This overview covers common questions and requirements when using SimpleHelp in Enterprise scale environments.
User authentication and permissions
In Enterprise environments it is important to keep management of users centralised and simplified as far as possible. For this reason, SimpleHelp supports:
- LDAP / ActiveDirectory authentication, both of specific tech accounts and of users without a corresponding SimpleHelp technician account, defined only within LDAP / AD
- RADIUS authentication
- Two Tier email based authentication
- TOTP support
- Restriction of user permissions and rights based on membership in LDAP / ActiveDirectory
All the above are covered in the Administrator Guide under Tech Groups
To allow group logins without a corresponding SimpleHelp Technician account you should check the option Allow group authenticated logins when configuring your Tech Group. You can also restrict the group to a particular OU or other LDAP/ActiveDirectory section by configuring the LDAP authentication search filter. This will allow LDAP/AD users to log in without a SimpleHelp technician account, and they will be assigned whatever permissions you set for that tech group.
SimpleHelp strongly encrypts all communications using industry standard tried-and-tested algorithms and techniques, regardless of which transport protocol is used for encapsulation. Our Security Guide has a more in depth explanation.
Regional SimpleHelp servers
If your organisation wishes to run multiple SimpleHelp servers by region, and have technicians access multiple servers, this can be achieved very easily.
The technician can simply download the online executable from each server they have access to, and rename it or create a shortcut to it. When they run each respective executable or shortcut, the technician app will launch the appropriate version for the target server and will connect to the server it was downloaded from.
This allows technicians to access any number of SimpleHelp servers with just one base Technician client installation.
SimpleHelp supports the use of multiple redundant license servers. In this case your master license is installed on one SimpleHelp server (potentially a dedicated server) and peer connections are created to your other SimpleHelp servers. Your license server can then allocate licenses to your other servers as necessary.
For more detailed information on license servers please see our Enterprise User Guide.
Redundancy and High Availability Failover
Remote access services can comfortably share with more than one SimpleHelp server. This allows you to run a backup SimpleHelp server and have all your remote access services accessible from both at all times.
High availability failover for other SimpleHelp applications (technician client, customer client) is available where a separate web server is used to direct apps towards a live SimpleHelp server. This allows the specification of any number of redundant SimpleHelp servers and allows you to switch live to any secondary or tertiary redundant SimpleHelp server.
Technicians in sessions or in the technician app are notified within a matter of seconds that the switch is required and may allow it immediately or delay the switch to finish important work uninterrupted subject to restrictions set in the centralised failover configuration.
For more detailed information on redundancy and high availability failover please see our Enterprise User Guide.
Scalability and Clustering
A single SimpleHelp server is capable of supporting thousands of sessions and hundreds of thousands remote access services.
Remote access services shared are largely limited by the I/O scalability of the server. UDP is the most scalable method to share your services with your SimpleHelp server and will allow it to scale beyond tens of thousands of shared machines with a single server. If you must use HTTP(S) to share services with your SimpleHelp server then this will typically be limited by the number of TCP or SSL connections your server can maintain. You can also use a mix of services with some using UDP and some using HTTP(S) to maximise the number of shared services.
Clustering is available with our Enterprise license and allows sharing very large sets of HTTP(S) based remote access services with the use of auxiliary SimpleHelp servers to spread the I/O load.
For more detailed information on scalability planning and clustering please see our Enterprise User Guide.