In a few weeks I pop off on my first holiday for 2 years, for this trip I really do not want to take my laptop, this would seem odd as the darn things have been practically glued to me for the last 20 Years, but:
- Time to learn to take a break
- As a Member of LDCVia I need to learn to know when to share the work, and how to hand over.I get told off about this about once a month.
- Errr… welll… There are now countries that were once thought to be friendly, that have now shown a distressing habit of being hostile at their borders and now want to take your clients private data away and look at it for “Reasons” and I figured this would be a great dry run for having to travel to such a country again.
But I’m not insane, nor can I leave my clients, sooo I needed to retain access in some way so that I can support as and when it is needed. someone sort of cloud desktop that I can reach from a cheap laptop or tablet seemed like an obvious answer.
- It must be able to run a form of VMWARE as each of my clients has to their own separate VM machine(s) with separate security.
- It must support Android (large and small screen) and Linux as clients.
- Must not cost a bleeding fortune.
AMAZON Workspaces: This looked a perfect fit to start with and I use AWS for lots of other services including this blog, but the setup was a right faff was slow and cumbersome and then I realised that it would not allow VMWARE or any virtualisation, undaunted I though I would at least check out the performance, only discover that despite stating “just connects from anything” it only meant large android screens (not my phone) and not from Linux at All.. so in the bin it went.(shame really)
VMWARE Remote Console: Wince!!..I have to own to a bit of paranoia here my self, direct access to the Clients VM’s is just too much of a risk from external, it just stops there. sorry VMWARE, I tried to mentally run through the conversation explaining my actions to clients, and none of them went well.
I started to look at Citrix then got a grip and thought, “OH COME ON” its just one machine. Just get another machine load your VM’s on it and get a good secure remote client… cue another 30 mins wasted looking at online hosting and then a small local server and more swearing comes from the office as I realise “JUST USE YOUR BLOODY LAPTOP YOU TWIT YOU WON’T HAVE IT WITH YOU”…. fsss.
So it just comes down to a good remote connection software
The 3 that stood out were:
Logmein : From my point of view easy to discount as it does not support Linux guests but would have been discarded anyway as it has a small company feel which you again make it a difficult sell to clients
Team Viewer : Used by many of my clients and supports a lot of nice security features, but a bit on the pricey side.
VNC Connect : I was attracted to this as I use the free version for my Raspberry Pi’s, I also like the VNC standard and it has been security hardened by many a grumpy sys admin and dev over the years, the VNC Connect platform provided by Real VNC ticks all the boxes.
I was actually hard pressed to pick between Team Viewer and VNC Connect, on paper they provided all the features/platforms and security that I could want, but in the end VNC Connect won though partly because of price (its is £42They do do a cheaper version but I wanted the higher level encryption. a year vs £384) but mainly the fact that the android viewer on team studio does not support the use of a mouse via Android.But I do have to give the Team viewer client credit for handling screen render better than VNC it would have been nice to get the best of both worlds, and I hope VNC improves on that front.
OK, lets get the elephant in the room out of the way, how are we handling security.
Well VNC Connect is nicely paranoid about security so to get to my laptop now requires 2 logons both different 12 digit ones (1 to login to VNC Connect and 1 to get to my laptop ) then each VM is encrypted and requests a login appropriate to the OS used, then of course the normal password for each client to connect via VPN/Programs etc etc.
I ran that though potential questions via any of my clients and it came out OK.
I have attempted to do this kind of thing before and obviously used remote software all of my career, and thus have sworn at my fair share of thin clients, phones, and tablets
- Lighter than just taking my laptop
- Resolution of a decent Screen
- Good keyboard
- Good mouse
- Either not a silly price or very reusable.
I looked at Chrome books but frankly all in the price range were poo, Microsoft surface laptops were too expensive and I’m not in the IOS ecosystem, So an Android Tablet it is, that meant a Nexus or Pixel as few of the other vendors keep the security patches up to date, thankfully the Pixel C was on special offer (most likely due to being replace in the next month or so) that meant I could get a good tablet with a great screen and a very pleasant keyboard, paired with the new Logitech tracker ball I had something that was very usable thank you.
So I did 2 basic tests, performance and usability
Performance: I connected my laptop to a VPN in Japan, then tethered the tablet to my phone, then connected via the remote and sat down to work, it was totally usable , there was that slight lag on the mouse you get on any remoting software but no more than I get when I VPN into any clients network, and that was going to be the real test, using a VM via another VPN while remoting to the host PC, here I have to say I cheated like a devil, as my laptop is in the comms room of the office where it has access to the AWESOME least line we use (and is physically secure), so in fact it was actually faster and more responsive than normal, which was a more than pleasant surprise
Usability: Not bad, not perfect but not bad, it worked as well as any remote program, with a couple of extra qwerks, it does not re-size the client desktop as it is a genuine KVM rather than creating a new session, which is both good and bad and easy to work around, the other qwerk I’m still working on, is that the top and bottom bars for the Real VNC client triggers very easily and they don’t always retract cleanly without an extra click, I would like it if you could allocate a special gesture to the client to stop it working in modal form, the same as VMWARE client, perhaps a 3 finger swipe from the top or something like that
OK, I have been doing dry runs of leaving my laptop in the office and just taking the tablet and mouse home at night then working on that and I have to say I am now comfortable just going to Japan without the laptop, this setup works…. wish me luck.. :p
|↑1||I get told off about this about once a month.|
|↑2||They do do a cheaper version but I wanted the higher level encryption.|
|↑3||But I do have to give the Team viewer client credit for handling screen render better than VNC it would have been nice to get the best of both worlds, and I hope VNC improves on that front.|