Remote access vs Remote Management -- Time=$$$$$

We all use Remote access to logon to computers remotely and do stuff. Remote accessing is a costly exercise time wise. Instead you should simply press a button and the remote problem should be fixed! I am a firm believer of Remote Management rather than Remote access. Of course Remote access is here to stay for the foreseeable future. However there are many tasks that we can automate so that you can avoid remote access and simply click a button.

Lets start this game shall we!

You tell us what you want automating to replace what you do with Remote access, then we will put it as a pretty button in Comodo one.

This way, one by one, we will reduce the time you spend using Remote Access and give you one click operation buttons and give you your time back, we all know TIME=$$$ (According to Einstein anyway :wink: )

So hit us with your requests please!



I will give this some thought and feedback. Ilker has posted feedback request at

Yes, what Ilker has posted is good for general tasks including service desk etc. I see many MSPs use remote access as the “main tool” to run their business. I believe this is inefficient. This is why i wanted to create a specific discussion topic, so that we can identify everything that MSPs do using remote access. If we identify the tasks MSPs do using remote access, we can investigate if they can be automated…if they can, then it will save a lot of time.


I would like to see the Shell command allow for an option to run as a specific user (or even connect as a specific user) on the remote machine. I’ve noticed that running any commands or bat files from the shell command that access local network shares (local to the remote machine) don’t complete as the network shares are not available to the Shell commands user privileges.

also an option to remotely download files from a web address would be great example of this would be to be able to remotely download an MSI package from the web and then be able to run it in silent mode.

This is a very complicated and tricky question. I would like to know why you think this is inefficient. I believe that the answer is dependent on a number of things but the biggest one being the maturity level of the MSP. We have divided our practice into three areas: 1) New Business (Sales, Marketing, networking, etc) 2) Core (consulting, customer relationship management, contract delivery, etc) and 3) Back office (billing, admin, etc). We are a small MSP and as such everyone here wears many hats. As an example consulting [core task] leads to proposals [new business task] which will require both back office and core tasks. When one or two people are seeing that process through the lines get blurred as to what is efficient and what is not efficient. We are small enough that we operate in this method but as we are growing we being forced to draw boundaries and segment responsibilities. This is where your question becomes important. For a small shop, the RMM and remote access tool is critical and the lifeblood of the company. The reason is that it not only provides the technical ability to service the client [core tasks] it also provides a way to interact with customers [new business task] and proposals [new business task] and gives us an opportunity to talk with clients about back office issues such as invoicing and billing. Too much automation for a small shop can be deadly because we don’t have the dedicated account managers that ‘touch’ clients. When used correctly the tool becomes a way for us to reach out to our client base and say “hey I need to remote into your computer to …” and the resulting conversation may lead to either a stronger client relationship or the looking at a new project for a client. As we grow and are mapping out our process we have made missteps where we automate too much and leave the client feeling unimportant. I recently explained some of the automation steps we were taking to a client that response I got was “Doesn’t that mean we will see you less?”. The personal touch is very important to us. So is it efficient to automate some tasks absolutely. However I would argue that the active communication that remote or physical access requires is ultimately the tool we use to grow our business. We are definitely changing the message when we talk to clients. It is no longer “how can we help you”. It is “We noticed that …” but the act of touching the client is not going away anytime soon in our organization. The real answer to your question is that we need a tool that integrates our business process in its entirety not just the core tasks. Just like your PCI tool has flags that say “Comodo has a solution to this compliance step”, it would be great if there was a manual or “automated through the MSSP tool” method of allowing techs to flag a follow-up task saying “Bob needs new widgets” and that showed up in a sales funnel or a semi-automated process of identifying sales opportunities would be amazing. Think about taking data from the MSSP tool, identifying sales opportunities and automatically putting them into a sales funnel for follow-up. This could be anything from XP machines to bad AD policies, etc. I think that may be the gem here. Identifying upsell and sales opportunities has always been time consuming for us.


we already have the ability to remotely download files and install them under “app installation” section. ( )
for the Shell command allow thingy…how often do you use it?

