This invention relates to remote computer access, and more particularly to hardware and software for coordinating video, keyboard and mouse information transfers and control to/from a remote PC and one or more host PCs.
Since the introduction of the PC there has been a need to access PCs from remote locations. Initial remote access approaches software based systems, such as pcAnywhere, Reach Out, etc., Such remote access systems are operating system dependent, meaning that the software would only function in association with a particular operating system (i.e. DOS, Windows, Unix, etc) and software upgrades were normally required each time that operating system was enhanced.
Software-only based systems were also intrusive (i.e. the software had to be installed on the Host PC). As a result, the software took resources away from the Host PC and often caused the Host PC to lock up due to incompatibilities between the remote access software and application software running on the Host PC. Moreover, many critical PC applications, such as network file servers, where simply incompatible with all remote access software products. Finally, remote access software failed when the Host PC failed, meaning that maintenance personnel could not remotely access a PC that had failed or locked up to determine why the failure occurred and to take corrective action.
U.S. Pat. No. 5,732,212, which is incorporated herein by reference, disclosed a prior art remote access product that was marketed as so-called KEY-VIEW. Keyview was a custom designed hardware unit externally connected to a Host PC that had a proprietary internal software operating system which serviced a remote user. Proprietary software operating on a Remote User""s PC was used to remotely access the KEY-VIEW unit at the Host site. A Remote user running this proprietary software required only a standard modem and PC to access any Host site.
Using the present invention (sometimes referred to herein by an example embodiment called xe2x80x9cKEY-VIEW IIxe2x80x9d), a single KEY-VIEW PC permits remote control of a plurality of Host PCs alone or in combination with third party switch boxes and allows help desk and maintenance personnel to be highly centralized, but still respond to support calls, as if they were on-site. This means KEY-VIEW dramatically cuts down-time as well as costs for maintenance and technical support.
Under KEY-VIEW II, a standard remote access engine such as pcAnywhere is used to remotely access a KEY-VIEW PC. pcAnywhere in combination with the KEY-VIEW PC permit access via a LAN, modem, the Internet and/or direct serial or parallel port access. pcAnywhere supports TCIP access, so customers may access the KEY-VIEW II PC over the Internet and launch, monitor and control applications running any Host computer connected to the Host PC even in distant international locations, as if they were actually on site.
The example embodiment described herein uses the remote access package, pcAnywhere, using the latest 32 bit technology. But, other remote access engines can be substituted.
KEY-VIEW II improves control of xe2x80x9cHostxe2x80x9d PCs from a remote location on virtually a real time basis without any remote access hardware or software running on the Host PC. Any PC running any operating system may be accessed remotely, as long as the Host PC has a standard video card and compatible keyboard. The present invention eliminates operating system dependent, software only based remote access solutions that involve costly software upgrades and complexities each time the Host or Remote PCs operating system changes.
KEY-VIEW II is a independent hardware unit that is installed between the Host PC and it""s video monitor, keyboard, mouse and power source. In other words, the Host PC""s video monitor output signal passes through KEY-VIEW II before reaching the VGA monitor, the keyboard and mouse input signal passes through KEY-VIEW II before reaching the PC. Accordingly, KEY-VIEW II intercepts all of the critical input and output functions of a PC necessary to totally remotely control any PC running any operating system or application.
The KEY-VIEW II thus provides platform-independent remote access. KEY-VIEW II permits remote access to any version of any operating system, even versions that have not yet been released. Moreover, since KEY-VIEW II converts the analog video (VGA or SVGA) output signal of a Host PC to digital form, KEY-VIEW II permits a remote user to view on virtually a real-time basis whatever is on the video output display, even in those cases where the Host PC is totally locked up.
Using KEY-VIEW II, remote support technicians can be instantly transported to a site that has failed as if they were on-site. KEY-VIEW II eliminates resulting downtime, technician travel time and permits scarce technical experts to be centralized and utilized efficiently.
