Enabling secure remote assistance using a terminal services gateway

US 20080270612A1
Filed: 04/30/2007
Published: 10/30/2008
Est. Priority Date: 04/30/2007
Status: Active Grant

First Claim

Patent Images

1. A method for providing remote assistance to a client behind a firewall, the method comprising the steps of:

hosting a link on a TS gateway so that the link, when followed, creates a secure connection between the client and the TS gateway; and

receiving a connection request from a server, the connection request, when fulfilled, establishing a tunnel through the firewall from the server to the client over the secure connection through which remote assistance data may be streamed.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure remote assistance session between computers that are behind firewalls and/or NAT devices is provided by an arrangement that uses a terminal services (“TS”) gateway to enable utilization of a remote desktop protocol (“RDP”) connection by a terminal services client in a reverse direction to that used in a conventional terminal services session. The connection is made via a regular TS gateway protocol mechanism by which the TS client behind a firewall establishes a connection to the remote server that is typically behind a firewall that protects a corporate network. The server then functions as the terminal services client to tunnel RDP data through the established TS gateway connection through the NAT firewall to a client. Thus, the server and client reverse roles after the TS gateway connection is made to thereby enable remote viewing of the graphical user interface that is displayed by the client in support of the remote assistance session.

69 Citations

View as Search Results

20 Claims

1. A method for providing remote assistance to a client behind a firewall, the method comprising the steps of:
- hosting a link on a TS gateway so that the link, when followed, creates a secure connection between the client and the TS gateway; and
  
  receiving a connection request from a server, the connection request, when fulfilled, establishing a tunnel through the firewall from the server to the client over the secure connection through which remote assistance data may be streamed.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1 in which the secure connection is an SSL tunnel supporting remote procedure calls over HTTP.
  - 3. The method of claim 1 in which an ActiveX component on the client creates the secure connection with a plug-in module exposed by the TS gateway.
  - 4. The method of claim 1 further including steps of forwarding a remote port from the client to the TS gateway and receiving the connection request from the server at the remote port.
  - 5. The method of claim 4 including a further step of establishing a listener on the remote port, the listener sending a notification to the client when the connection request to the remote port is received.
  - 6. The method of claim 5 in which the listener is embodied in a TS gateway plug-in module.
  - 7. The method of claim 1 in which the respective roles of the server and client are reversed after the tunnel over the secure connection is established so that remote assistance is renderable from the server to the client.

8. A computer-readable medium containing instructions which, when executed by one or more processors disposed in an electronic device, performs a method for enabling a remote assistance session with a client behind a firewall, the method comprising the steps of:
- establishing a terminal services connection with a TS gateway using a COM component;
  
  remoting a port from the client to the TS gateway through the terminal services connection; and
  
  receiving a notification from the TS gateway when a connection request to the remoted port is received by the TS gateway, the notification invoking a method for connecting the COM component with a terminal services process running on the client.
- View Dependent Claims (9, 10, 11, 12, 13)
- - 9. The computer-readable medium of claim 8 in which the method for connecting, when accomplished, results in a success for the connection request to the remoted port.
  - 10. The computer-readable medium of claim 8 in which the terminal services connection is implemented with an Internet connection using SSL.
  - 11. The computer-readable medium of claim 8 in which the terminal services process running on the client sends RDP data to the TS gateway during the remote assistance session.
  - 12. The computer-readable medium of claim 11 in which the RDP data comprises graphics rendering data.
  - 13. The computer-readable medium of claim 8 in which the connection request is received from a remote server that is arranged to provide remote assistance to the client as a helpdesk.

14. A method for providing remote assistance from a server to a client that is behind a firewall, the method comprising the steps of:
- receiving a remote assistance request from the client;
  
  providing a link, responsively to the request, for the remote client to follow for establishing a terminal services connection with a server using a plug-in module, exposed by the TS gateway, that communicates with a remote assistance process hosted by the server; and
  
  implementing reverse traversal of the terminal service connection, from the server to the client, to create a secure tunnel through the firewall to the client.
- View Dependent Claims (15, 16, 17, 18, 19, 20)
- - 15. The method of claim 14 including a further step of streaming remote assistance data through the secure tunnel created between the server and the client.
  - 16. The method of claim 14 in which the firewall comprises a NAT device.
  - 17. The method of claim 14 in which the link is a web link hosted by the TS gateway.
  - 18. The method of claim 14 in which the terminal services connection is implemented using RDP through HTTPS over an Internet connection.
  - 19. The method of claim 14 in which the server functions as a terminal services client after the reverse traversal is implemented to thereby provide the remote assistance to the client.
  - 20. The method of claim 14 in which the remote assistance process is arranged to load a terminal service client on the server.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Malakapalli, Meher, John, Mathew

Granted Patent

US 9,438,662 B2
Time in Patent Office

Days
Field of Search
US Class Current

709/227
CPC Class Codes

H04L 61/256   NAT traversal

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/166   at the transport layer

H04L 67/025   for remote control or remot...

Enabling secure remote assistance using a terminal services gateway

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

69 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Enabling secure remote assistance using a terminal services gateway

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

69 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links