EV Reach Console - Overview

Last modified on 2023/07/12 14:02

EV Reach (formerly known as Goverlan) can be used from day one without further configuration. However additional options and extended services are available. This article describes everything you need to know for a successful integration within your environment.

Managing Systems Over the Internet

The default implementation of EV Reach only allows the support and management of users and machines that are within your organization or are connected to your organization via a VPN.

However, it is possible to manage systems over the internet, on-demand or unattended. To do so, you must implement a EV Reach Server and enable the EV Reach Gateway Service.

Once EV Reach Gateway Services have been configured, you will be able to remotely access machines over the internet. See External Device Management

Remote Control Authorization & Authentication

  • By default, only users holding local administrative privileges on a remote machine are authorized to initiate a remote control session (to grant access to non-local admins, see Configuring Authorization).
  • EV Reach automatically uses your credentials when authenticating to the remote machine. If you are executing a task that requires privileges higher than those you hold, EV Reach will automatically prompt you for alternate credentials EV Reach Credential Manager.

Auditing

All actions performed by a EV Reach operator are audited. The default implementation records audit traces in the Windows Event Application Log, however, audits can be centralized using the EV Reach Server.

See: Auditing Operator Remote Control Events

Detecting User’s Machines using fastConnect

EV Reach can detect the logged-in workstations of your users in real-time. A great feature to get to your user’s machines quickly, without prompting the remote user for the information. However, the detection of logged-in workstations may not work upon initial installation of EV Reach as it has a couple of prerequisites.

See: Workstation Detection with fastConnect

Branding and Configuring EV Reach Client Agent Behavior

  • Client Side behaviors are fully configurable. By default, an authenticated remote control request is automatically authorized and a visual notification banner is displayed. You can configure other behaviors to meet company guidelines and requirements. (See Customizing EV Reach Client Agent Behavior)
  • Most EV Reach user interface elements displayed on your client machines can be branded with your own text and images. (See Custom Branding)

Smart Card Redirection and FIPS 201 compliance

EV Reach RC will allow users to supply smart card credentials to a remote system that is FIPS 201 compliant. EV Reach supports both T0 and T1 (PIV, Common Access Card, etc...) protocols and will work with any PKI compliant infrastructure using smart cards.

EV Reach RC accomplishes this by using the EV Reach Smart Card Reader Driver on the remote machine. This driver and the EV Reach Client Agent must be installed on the remote system before any smart card authentication can be used.

See: Working with Smart Card Redirection

Tags:
Powered by XWiki © EasyVista 2024