Under the KEY-VIEW II remote control concept, a remote user simply calls the KEY-VIEW PC, using pcAnywhere, to take control of one or more Host PCs as if they are on site, non-intrusively, without any software or hardware installed in the Host PC(s). No special hardware other than a PC or laptop with a standard modem or LAN interface card is required by a remote user to access KEY-VIEW PC.
KEY-VIEW II has the necessary tools to remotely restore normal Host PC processing in most cases. For example, KEY-VIEW II could be used to remotely view or change the CMOS setting on a Host PC. In cases where remote repair may not be possible (e.g. a hard drive is defective), KEY-VIEW II provides the necessary unrestricted access required to remotely determine what repairs (e.g. replace hard drive) will be necessary to restore normal Host PC operations.
Many network operating systems do not permit remote access software applications to co-exist with the network server""s operating system. Even in cases where a server operating system may support remote access, many administrators don""t permit remote access simply because the remote access software application degrades server performance. Moreover, because such application are always running in the background constantly testing for incoming calls, such applications increase the probability of causing server failures. If the server""s operating system fails, the server""s processor locks up for any reason, or the network cabling systems fail, the network administrator will not be able to determine the reason for the failure and effect repairs without having direct, on-site access to the server. However, if a KEY-VIEW II system had been installed, the network administrator would have been able to remotely access the Host unit, view what appears on the server""s screen, physically take over the server""s keyboard, control operations and/or cold boot the server, as required. KEY-VIEW II thus provides network administrators with unconditional access to any network server (Host PC) without requiring either CPU or Local Area Network (LAN) communications support from the Host PC or the network.
As an example of other uses for KEY-VIEW II, consider a company where each employee depends on a multi-port network communications server for remote access to their reference files. If one or more ports on the communications server should fail, remote access to the company""s files and network would not be possible or would be haphazard. In such cases, simply rebooting the communications server remotely is not desirable because there may be other remote users on ports that are still operating properly, so xe2x80x9cblindlyxe2x80x9d rebooting the communications server would immediately cut off their connection(s). Obviously, a network administrator must be in a position to take immediate corrective action, but may not be on-site. KEY-VIEW II permits administrators to remotely access and control the communications server immediately, as if they are physically sitting in front of the server.
KEY-VIEW II may also be used for more efficient remote maintenance of PCs. When a failure occurs, a remote maintenance center can take over the failed PC for purposes of running diagnostic procedures. In many cases the problem may be correctable remotely by the maintenance center, thus avoiding wasted technician travel time. At a minimum, KEY-VIEW II provides management personnel with the information necessary to know what parts and technician skill levels are required to make the on-site repairs before anyone is dispatched to the site.
As a final example, KEY-VIEW II may be used to remotely monitor user activities to significantly enhance corporate security. For example, a bank could connect a KEY-VIEW PC to each PC in a remote branch. Branch staff would have no way of knowing whether or not their PC and their activities were being monitored remotely. More importantly, the monitoring process would have no effect on the staffs normal PC operations.
Using the KEY-VIEW PC multiple PCs may be controlled remotely using a single phone line, LAN node connection or Internet Address. By adding supported third party switch boxes, the number of remotely accessible PCs can be increased further. Incredibly, with KEY-VIEW II full remote access is possible to remotely reboot a Host PC and watch it reboot while remaining connected to the Host PC.
KEY-VIEW II supports up to 256 colors and graphics resolutions up to 1024xc3x97768 and provides remote keyboard and mouse.
Within a KEY-VIEW PC a customer installs interface cards, each having the ability to capture the VGA/SVGA video output signal of a Host PC or supported third party switch box and display the Host PC""s screen on the KEY-VIEW PC""s screen on virtually a real-time basis. The KEY-VIEW PC also has the ability to redirect it""s keyboard and mouse to control the Host PC, as if the KEY-VIEW PC""s keyboard and mouse were directly connected to the Host PC. On this basis, when a remote user links to the KEY-VIEW PC via a single copy of pcAnywhere, it serves as a gateway to totally control any xe2x80x9cHostxe2x80x9d PC connected to it either directly or through an optional third-party switch box. On this basis a user may remotely control and switch between up to 48 Host PCs running any operating system or application without any special hardware or remote access software installed on any of the Host PCs.
