ConnectWise ScreenConnect, previously ConnectWise Control, is a self-hosted

remote desktop software In computing, the term remote desktop refers to a software- or operating system feature that allows a personal computer's desktop environment to be run remotely from one system (usually a PC, but the concept applies equally to a server or a sma ...

application. It was originally developed by Elsinore Technologies in 2008 under the name ScreenConnect, and is now owned by ConnectWise Inc.

History

Elsinore Technologies developed ScreenConnect in 2008 as an add-on to their RMM Software IssueNet in order to assist in providing remote support to end users. They later began distributing the software as a standalone product.

Acquisition by ConnectWise

On February 11, 2015,

Professional services automation Professional services automation (PSA) is software designed to assist professionals, such as lawyers, auditors, and IT consultants, with project management and resource management for client projects and utilization rate management for billable st ...

company ConnectWise announced their acquisition of the ScreenConnect software in order to improve the remote control features of the latest release of their RMM Software, LabTech. ScreenConnect, LLC announced that, despite being acquired by ConnectWise, they would continue to operate under their original name in addition to offering their software as a standalone product. Starting in early 2017, ConnectWise changed the name of ScreenConnect to ConnectWise Control, saying that this was to simplify their software under one company. On May 15, 2023, ConnectWise Control was rebranded back to ConnectWise ScreenConnect. On Thursday, February 22, 2024, version 6 of the self-hosted edition server application of ScreenConnect reported a vulnerability. A patch was available for the latest version (23) the same day, offering a temporary free upgrade.

Product

How it works

The product is available as a cloud hosted Software as a Service (SaaS) or self-hosted server application that permits the primary user to host the software on their own servers, PC,

virtual machine In computing, a virtual machine (VM) is the virtualization or emulator, emulation of a computer system. Virtual machines are based on computer architectures and provide the functionality of a physical computer. Their implementations may involve ...

(VM), or

virtual private server A virtual private server (VPS) or virtual dedicated server (VDS) is a virtual machine sold as a service by an Internet hosting company. A virtual private server runs its own copy of an operating system (OS), and customers may have superuser- ...

(VPS). Once installed, the central web application can be made visible inside and outside of the

local area network A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, campus, or building, and has its network equipment and interconnects locally managed. LANs facilitate the distribution of da ...

(LAN). ConnectWise ScreenConnect has a proprietary protocol and exposes an open architecture structure that can be utilized by users to implement custom plugins, scripting, or various integrations. A generic use model would start with a host initiating a session through the central web application. A participant would then join a session by clicking on an email link or via the guest page of the application. An unattended client can be created and deployed to a targeted machine without the need for human intervention. The executable is ScreenConnect.ClientService.exe (x86) on Windows based OSs, and is a signed by a COMODO RSA Code Signing CA certificate ublisher: ScreenConnect Software

Features

Most commonly expected features for a product in this arena are present. Examples include reboot and reconnect, drag and drop file transfer, screen recording, safe mode support, multiple monitor, command line access, wake-on-LAN,

VoIP Voice over Internet Protocol (VoIP), also known as IP telephony, is a set of technologies used primarily for voice communication sessions over Internet Protocol (IP) networks, such as the Internet. VoIP enables voice calls to be transmitted as ...

, chat, and a custom toolbox for quick deployment of support tools. In addition to features that facilitate communication, ConnectWise ScreenConnect also offers complete control over branding and customization of the product design, logo, color scheme, icons, text strings, and localization.

Security

The software is self-hosted providing users the ability to control the flow of data behind their own firewall and security implementations. ConnectWise Control uses 256-bit AES encryption to package and ship data, supports

two factor authentication Multi-factor authentication (MFA; two-factor authentication, or 2FA) is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more distinct types of evidence ...

, has server level video auditing, and granular

role-based security In computer systems security, role-based access control (RBAC) or role-based security is an approach to restricting system access to authorized users, and to implementing mandatory access control (MAC) or discretionary access control (DAC). Ro ...

. Forms-based and Windows Authentication are optional authentication methods for security purposes.

Compatibility

Host (presenter or technician): can utilize

Mac Mac or MAC may refer to: Common meanings * Mac (computer), a line of personal computers made by Apple Inc. * Mackintosh, a raincoat made of rubberized cloth * Mac, a prefix to surnames derived from Gaelic languages * McIntosh (apple), a Canadi ...

Linux Linux ( ) is a family of open source Unix-like operating systems based on the Linux kernel, an kernel (operating system), operating system kernel first released on September 17, 1991, by Linus Torvalds. Linux is typically package manager, pac ...

Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...

, iOS or Android operating systems. Guest (customer or participant): can connect from Mac, Linux or Windows. ConnectWise ScreenConnect can also be utilized to remotely support Android devices, with complete view and control available for devices manufactured by Samsung.

Technology

Server

The on-site ConnectWise ScreenConnect server is self-hosted, and runs as a .NET Framework application. On

Microsoft Windows Windows is a Product lining, product line of Proprietary software, proprietary graphical user interface, graphical operating systems developed and marketed by Microsoft. It is grouped into families and subfamilies that cater to particular sec ...

it runs as a set of

services Service may refer to: Activities * Administrative service, a required part of the workload of university faculty * Civil service, the body of employees of a government * Community service, volunteer service for the benefit of a community or a ...