Its a fair point Josh.
I guess we can say remote access can be used for 2 purposes
1)sales aid
2)operational matters.

What I was referring to was for operational matters, where you remotely logon to install an application etc, which you could easily do with a click of a button hence saving you time. So within the context of operational efficiency, which repetitive tasks that you carry out using remote access that you would like automated?



Got it. The major operational tasks that take up time include:

  • Setting up accounts. Having a single place to set-up an AD account, email account (including o365) and optimally email on phone in one spot would be great. If you can integrate a template for a “New User” that includes all the needed login information, help desk location, etc. that would be great
  • managing printers - included in that would be: add/removing printers, changing ports, removing drivers from file system, clearing queues
  • viewing log files
  • mapping drives
  • identifying locations that are eating up user quota
  • global AD policy management (we have policies we set up for every client. I would love to be able to manage all of them and push policies to all clients)
  • password reset
  • management of email accounts/profiles

Will look through our tix to find more of the common ones.

this is great help thank you! please keep it coming.

So far this is what we have…(need more guys :slight_smile: please keep it coming)

1)Shell command allow for an option to run as a specific user (or even connect as a specific user) on the remote machine. (Marveltec)

  1. option to remotely download files from a web address (eg: download MSI package from the web and then be able to run it in silent mode.) (Marveltec)

3)- Setting up accounts. Having a single place to set-up an AD account, email account (including o365) and optimally email on phone in one spot would be great. If you can integrate a template for a “New User” that includes all the needed login information, help desk location, etc. that would be great (easterntech50)

  1. managing printers - included in that would be: add/removing printers, changing ports, removing drivers from file system, clearing queues (easterntech50)

5)viewing log files(easterntech50)

  1. mapping drives(easterntech50)

  2. identifying locations that are eating up user quota(easterntech50)

  3. global AD policy management (we have policies we set up for every client. I would love to be able to manage all of them and push policies to all clients(easterntech50)

  4. password reset(easterntech50)

  5. management of email accounts/profiles(easterntech50)

MORE MORE MORE Please :slight_smile:

So is the plan to add remote access capability into Comodo One or partner with existing solutions? We’re currently using GotoAssist Express. Would live to see more remote management capabilities, but I can’t see supplanting remote access for most troubleshooting tasks.

Hi @Luke ,

Our RMM module already has remote access capability and we are working on it to make fastest remote connection tool available today. However, we believe it should be your last method for supporting the customer, since it keeps your agents busy during the support session with one to one relation.

We are interested to identify which processes we can automate to decrease the time you are using on remote access (1 to 1 support and time spending) and use these automated processes to the the same things with one click over multiple endpoints/users.

Best regards,

I’m looking at C1 as an alternative to MaxFocus (GFI) and one feature that would (does) prevent me from giving C1 serious consideration is the inability to schedule Procedures. With Max, I can upload a script, assign it as a Task and tell it when that task is to be run. Perfect for middle of the night maintenance and to push updates to browsers/Java/Flash/etc.
As I understand the current C1 setup, I would have to select all the Online workstations and then run a Procedure … and have to do so manually at probably inconvenient times and, even then, any workstations that happen to be offline are left out, and the procedure isn’t even queued for when they come back online.

I agree that we shouldn’t rely on complete automation for our businesses but, right now, there needs to be some before we have to consider backing off on it.

Maybe set up a Policy triggered by time/date which can then run a Procedure?

A scheduler process and the ability to run your own scripts on a user’s machine thru and automated process. Just like PromptCare suggested, to be able to updated programs and also run scripts to clean computers. This is probably the biggest thing that is keeping me from using the software ‘live’ on client machines at this point as I am trying to find workarounds to use it.

