the User list, open ISL AlwaysOn by clicking the ISL AlwaysOn icon minimized to the system
tray and selecting the Computer Access Configuration option.
The person, whose username is displayed in the User list, can access and control your computer remotely and
whenever he/she wishes to. Nevertheless, you can either temporarily lock your computer and unlock it again
when needed, or permanently remove the user from your User list. To temporarily lock your computer, choose
to disable ISL AlwaysOn. If you wish to permanently remove a specific user, right-click its username and
choose to remove it.
3. Your computer is enabled for access
To see if your computer can be accesses remotely, open ISL AlwaysOn by clicking the ISL AlwaysOn icon
minimized to the system tray and selecting the Computer Access Configuration option. Your computer can be
accessed remotely if it says that access to this computer is enabled.
Nevertheless, you can also choose to lock your computer from being accessed via ISL AlwaysOn. Open ISL
AlwaysOn and click the Disable button. When disabled, nobody from the User list can access that computer.
Click Enable if you wish to make your computer accessible again.
FAQ
34
4. Computer access password
As an important part of security, you need to set a strong access password when installing ISL AlwaysOn on a
computer. You will be prompted to enter its access password every time trying to access that computer. If you
are granting access rights to a third party as well, be careful to provide them with the computer access
password. Without the access password you or another person will not be granted access to the computer.
If you change your computer access password, be careful not to forget to inform other people with access
rights about the change.
Changing computer access password
To change your computer's access password, open ISL AlwaysOn by clicking the ISL AlwaysOn icon minimized
to the system tray and selecting the Computer Access Configuration option. Click the Change password
button.
FAQ
35
Type in a new password, repeat it and confirm the change by clicking Ok.
Be careful not to forget to inform other people with access rights about the password change.
Changing ISL Online products password and other Profile settings
An ISL Online products password enables you to login at ISL Online products pages and use ISL Online
products. To change the password, open a Web browser, navigate to www.islonline.com and click Product
Login in the ISL AlwaysOn window. Use your ISL Online products username and password to login.
FAQ
36
When logged in, go to Modify Profile:
FAQ
37
And change the password and other profile settings.
Sending CTRL-ALT-DEL to the remote computer
During a session you can send CTRL + ALT + DEL to another computer. In the ISL View window go to Tools /
Administrative Mode and click Send CTRL-ALT-DEL:
FAQ
38
Logoff and restart the remote computer
ISL AlwaysOn fully supports computer restart, log off and switch user. You can easily use these functions
during a computer access session. Although the Restart and Resume function should be enabled by default, it
is recommended to check if it really is enabled. To check this, please go to Tools and Administrative Mode in
the ISL View window. To logoff / login or restart the remote computer use the default Windows options in the
Start menu.
FAQ
39
Restarting the remote computer in an ISL AlwaysOn session will take some time, during which the ISL
View window might close and reappear a few times. The delay should not take longer than a normal Windows
reboot.

ISL AlwaysOn 1.0 Manual

Transcription

Similar documents

uninstalling the isl light app

Drone detection Acoustic and optical tracking and identification

First Lady Supriya Jindal Visits ISL

OAStudyCase ISLLondon

OAStudyCase ISLSurrey

ISL G Brochure - Cummins Westport

[HOMEL

How to Get Tennis Channel Everywhere for Desktop

Setting up my WiFi - Alaska Communications

Registration for My Account website