. In 2015, ConnectWise ScreenConnect launched a hosted cloud platform, providing a way to use the ConnectWise ScreenConnect software with no local server installation required. The ConnectWise ScreenConnect server runs as a set of four discrete services: * The Web Server service is an outward-facing

ASP.NET ASP.NET is a server-side web-application framework designed for web development to produce dynamic web pages. It was developed by Microsoft to allow programmers to build dynamic web sites, applications and services. The name stands for Ac ...

HTTP HTTP (Hypertext Transfer Protocol) is an application layer protocol in the Internet protocol suite model for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web, wher ...

application and serves as a portal for both technicians and their end-users * The Relay service provides outward-facing in-session communication and operates on TCP sockets. Communication is encrypted with the

AES-256 The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001. AES is a variant ...

block

cipher In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is ''encipherment''. To encipher or encode i ...

. * The Session Manager service provides a data store for both the Web Server and Relay services. It is implemented as WCF

SOAP Soap is a salt (chemistry), salt of a fatty acid (sometimes other carboxylic acids) used for cleaning and lubricating products as well as other applications. In a domestic setting, soaps, specifically "toilet soaps", are surfactants usually u ...

web service. * The Security Manager service provides a data store for security-related activities, including authentication and auditing

Clients

ConnectWise ScreenConnect sessions are arranged through the web application. Once users join sessions, a ConnectWise ScreenConnect client is launched to connect to the Relay service. ConnectWise ScreenConnect targets clients based on device and operating system: * The

.NET The .NET platform (pronounced as "''dot net"'') is a free and open-source, managed code, managed computer software framework for Microsoft Windows, Windows, Linux, and macOS operating systems. The project is mainly developed by Microsoft emplo ...

client is targeted to

computers and is activated with a custom

URI Uri may refer to: Places * Canton of Uri, a canton in Switzerland * Úri, a village and commune in Hungary * Uri, Iran, a village in East Azerbaijan Province * Uri, Jammu and Kashmir, a town in India * Uri (island), off Malakula Island in V ...

Scheme which starts the session from an installed handler on the controller's workstation. For end-users joining a support session, a variety of bootstrappers can be used including Microsoft's ClickOnce technology. * The

Java Java is one of the Greater Sunda Islands in Indonesia. It is bordered by the Indian Ocean to the south and the Java Sea (a part of Pacific Ocean) to the north. With a population of 156.9 million people (including Madura) in mid 2024, proje ...

client is targeted to

OS X macOS, previously OS X and originally Mac OS X, is a Unix, Unix-based operating system developed and marketed by Apple Inc., Apple since 2001. It is the current operating system for Apple's Mac (computer), Mac computers. With ...

and

computers and is activated with

Java Web Start In computing, Java Web Start (also known as JavaWS, javaws or JAWS) is a deprecated framework developed by Sun Microsystems (now Oracle) that allows users to start application software for the Java Platform directly from the Internet using a web b ...

. * The

iOS Ios, Io or Nio (, ; ; locally Nios, Νιός) is a Greek island in the Cyclades group in the Aegean Sea. Ios is a hilly island with cliffs down to the sea on most sides. It is situated halfway between Naxos and Santorini. It is about long an ...

client is targeted to

iPhone The iPhone is a line of smartphones developed and marketed by Apple that run iOS, the company's own mobile operating system. The first-generation iPhone was announced by then–Apple CEO and co-founder Steve Jobs on January 9, 2007, at ...

s and

iPad The iPad is a brand of tablet computers developed and marketed by Apple Inc., Apple that run the company's mobile operating systems iOS and later iPadOS. The IPad (1st generation), first-generation iPad was introduced on January 27, 2010. ...

s. * The Android client is targeted to Android phones and tablets.

Licensing model

ConnectWise ScreenConnect is commercial software. Licenses sit in a pool and are available to any user on any workstation. There are three types of license: a single concurrent that allows one simultaneous connection per license, an unlimited which allows an unlimited number of concurrent sessions as long as all sessions are utilizing the same server, and enterprise licenses which provide flexible options for SaaS, multi-user, or custom functionality. The concurrent license types are bought as a one-time purchase, with lifetime support. A subscription model is used for updates, which are free during the first year after purchase, after which the "update license" must be renewed. Pricing for updates depends on when the update license was last-renewed.

Misuse

The program under its previous name of ''ScreenConnect'' has been used in fraudulent

technical support scam A technical support scam, or tech support scam, is a type of scam in which a scammer claims to offer a legitimate technical support service. Victims contact scammers in a variety of ways, often through fake Pop-up ad, pop-ups resembling error ...

s where the fraudster is able to gain the control of the victims computer by telephoning and tricking the user to install the software and permitting a connection. The free trial period has been utilized to avoid any software costs in doing this, and similar products such as TeamViewer, AnyDesk and Ammyy Admin have also been used for the scam. Cybercriminal group

LockBit LockBit is a cybercriminal group proposing ransomware as a service (RaaS). Software developed by the group (also called ransomware) enables malicious actors who are willing to pay for using it to carry out attacks in two tactics where they not o ...

exploited vulnerabilties in ScreenConnect.

References

External links

Product homepageDocumentation
{{Remote administration software Remote desktop Windows remote administration software MacOS remote administration software Internet software for Linux Web Conferencing Internet Protocol based network software Proprietary software

History

Acquisition by ConnectWise

Product

How it works

Features

Security

Compatibility

Technology

Server

Clients

Licensing model

Misuse

See also

References

External links