No public device server
Customer sites do not need to forward inbound VNC, SSH, RDP, or local admin ports to the device.
Security
Keep the device private. Control every remote session.
Front Desk is built for teams that need remote support without exposing device services to the internet. The device calls out, access is scoped, and sensitive sessions can require approval.
Account and device identity
Devices activate into an account and use device credentials for steady-state call-home access.
Remote access approval
Accounts can require approval before a requested remote session is granted.
Audit-first actions
Sensitive actions should capture who performed the action, the target, the time, and the reason.
Customer network story
The ask is narrow and understandable.
Instead of requesting an inbound firewall rule, a public remote-access service, or broad VPN access, Front Desk asks the device site to allow outbound traffic to approved Front Desk domains.
The support path remains tied to the account, device, user, approval policy, and session lifetime.
Zero-trust-style direction
Trust is earned per device, user, and session.
Front Desk does not assume that a network location is safe. The product direction is to authenticate the device, authenticate the operator, scope the requested access, issue short-lived session material, and record what happened.
For customer-prem devices, that is a better fit than leaving a remote desktop, SSH daemon, or web admin page listening on the public internet.
What stays closed
- Inbound firewall rules at the device site
- Public VNC or SSH listeners
- Broad network access for a narrow support task
- Silent access when approval is required
Approval
Put a person at the front desk when the business needs it.
Approver context
Show who is asking, which device is targeted, and what kind of session is requested.
Approve or deny
Let the customer contact, store manager, or supervisor decide before access starts.
Session record
Keep active and historical access visible for operational review.