Settings for agent remote control

This option is set by default.

The TCP ports 6064 (HTTP) and 6065 (HTTPS - standard port) must be enabled in the firewall so that remote agent control is possible.

Even if you later set this setting to Disabled, the ports will remain enabled.

Remote control of agents is always possible with direct network access. In addition, by using the MQTT protocol, agents can be accessed behind firewalls or outside the company network. MQTT is activated by default, but requires CPU and RAM resources on the DES. Because of this, if you have a lot of agents, it's a good idea not to turn on MQTT for all of them, but only for the ones that can't be reached directly through the network. You can spread out the load by using linked DES servers.

The remote control port 6064 is set for unencrypted and 6065 for encrypted connections. You can change these ports if necessary. The Enable HTTPS (encrypted remote control communication) setting is the default.

For security reasons, we recommend using this setting. DriveLock agents thus refuse unencrypted connections.

If you access your agents only via MQTT, it is possible to disable HTTP or HTTPS at this point. However, it is then mandatory to ensure that MQTT is always enabled for agent remote control to work.

Select one of the possible options. No notification is the default value. For example, if you select the Show user notification message on client computer when remote connection is established option, the user currently logged on to the target computer will receive a notification that remote control access has been established.