Hi @PromptCare, @doveroh

Part of this request is already captured on the forum and under voting for prioritization. Please vote for it as well. Please let me know if anything not covered there,

Also, I want to understand if our procedure creation wizard is enough for you or not. You can wirte scripts and more as of now but if not enough please tell us how we should improve it. We can create another poll for it.

One other point I want to mention is patching 3rd Party applications. Our Patch Management module is already patching 3rd Party apps like browsers, Java and Flash as you mentioned on your topic. If you need a specific application patching and see that is not patched by our module, please send us the name of the app and we will take care of it.

Best regards,

(I’ll have to check to see if I can get email notifications; I hadn’t logged in for a few days)

Survey done. Thanks for pointing that out.

For Procedure creation, I may be missing something but I’m not sure how scripts would be run. Would you execute a file transfer of the script file and then use the shell execute to activate it? That’s seeming more likely as I type it out but confirmation would be nice.
Side question: Any reason a Procedure can’t be edited?

I actually just had an official demo with Nicole which was helpful. We did go over Patch Management and I can see that I can, for example, pre-authorize all Critical windows updates to run weekly so that’s half of my regular To-Do list right there. Can you confirm, if i create a PM policy to Install…Custom…Criticals…All Agents…Weekly, will that work to keep (e.g.) Chrome/Reader/Java/etc. updated? Not sure yet if that’s how I want to do it but do want to make sure I understand how things work. What happens if PM wants to update Chrome but it’s open on the workstation? Does it close it automatically or fail?

Hello PromptCare,

It should be possible to run a script the way you described it.
To edit a procedure you will have to create a new one, choose the “create from” options, now you will be able to make any changes and save the procedure under a different name.
If you create a policy to automatically apply any patches to endpoints according to a specific schedule, you will be able to keep the selected endpoint up-to-date without any further intervention.
To better understand the automation process of the patch management policies I would recommend check the guide here :

My clients are mostly residential and their PCs can be on/off at any given time. Even according to the Comodo rep I spoke with today, if I set a Windows Update Policy to run Mondays @ 5pm, if half of those machines are offline at that time, they won’t get updated and I’ll have to keep reselecting the failed workstations until they’re all eventually caught up. That’s a lot of unnecessary work when “run ASAP” should be an available option. Currently, if someone never has their PC on Monday @5, they’ll never get updated.

Hello PromptCare,

Thank you for this suggestion.
It has been forwarded to our development team.

I’ve created a Workstation tag and then assigned Critical updates to be installed every day at 7.30pm and then Recommended updates to be run every Friday at 7.30
My Server tag has both Critical and Recommended updates to be installed once per month on a Sunday at 00:00 with a restart at 5am. In all cases only Approved updates are installed.
Once all systems are up to date then that should minimise the number of user requests to fix stuff. Ideally I would also schedule Ninite to run application updates on all PCs once a week and just eMail a reminder for all users to leave their computers running on Friday for maintenance.

This was definitely a pain to setup as I had to configure the same settings for every site rather than setting my preferences at a global level and then tagging the devices to apply them to.

The next step for me would be to configure a small set of monitors for PCs and then best practice monitors for the servers. It’s difficult to monitor too much on PCs as they’ll forever create alerts however monitoring for predicted hard drive failures and constant paging are an absolute must as replacing hard drives early and knowing that a system requires additional memory definitely reduces the number of helpdesk calls.

Ideally a scheduled system clean-up for PCs would take care of most of the rest.

The addition of Acronis is great as I was already signed up as a reseller but hadn’t started selling it yet. Hoping I can rebrand it and ideally switch to UK/EU storage rather than US.

My main other want would be the ability to monitor third party antivirus as I’m sure many MSPs have their own existing preference for this.

That taken care of I have a small number of repetitive tasks that occur during on-boarding of new clients/devices making sure they all have the same standard apps installed. Remove toolbars deploy antivirus with a site specific license.