Pocket PC Remote Administration

The Pocket PC is a handy device for working with email and calendars, jotting notes, and running myriad portable applications from almost anywhere. Today's Pocket PC, with its increased horsepower and wireless capabilities, can also serve as an IT systems administrator's remote management platform. Let's summarize what's involved in using Pocket PCs for remote administration, then look at eight software products that let you manage your Windows systems and network devices from wherever you can wirelessly connect to the Internet.

Pocket PC Remote Administration
To use a Pocket PC to remotely administer your network, you'll need to prepare your infrastructure by performing tasks such as opening your firewall and installing a management server. Most Pocket PC remote administration products use client/server architectures. In other words, a proprietary client or a Web browser runs on the Pocket PC and communicates with a management server that's on your network. The management server runs the software that makes (or brokers) the connection between the remote client and the management server and issues commands to the servers and network devices that you want to control or manage remotely.

Typically, you don't need to install software on the servers that you want to remotely administer. Remote communication happens only between the Pocket PC and the management server, which makes firewall configuration straightforward. Different products use different protocols—such as HTTP, Secure Sockets Layer (SSL), or proprietary protocols—to communicate between the Pocket PC and the management server. Most products require only an opening in the firewall for communication with the remote Pocket PC. Of the products I look at, Expertcity's GoToMyPC is the lone exception: You need to install a GoToMyPC client on every remotely managed computer. GoToMyPC uses a polling mechanism from a client inside your network to communicate with an external application service provider (ASP) Web application.

Some products encrypt data between the Pocket PC and the management server; others broadcast all data (including logon credentials) in the clear. For additional security, you can load an independent VPN client on your Pocket PC, then create a tunnel between the device and a compatible VPN switch on your network perimeter. In addition to encrypting remote administration traffic, a VPN provides more secure access to your network than does a firewall rule that forwards traffic to an internal server.

Different products also have different requirements for the type of accounts the Pocket PC uses to make remote connections. Some products require you to enter a domain username and password, which the Pocket PC proxies through the management server to the target server, thereby preserving network security. You can then access the remote-system data that your domain account allows. Other products require you to enter a separate set of credentials to log on to the management server. Depending on how the management software has configured remote users, these products then use a privileged domain account that's stored on the management console to let you access target systems and perform specific actions.

Unfortunately, because the remote commands use the domain account that's stored on the management server (instead of the user's actual credentials), the remote actions are logged under that one account. To alleviate this problem, some products let you log all remote administration tasks at the management server before they actually are executed on the server. In addition, for even more security support, many products support two-factor authentication products such as RSA Security's RSA SecurID.

The Pocket PC's data input methods can make systems management difficult. New versions of Microsoft Transcriber are great for taking notes, but trying to quickly scribble a command such as

copy C:\winnt\system32somefile.exe C:\destination

can be difficult and result in error. Keyboard entry is much more accurate but is typically slower. To address this problem, several of the following products offer remote administration shortcuts through clicks, macros, and even basic scripts.

Bandwidth affects the performance of remote administration tools, especially if you're using a wireless LAN (WLAN) connection or much slower cellular-based Pocket PC. I evaluated the products in this article using a Toshiba e755 Pocket PC with integrated 802.11b WLAN capability.

ASG-MobileControl Administrator
ASG Software Solutions' ASG-MobileControl Administrator offers an effective and polished Web-based remote access interface with a familiar Windows-like look and feel. ASG-MobileControl Administrator requires the Windows .NET Framework and Microsoft IIS, and you can access the application using a Web browser. Installation consists of installing the Framework, a Microsoft Data Access Components (MDAC) update, and the MobileControl program files on a management server. The application uses a combination of Windows authentication and a PIN to restrict access to the remotely managed servers.

After you configure computers and users on the server application, you can customize user access. For example, you can let one user manage accounts and another user power-cycle a computer. You need to use the MobileControl management interface to enable and license all remotely managed systems. This task is easy, but you have to add each computer manually.

On your Pocket PC screen, a well-organized menu of commands, which Figure 1 shows, lets you manage computers, print servers, Microsoft SQL Server machines, users and groups, IIS servers, SNMP devices, and power-management features. Each menu selection takes you deeper into the management of that particular object. ASG-MobileControl Administrator speeds navigation by letting you specify favorites for many objects, such as print servers and IIS servers.

In addition to remote-server management functions, ASG-MobileControl Administrator provides several useful tools, including Ping, DNS Lookup, Whois, Telnet, Secure Shell (SSH), Tracert, and command prompts. A menu gives you fast access to common actions by letting you select a computer and an action.

   Previous  [1]  2  3  4  5  Next