Overview
Saner Remote Access is an on-demand remote support tool included with Saner Endpoint Management (EM). It enables IT teams to securely access devices for troubleshooting, maintenance, and support.
Proper network, antivirus exclusions are essential for reliable operation. Meeting these prerequisites ensures:
- Secure, uninterrupted remote sessions
- Prevention of connectivity issues
- Efficient device management
Note: These requirements are in addition to the standard prerequisites for deploying the Saner Agent.
Network Requirements
Saner Remote Access communicates with devices over the network. If direct peer-to-peer (P2P) connections are not possible, it uses relay servers.
To avoid connectivity issues, ensure your firewall or proxy allows access to the relay server URLs for your deployment region:
Deployment Region | Relay Server URL to Whitelist |
Global SaaS (saner.secpod.com) | relay.secpod.com |
EU SaaS (eu.saner.secpod.com) | eu.relay.secpod.com |
UK SaaS (uk.saner.secpod.com) | uk.relay.secpod.com |
Note: Whitelisting these URLs ensures remote sessions are not blocked by security devices.
Antivirus Exclusions
Antivirus software can interfere with Saner Remote Access. To ensure uninterrupted operation, add the following directories and executables to your antivirus exclusion list:
OS | Directory | Executable |
Windows | C:\ProgramData\SecPod Saner\remoteconnector | spremoteconnector.exe |
Linux / macOS | /opt/saner/spremoteconnector | /var/saner/bin/spremoteconnector |
Why this matters:
Excluding these files prevents antivirus programs from blocking or quarantining the remote access component, ensuring smooth remote sessions.
Active Directory Scanner Prerequisites:
If a Saner Agent is designated as an Active Directory (AD) Scanner, it must communicate with the AD server to retrieve information about users, groups, devices, and organizational units (OUs).
Ensure that your firewall or proxy allows outbound TCP access from the designated agent to the AD server using the following ports:
Hostname/IP | Port | Protocol | Direction | Purpose |
Active Directory Server | 636 (recommended) | TCP | Outbound | Secure querying of users, groups, devices, and OUs |
Active Directory Server | 389 (optional) | TCP | Outbound | Non-secure querying of users, groups, devices, and OUs |
Important:
- Port 636 (LDAPS) is strongly recommended for encrypted communication over TLS.
- Port 389 (LDAP) transmits data in plaintext and should only be used in trusted internal networks.
Best Practices
- Network Configuration: Whitelist relay servers for your deployment region.
- Antivirus Configuration: Exclude specified directories and executables.
- Active Directory: Use LDAPS (port 636) and ensure outbound TCP access is allowed.
- Planning: Verify all prerequisites before attempting remote sessions to avoid delays or connection failures.
Following these steps ensures that Saner Remote Access works reliably, securely, and without interruptions.
Conclusion
Saner Remote Access is a powerful tool for providing secure and efficient remote support.
By following the prerequisites for network, antivirus Exclusions, organizations can:
- Ensure smooth, uninterrupted remote sessions
- Minimize security risks
- Maintain compliance
- Improve overall device management efficiency
Meeting these requirements before deployment guarantees reliable performance and empowers IT teams to manage devices effectively from anywhere.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article