KEY-VIEW II also integrates the functions of the so-called NET-911 Control Modules and KEY-VIEW PC Access Control Card into the KEY-VIEW custom hardware unit. That is, the KEY-VIEW II can be part of a unique family of NET-911 products. Each product in the family is designed to perform specific functions that further enhance the usefulness of the entire family, particularly for remote PC network administration purposes. The other products in the family, which are described and claimed in greater detail to follow:
1. Network Trouble Alert System. That is the most comprehensive, versatile and failsafe method for detecting network failures and issuing alerts trouble alerts to network administrators.
Properly administering any network site requires a totally reliable means for monitoring servers and the environment 24 hours a day, 7 days a week. If a problem occurs, a fail-safe alert delivery system would also be essential.
Software based network monitoring systems currently exist in marketplace. One example is described in U.S. Pat. No. 5,566,339, which is incorporated herein by reference. But, software based systems are not fail-safe. For example, monitoring stops without notification if the PC they are running-on fails or simply locks up. No known system has voice alert delivery capabilities. Moreover, these systems have no environmental monitoring capabilities. In this regard, most server failures are a direct result of either power failures or excessive heat buildup due to malfunctioning cooling systems.
The NET-911 Trouble Alert System is a total solution solving the short-comings of existing network monitoring products. The NET-911 system consists of software installed on a network workstation as well as a hardware unit connected to the workstation via a serial cable provided. NET-911 monitors the environment as well as an unlimited number of file servers (for example, Novell Netware or Windows NT servers) visible to the workstation over the LAN. In addition, when a particular server (that is serviced by the Trouble Alert System) is used as a gateway to another server operating system which is not serviced per se by the alert system, the non-serviced servers may also be monitored from the single Trouble Alert System.
The NET-911 System can issue pager and/or custom user recorded voice alerts over the telephone should (1) a network server fail; (2) power fail or be restored; (3) the temperature becomes too Hot or too cold; or (4) another monitored process fail (e.g. tape backup unit). To insure fail-safe processing, the hardware unit has its own redundant internal battery, microprocessor, and modem. This makes it possible to deliver alerts even when the workstation connected to the unit fails or loses AC power. Conversely, using software provided with the System, the workstation can be used to deliver failure alerts should the hardware unit fails. These safeguards make the Trouble Alert System excellent for reliable, long term, unattended, monitoring of Network sites.
Numerous other innovative features are also integrated into the NET-911 system. For example, should a server failure be detected, NET-911 automatically cold-boots the work station to which it is connected to confirm the failure. This extra step prevents false failure alerts from being issued. As a second example, NET-911 records what is said when a person alerted answers an alert call and stores this recording on the workstation""s disk drive. This recording serves as a perfect audit trail to prove the alert was delivered. The NET-911 hardware unit also has two adapter ports that be used to optionally detect water, smoke and intruders.
The NET-911 system compliments the capabilities of the KEY-VIEW II system by automatically alerting designated person(s) that a problem has been detected on a network. Then, the KEY-VIEW II system could be used to immediately deal with the problem at hand.
2. Control Modules. These are unique devices permitting remote power control and serial access to an unlimited number of PCs or other devices, such as routers, printers, copy machines, etc. Unlike other remote power control products that require their own phone line, NET-911 modules can be chained together and connected to the serial port of any PC previously set up for remote access.
NET-911 Control Modules permit remote power control and serial access to an unlimited number of PCs or other devices, such as routers, printers, copy machines, etc. Unlike other remote power control products that require their own phone line, NET-911 modules can be chained together and connected to the serial port of any PC previously set up for remote access. xe2x80x9cModule Management Softwarexe2x80x9d supplied with NET-911 modules may then be installed on this xe2x80x9cManagement PCxe2x80x9d and remotely activated whenever necessary to control power and serial access to up to 250 devices connected to the PC""s serial port. For sites using KEY-VIEW II, the modules would be connected to the serial port of the KEY-VIEW PC to provide serial access and power control to all Host PCs connected to the KEY-VIEW PC.
Low cost NET-911 modules may be used for numerous practical purposes. For sites with KEY-VIEW units connected to third party supplied switch boxes, NET-911 modules may now be used to transfer files and reboot PC""s connected to the switch box. For other sites, NET-911 modules may be used to serially manage and control power to other PC""s or routers.
The Management PC may be accessed remotely using any commercially available software package, such as pcAnywhere, Remotely Possible, Carbon Copy, etc. The Management PC simply serves as the gateway to individually serially access other devices, such as routers or PCs, for management, file transfer or AC power control purposes. Most third-party, remote control, software packages will support remote access to a Management PC via the phone line, LAN and/or Internet.
Each NET-911 module has one xe2x80x9cDATA INxe2x80x9d and one xe2x80x9cDATA OUTxe2x80x9d port permitting up to 250 modules to be daisy-chained together using inexpensive standard, 8 wire, straight-through, flat cable. The first module on the daisy-chain connects directly from the DATA IN port to any standard serial port on a Management PC, using a special serial port interface connector (RJ-45 to DB-9) supplied. Other modules may be added to the chain by connecting the DATA IN port of the module added to the DATA OUT port of the last module on the chain. Modules are addressed by the NET-911 Module Management Software (running on the Management PC) based on the order (i.e. physical sequence) that each module is installed on the daisy-chain. For example, the module directly connected to the Management PC""s serial port would be Module ID 1, the module connected to module ID 1""s DATA OUT port would be addressed as module ID 2, and so forth.
Using the Module Management Software provided, each module on the daisy-chain may be individually selected (i.e. designated as the Active module). When a module is active, any device connected to that module""s SERIAL port may be serially accessed, as if that device were the only serial device connected directly to the Management PC. To avoid serial conflicts between devices and modules only one module on the daisy-chain may be active at any point in time. The active module may be changed at any time from a remote location using the Module Management Software.
A NET-911 module has one power input cord and one power output receptacle. AC power input is obtained from any AC power source, such as a wall outlet or UPS. AC power passes through the module to the device connected to the module""s three prong power output receptacle. Power to more than one device may be controlled by connecting any commercially available power strip having multiple receptacles to the power output receptacle on the module. When a module is accessed from the Management PC (using the Module Management Software provided), power may be turned ON or OFF to those device(s) obtaining AC power from the module""s power output receptacle.
Each NET-911 Control Module also has a single xe2x80x9cSERIAL interface portxe2x80x9d. This port permits a device (such as a PC, router, printer, etc. that can be controlled or managed serially) to be connected to the module using one of the RJ-45 to DB-9 serial interface adapters provided. On this basis, when the module on the daisy-chain is addressed by the Management PC (using the Module Management Software provided), it appears as if that device is the only device serially connected to the Management PC.
Even though there may be hundreds of modules daisy-chained together, only one module may be addressed (i.e. active) at a time by the Module Management Software provided. This approach permits unrestricted serial communications between the Management PC and whatever PC (or other device) is connected to the selected module""s SERIAL port. Moreover, NET-911 modules have been designed so that there is no interference or creation of any special data packets that would in any way degrade serial performance when communicating with a device connected to a module""s serial interface.
Using the Module Management Software provided, each module on the daisy-chain may be individually selected (i.e. designated as the Active module). When a module is active, any device connected to that module""s SERIAL port may be serially accessed, as if that device were the only serial device connected directly to the Management PC. To avoid serial conflicts between devices and modules only one module on the daisy-chain may be active at any point in time. The active module may be changed at any time from a remote location using the Module Management Software.
There is also a supported mode where none of the modules on a daisy-chain are addressed. In this mode the serial signal just passes through to whatever is connected to the end of daisy-chain. This mode is referred to as the xe2x80x9cSerial pass-throughxe2x80x9d mode. For example, in this mode a Management PC could communicate with a serial printer or modem connected directly to the DATA OUT port of last module on the daisy-chain, as if no modules existed. To make this direct connection to the device connected to the last module on the chain, either (1) a special optional RJ-45 to DB-9 connector is required or (2) a null modem connector MUST be placed between a standard NET-911 RJ-45 to DB-9 module connector and the device""s serial port.
Unlike many power control products on the market, NET-911 modules remember the current status of output power even in cases where power fails to the module itself. This is important in an emergency situation. For example, this feature allows a user to turn OFF power permanently to devices at a remote site to prevent resulting temporary power outages from damaging the hardware at the site. In this case many devices on the market improperly reset and turn power back ON to devices at the site if power fails to their module. In contrast, NET-911 will insure power remains OFF in this example until power is turned back ON by a remote user.
3. KEY-VIEW PC Access Control Card. These cards log caller ID and restrict access to a KEY-VIEW PC based on the caller""s ID. Also, they permit rebooting of the KEY-VIEW PC remotely.
Each KEY-VIEW PC can include a unique ISA xe2x80x9cAccess Control Cardxe2x80x9d designed to permit the KEY-VIEW PC to be remotely reset, to capture the caller""s ID, issue pager alerts when intruders are detected and to control the KEY-VIEW PC""s turbo light.
When the Reboot card is installed, a phone line is connected into a xe2x80x9cPHONE xe2x80x2INxe2x80x9d jack on the back plate of the card. A xe2x80x9cPHONE OUTxe2x80x9d jack permits the pass through of the phone signal to either a telephone or a modem, as necessary.
When a call is received, the card captures the caller""s ID and passes any ID received to the KEY-VIEW II application running on the KEY-VIEW PC. Using the Caller ID menu option, the KEY-VIEW PC could then be optionally configured to only accept calls from a pre-specified list of phone numbers to improve security. In addition, capturing the caller""s ID permits logging the phone number of anyone attempting to remotely access the KEY-VIEW PC.
Each access control card is connected either to the PC""s internal reset switch or to an optional external NET-911 Control Module to permit the reset card to reboot the KEY-VIEW PC when instructed by a remote user.
The Access Control Card has the capability to count incoming rings and thereby permit actions based on the number of rings detected. If less and/or more than a user specified number of rings are received, the card may be configured to reboot the KEY-VIEW PC.
Rebooting the KEY-VIEW PC remotely is necessary in the event the KEY-VIEW PC should ever lockup (i.e. not respond when a user attempts to access the KEY-VIEW PC remotely). The reset card monitors all incoming phone calls and can be configured to reboot the KEY-VIEW PC in the event less a user defined number of rings are detected or more than a user defined number of rings are detected.
When a modem is installed in the KEY-VIEW PC, it is possible that the modem answers a call but either the KEY-VIEW II and/or the remote access engine is locked up. In this case it will be necessary to remotely reboot the KEY-VIEW PC. In order to do this the remote access engine can be configured to instruct the modem to answer a call only after four rings. Then, the KEY-VIEW II xe2x80x9cEnable Reboot when less than xe2x80x9cnxe2x80x9d ringsxe2x80x9d is set to, for example, 2 rings. Using these settings, a remote user simply calls the KEY-VIEW PC and hangs up after one ring, thereby causing the KEY-VIEW PC to reboot.
The Access Control Card also supports a variation of the xe2x80x9creboot on less ringsxe2x80x9d option where a touch tone code (up to eight digits) may be entered by a remote caller after the modem answers a call to cause the KEY-VIEW PC to reboot.
It is also possible that when the KEY-VIEW PC locks up the modem locks up too and does not answer a call at all. Also, in cases where no modem is installed in the KEY-VIEW PC but the KEY-VIEW PC is accessed remotely either via a LAN or the Internet, it may still be necessary to use a phone line to remotely reboot the KEY-VIEW PC should it lockup. Both of these problems can be solved by setting the Enable Reboot when more than rings option to 10 rings. In this situation, a remote user would simply call the KEY-VIEW PC and wait for more than 10 rings before hanging up thereby causing the KEY-VIEW PC to reboot.
