Communication and Security - Take Control (N-able)

Take Control (N-able) traffic is secured using multi-layer authentication. Elliptic-curve Diffie-Hellman is implemented to protect our public/private key exchanges, a component step in session instantiation. All commands, including keyboard and mouse strokes, file transfers and clipboard information are digitally signed.

Take Control (N-able) does not have access to session content. All encryption is based on an end-to-end negotiation that does not intercept transferred information or decode the information in the gateway. Encryption keys are randomly generated for each session.

Take Control (N-able) uses servers located in large data centers around the world, and a geolocation method ensures the geographically nearest router is always used for the connection.

To avoid potential communication or connection problems to these global servers, we recommend you allow the following Ports, URLs, and IP addresses in your firewall or web-monitoring software:

Ports

80 (TCP)
443 (TCP)
3377 (TCP) - used as a fall over if 443 is unsuccessful

URLs

*.mspa.n-able.com
*.swi-rc.cdn-sw.net

UDP Mode (Optional)

In addition to TCP connections, the Viewer includes the facility to utilize the UDP transmission model

UDP connections are not available on Mac computers.

In the Viewer go to Advanced, Use RDP.

When UDP Mode is enabled, the Take Control (N-able) viewer initially requires access to port 1234. After the system administrator modifies the firewall to enable the identified IP addresses to communicate with the server, the ports can be random.

Ports

1234 (UDP)
1235 (UDP)

Services and Processes (Windows only)

Take Control (N-able) includes the following executables that run continuously or for the duration of a single session:

Continuously running executables

Executable	Type	Description
BASupSrvc.exe	Service	Allows remote sessions and maintains communication to the N-sight RMM Dashboard and infrastructure
BASupSrvcUpdater.exe	Service	Updates the BASupSrv service when required and ensures it is always running
BASupSrvcCnfg.exe	Process (Normal)	Allows in-session chats between the technician and the user, and also displays the session authorization pop-ups. This process is loaded for each user logged on to the machine and multiple instances can exist at the same time. If the session is killed, in-session chats are not available and session authorization pop-ups do not display to the local user (the default action defined will occur after a timeout period).

Executable

Type

Description

BASupSrvc.exe

Service

Allows remote sessions and maintains communication to the N-sight RMM Dashboard and infrastructure

BASupSrvcUpdater.exe

Service

Updates the BASupSrv service when required and ensures it is always running

BASupSrvcCnfg.exe

Process (Normal)

Allows in-session chats between the technician and the user, and also displays the session authorization pop-ups. This process is loaded for each user logged on to the machine and multiple instances can exist at the same time.

If the session is killed, in-session chats are not available and session authorization pop-ups do not display to the local user (the default action defined will occur after a timeout period).

Single session executables

Executable	Type	Description
BASupTSHelper.exe	Process (Elevated)	Permits image capturing during the remote session
BASupSrvcEvnt.dll	DLL	Registers Take Control related Events that display in the device's Event Viewer. To ensure Take Control is reported as the Event source, the .dll remains on the device after Take Control is uninstalled.