Flexxible Remote Assistance

Flexxible Remote Assistance is a feature designed to facilitate secure and efficient technical support, allowing an operator to remotely access a device and take control of the user's session to diagnose issues, apply changes, or execute administrative tasks.

The solution enables the management of any application visible to the user, including those requiring privilege elevation or running under User Account Control (UAC), ensuring a temporary operation with a strict focus on security and privacy.

Main features

• Compatible with user sessions on physical devices, VDI, shared desktops, and virtualized application environments.
• Works with or without a proxy.
• Supports both end-user devices and unmanned devices (servers or kiosks).
• Compatible with Windows.
• Useful for occasional support sessions or as a remote access mechanism to infrastructure (e.g., servers).

Privacy and security

• To minimize the attack surface and reduce vulnerability exploitation risks, FlexxAgent does not install additional software, so there is no service "listening" for incoming connections. Only runs (without installation) in real-time when requested from the Workspaces module.

• Audio redirection is disabled by default to prevent the operator from listening to conversations if the user is on a video call.

Flexxible Remote Assistance - Types

1. Interactive (Attended)

Allows the operator to connect to a device and take control of the user's active session, after obtaining their explicit consent. This connection mode provides secure and supervised access to the user's environment, facilitating real-time issue resolution and support actions.

2. Unattended

Allows an operator to access and control a device without needing a user to be present. It is aimed at server-type or kiosk devices.

When this type of assistance is initiated, FlexxAgent shows the operator the necessary data to connect:

• Session ID. Session identifier.
• Password. Dynamic password that regenerates in each session (it is not recommended to store it).
• Download the activation file for the operator.

The operator must enter the password when executing the activation file to take control of the device.

info

15 minutes after the end of the connection, the service is automatically deactivated and the password expires. Neither the file nor the authentication data are reusable.

3. Dynamic

Allows the operator to access the device regardless of whether or not there are active user sessions.

• If there is an active session, the interactive (attended) assistance process is initiated.
• If no active session exists, unattended remote assistance is launched, even allowing login with other accounts without interfering with user data.

Considerations

• On devices configured for dynamic remote assistance, it will not be possible to initiate unattended remote assistance on any session of the device from Sessions in the Workspaces module.
• Requires the device receiving assistance to have FlexxAgent 24.9.2 or higher installed.
• Even though the report group to which the device belongs is configured for dynamic remote assistance, the option to execute all three types of assistance will still be shown in the Workspaces module, but only the dynamic one will be functional.

Requirements

• The device receiving remote assistance must have FlexxAgent 23.7 or higher (24.9.2 for dynamic assistance).
• Connectivity to https://ras.flexxible.com via TCP port 443.

info

Remote assistance will be interrupted if FlexxAgent is restarted during its execution.

Settings

A device cannot receive remote assistance if it is not enabled for it from the FlexxAgent Configuration (Flexxible Remote Assistance) of its report group. There you can define what type of remote assistance it can receive.

Activation

The execution of Flexxible Remote Assistance can be done at the device or session level.

Appliance

1. Access the Workspaces module -> Level 1 -> Workspaces.
2. Select the device.
3. Click Operations -> Flexxible Remote Assistance.
4. Choose the type of remote assistance you want to execute.

Session

1. Access the Workspaces module -> Level 1 -> Sessions.
2. Select the session.
3. Click Operations -> Flexxible Remote Assistance.
4. Choose the type of remote assistance you want to execute.

When the operator requests to start assistance, FlexxAgent runs a process and notifies the user.

Activation file

The operator must download an activation file to provide the service. This will depend on whether the support-providing device has FlexxAgent installed or not.

Devices with FlexxAgent installed

The operator must download and run the Flexxible Remote Assistance file, which has the extension .flxra.

• Runs without installation, with user permissions.
• Remains active only during the session.
• Once finished, it stops and the file is automatically deleted from the system.

Devices without FlexxAgent installed

The operator must download and execute the file with the extension .exe.

• Runs without installation, with user permissions.
• Remains active only during the session.
• The file is not automatically deleted after the session ends.

In both cases, the user's consent will be required before the operator can take control.

View from the operator's screen:

View from the user's screen:

info

Even if the file is executed without administrative privileges, the operator will have access to administrative tools through Flexxible Tools.

Generated Processes

Executing the activation file starts two processes:

• FlexxAgent.exe
• FlexxibleRA.exe

Operation through proxy

From the operator's point of view

When executing the activation file, FlexxAgent checks if the Proxy_Url key exists:

• If it detects it, it uses it.
• If not, it runs AnyDesk in autodetection mode.

From the end-user's point of view

FlexxAgent checks if the proxy is configured.

• If it detects it, it uses it.
• If not, it runs AnyDesk in autodetection mode.

If the proxy configuration registry keys do not exist, it will detect if the operating system has the proxy configured.

• If it detects it and it is accessible, it uses it.
• If not, it runs AnyDesk in autodetection mode.

Flexxible Tools

The remote assistance file runs with user permissions. If the user does not have admin privileges, the operator can use Flexxible Tools, available in interactive (attended) remote assistances.

Flexxible Tools allows the operator to run administrative tools.

• CMD
• PowerShell
• Registry editor
• Task Manager

Settings

Flexxible Tools can be activated for users depending on their role in Portal. This can be done in two ways:

From Product

1. Go to Portal -> Settings -> Organization.
2. In the menu, click the Products tab.
3. Click FlexxAgent Configuration in the record of the desired product.

This allows applying the change to all report groups.

From Report Groups

1. Go to Portal -> Settings -> Reporting Groups.
2. Click FlexxAgent Configuration in the record of the desired report group.

This allows enabling or disabling the functionality for one or more report groups.

info

Flexxible Tools requires that both the operator's device and the assisted one belong to the same FlexxAgent environment.

Connection Detection

The Jobs section in the Workspaces module allows identifying the start and end time of a remote assistance session. The job status accurately reflects the operator's actual activity and records all events related to their connection.

Job Start

When an operator presses the Flexxible Remote Assistance button, a job is automatically created with the status In Progress. From there, the system monitors whether a connection is established by the operator.

Job Closure

• Automatic Closure. If no active connection is detected within the first five minutes, the job is closed automatically. In this case, the following record is added:

  The job has been closed. No active remote assistance connections detected.

• Closure after connection ends. The job is closed if a remote assistance connection is detected and it ends successfully.

Reconnections

If the operator reconnects to the same device, the job will automatically return to the In Progress status. Once the new connection ends, the system marks it as Completed.

Job Detail

The job details of each connection are displayed as follows:

09/10/2025 10:43:05 (UTC) - Remote assistance connection started from the id 276790 to the id 941120
09/10/2025 10:41:49 (UTC) - Remote assistance started at 09/10/2025 12:41:49 local time
09/10/2025 10:45:00 (UTC) - Remote assistance ended at 09/10/2025 12:45:00 local time
09/10/2025 10:45:00 (UTC) - Connection duration: 191s

info

In unattended remote assistance where multiple operators work on the same device, it may not be possible to accurately determine which job each connection belongs to.