In rare cases, it is possible that a modem installed in the KEY-VIEW PC could lockup and hang onto a phone line, so that the line was always busy when a remote user attempts to access the KEY-VIEW PC. In addition, one remote user may wish to terminate another remote user""s access during an emergency situation. Both of these situations can be resolved by connecting an external modem to the RJ-45 serial port of the Access Control card (using an optional connector and RJ-45 cable) and connecting a second (different) phone line to this modem. Any surplus external modem may be used for this purpose, since this modem will never operate above 2400 baud. In cases where a NET-911 Control module is already connected to the Access Control Card""s serial port, the modem should be connected to the xe2x80x9cData Outxe2x80x9d port of the module. This modem would then be configured to be in an auto-answer mode. Then, the option to use an external modem must be enabled and a password defined, as discussed under the Enable Modem Reboot topic. In this situation, a remote user would simply use a terminal emulation program such as Hyperterminal (supplied with Windows) to call the external modem and enter the correct password when prompted by the access control card thereby causing the KEY-VIEW PC to reboot.
An Access Control Card also has the capability to issue pager alerts in the event a potential intruder is detected. Such pager alerts would be appropriate if a user fails to enter a correct password within a pre-specified number of guesses or a caller ID is detected from an unauthorized phone number. The person to be alerted via their pager and the related pager codes can be defined using the Pager Alert menu option. In order to issue a pager alert an optional external modem must be connected to the Access Control Card.
The Access Control Card is also used to control the turbo light on the KEY-VIEW PC""s front panel via a cable connected from the card to the KEY-VIEW PC""s mother board""s turbo light control pins. The turbo light is then used to visually indicate when a remote user was accessing the KEY-VIEW PC and to indicate whether the KEY-VIEW PC was in Host mode or a Menu mode.
The KEY-VIEW PC""s turbo light is OFF when the KEY-VIEW PC is in a Menu mode and is not being remotely accessed.
The KEY-VIEW PC""s turbo light will be ON when the KEY-VIEW PC is in a Host mode and is not being remotely accessed. This light will flash ON briefly whenever the KEY-VIEW PC is in a Menu mode and is being remotely accessed. If the KEY-VIEW PC is in a mode where both pcAnywhere is xe2x80x9cIn Sessionxe2x80x9d and the KEY-VIEW PC is in a Host mode, the turbo light remains ON but then flashes OFF for 0.5 seconds every 5 seconds.
Setting the turbo light in this manner coupled with the user beep option, which is handled by the KEY-VIEW application running on the KEY-VIEW PC, will improve security by giving anyone working at the Host site a visible and audible indication whenever the KEY-VIEW PC is being remotely accessed.
In summary, the preferred embodiment of the present invention provides:
Support for 2, 4, 16, 256 or other numbers of colors in 640xc3x97480, 800xc3x97600, 1024xc3x97768 or other graphics modes;
Remote access support for modem access, LAN Access, direct serial/parallel cable access and/or TCP IP Internet access (i.e. up to 2 paths may be activated for remote access to the Host site;
Full integration of a remote access engine at Host and Remote sites;
Standard operating system installation on the KEY-VIEW PC which insures plug and play modem capability and LAN interface between Host and Remote sites;
Capability to control multiple Host PCs from a single KEY-VIEW PC using multiple KEY-VIEW PCI cards in the KEY-VIEW PC;
Support for third party switch boxes permitting a single KEY-VIEW PCI card to access multiple Host PCs;
Mouse support for controlling Host PCs from a Remote PC;
Integration of KEY-VIEW II compatible NET-911 Control Modules permitting remote AC power control and direct serial access to an unlimited number of devices at a Host site that can be managed serially (such as routers or network hubs) using the KEY-VIEW PC as the gateway; and
Use of a single KEY-VIEW PC to control any combination of up to 4 host PCs or switch boxes.
The following terms have the following meanings, as used in the description and claims:
Variations of the above terms may be used, such as xe2x80x98Remote Mousexe2x80x99 to refer to the mouse connected to the Remote PC, xe2x80x98Remote Userxe2x80x99 to refer to the person operating the Remote PC, xe2x80x9cRemote sitexe2x80x9d to refer to the site where the Remote PC is located, etc.