The EV Reach Client Agent must be installed on every client machine that needs to be managed with EV Reach. The agent is very small (about 15 MB), stable, secure, low-footprint and un-intrusive. It will not affect system performance and can be started on-demand or installed as a service when unattended system access is needed.

Pushing the EV Reach Client Agent as a service on remote systems can be done in many ways depending on if the remote system is within your organization or over the internet.

This article describes information about the deployment and maintenance of the EV Reach Client Agent.

System Requirements

The EV Reach Client Agent currently supports both Windows and MacOS operating systems. Both 32 and 64 bit architectures are supported.

EV Reach Agent OS requirements

• Windows 7 and later
• MacOS Catalina and later (Intel only MacOS systems)

Client agents for other platforms are currently under development; please check with our support department for updates.

Network Port

The EV Reach client agents expose the network port 22000 by default. This port is used for client communication. All communications to the client agent are encrypted, authenticated and audited.

If a firewall exists between your machine and the remote machine, the firewall must be configured to allow the EV Reach Client Agent port communication. Upon starting, the EV Reach client agent automatically configures the local Windows Firewall to authorize communication on that port (this behavior is configurable by EV Reach Server policies).

It is possible to change the agent ports to a value of your choice using a Group Policy Object or a EV Reach Server policy. See Find out more.

Deploying the Agent within my Organization

Automatic Installation and Maintenance

Within your organization, the EV Reach Client Agent is automatically installed and maintained on a per-needed basis by the EV Reach Operator Console. Upon accessing a remote system, EV Reach prompts you to install the agent if the remote machine is not equipped with it, or provides you with update options if applicable.

Automatic agent installation & maintenance has the following prerequisites depending on the target operating system (Windows or MacOS)

Windows Prerequisites for Agent Pushing and Maintenance

1. The operator must hold local administrative privileges on the remote machine. If local administrative privileges are not held, alternate credentials can be specified. See Find out more.
2. Port 445 and the C$ \ ADMIN$ shares must be accessible (Windows Print & File Sharing.)
3. The Remote Registry service or WMI Management must be enabled on the remote machine.

MacOS Prerequisites for Agent Pushing and Maintenance

1. The operator must hold local administrative privileges on the remote machine. If local administrative privileges are not held, alternate credentials can be specified. See Find out more.
2. Enable MacOS Support in the EV Reach Console settings. See Find out more.
3. Remote Login must be enabled on the MacOS side under System Preferences --> Sharing.

Pre-Installing Client Agents

In the event you wish to pre-install the EV Reach Client Agent on your machines, you can use one of the following methods to push agent installation on one or more systems.

Using the EV Reach Operator Console

Within the EV Reach operator console, right-click on any computer object and select the desired Reach Client Agent action to perform.

Using the EV Reach Agent Manager

The EV Reach Agent Manager can be accessed from the Application menu of the EV Reach Operator Console or the EV Reach Server.

The EV Reach Agent Manager can be used to deploy, update or remove the EV Reach Client Agent on one or more remote machines. It can also be used to push some configuration to these systems.

See Find out more.

Using an Installation Package

You can pre-install the EV Reach Client Agent via an installation package that is distributed to your machines and ran manually.

A EV Reach Client Agent installation package can be generated as an MSI, EXE for Windows or PKG for MacOS, using the EV Reach Agent Manager. These installers can also be pre-configured with specific settings before being generated.

Using a EV Reach Process Automation

EV Reach Client Agents can also be managed using a EV Reach Process Automation.

1. Create a EV Reach Process Automation and define a computer scope.
2. When configuring the Process Automation Actions, select the desired task under the EV Reach Agents category of the Execute section.

See Find out more.

Deploying the Agent to Off-Site Machines

To manage machines over the internet the EV Reach Gateway service must be enabled. Once configured, the EV Reach operator console auto-displays a new side panel named On-Demand Assist.

This panel is used to initiate On-Demand assistance sessions, or to install the EV Reach Client agent as a service, enabling unattended remote management of that node.

1. Open the EV Reach operator console or EV Reach RC.
2. Open the On-Demand Assist side panel and click Send a request, then select Generate a client email.

   

   To enable unattended installation, confirm that Enable Permanent Install Mode is activated before generating your client email.
3. Send the email or the web-link to the remote user

Once the remote user receives the email and runs the downloaded executable, the user will be prompted to choose an execution mode.

The remote user must then click on the provided link to download the small EV Reach Client and run it. The user is then presented with the following options:

On-Demand Access

On-demand access provides you with full remote management services of a computer over the internet while the session is active. Remote management services are not restricted to a remote control session, the full set of EV Reach management services can be used during an on-demand session.

Instruct the user to click on the Start Support Session button to initiate the remote assistance session. This will generate a session ID that you must enter in the EV Reach operator console to connect to the session.

Once the session is connected, you will be able to perform any management tasks on this node, including remote desktop access, software deployment, task management, etc.

Elevating On-Demand sessions to Administrative Sessions

To gain local administrative access to the machine during the assistance session, ask the remote user to enable the provide administrative access option. This option is required if you wish to handle UAC acceptance prompts.

Elevating the session to admin can also be accomplished by injecting local administrative credentials after a session has started. Look for the following controls after the session has been established.

Elevate Session to Admin - Use this control to elevate the remote session to an administrative session. On Windows, this will allow you to access all UAC prompts.

Convert to Unattended Endpoint - Use this control convert the entire session to a permanently managed node. After the conversion is complete, the device will appear under External Devices.

To close a remote assistance session, the remote user must close it by clicking on the Cancel button of the session window.

Unattended Installation

To perform an unattended installation of the EV Reach Client Agents, instruct the remote user to enable the Authorize Permanent Access option then click on the Provide Unattended Access button.

Once installed, the machine automatically registers itself to the EV Reach Gateway services and is available for unattended management under the External Devices section of the EV Reach operator console.

External unattended nodes are configured with an Organization ID. This organization id is used to group external nodes in containers for easy browsing in the EV Reach operator console. The default organization ID is set to the Organization Name configured in the Gateway services. However, it can be modified in the EV Reach Client Control Panel applet.

EV Reach Client Configuration - Control Panel Applet

Once a machine is equipped with the EV Reach Client Agent, a configuration control panel app is accessible for Windows and MacOS. This application can be used to review and change the configuration of the agent on the local machine or grant the required permissions for MacOS agents. See Find out more.

The EV Reach Client Configuration application can be found in the following locations:

• Windows - Control Panel > System and Security area (or simply enter 'EV Reach' in the Search Control Panel field to find the applet)
• MacOS - Finder > Applications

Windows Control Panel App

MacOS App

Agent Network Settings

Defines the communication port used to communicate with this endpoint as well as the gateway services configuration (if enabled).

Local Desktop Access

Defines the user acceptance configuration and behavior of the agent during a remote desktop access session. For instance, the agent can be configured to prompt the local user to approve a session before it is started, or accept the session automatically and display a notification message, or disable remote desktop access entirely.

MacOS Only - System Access

Specific permissions are required to be granted to the EV Reach MacOS application. This screen will allow you to verify if the applications have been granted and allow the app to request them. See Find out more.

How to Globally Configure Client Settings

Client configuration, behavior, and branding can be centrally configured using the EV Reach Global Policies feature of the EV Reach Server. Once Global Policies are enforced, the control panel applet will not allow the modification of the client configuration.

Uninstalling the EV Reach Agents

Depending on the method used to install the agent, you can remove the client agent using one of the following methods: