Tactical RMM is a free, Open Source remote monitoring and management tool for Windows. Among the many features it supports are remote desktop control, real-time remote shell, Windows patch management, remote software installation via chocolatey, and software and hardware inventory.

During the pandemic, remote work became the norm, and system administrators needed remote management tools more than ever. Products that were once mainly designed for the MSP space are now required for traditional sysadmins.

So, I was looking for a simple RMM tool to manage my small fleet of workstations and laptops (approx. 100 hosts), and I noticed that a new, Open Source software tool had cropped up and was competing with commercial RMMs in terms of performance and feature lists. Its name is Tactical RMM.

Tactical RMM features ^

Currently, the Tactical RMM agent supports only Windows operating systems (from Windows 7 to Windows Server 2019). Linux and macOS agents are in the planning stage.

The feature list, which grows with every release, comprises the following:

  • Remote desktop control, leveraged by MeshCentral
  • Real-time remote background (shell, file browser with download/upload)
  • Remote command and script execution (batch, PowerShell, and Python scripts)
  • Event log viewer
  • Service management
  • Windows patch management
  • Automated checks with alerting (CPU, disk, memory, services, scripts, event logs)
  • Automated task runner (run scripts on a schedule)
  • Remote software installation via Chocolatey
  • Software and hardware inventory

Installation ^

Installation requires some Linux skills. It is recommended to install Tactical RMM on a dedicated server. The process is straightforward. Updating the server is also as easy as downloading and launching a bash script.

To keep the installation and upgrade process easy, it is recommended that a public IP address be assigned to the Tactical RMM installation.

User interface ^

The user interface is clean, modern, and fast. Under a single pane of glass, you can manage the entire life cycle of your client machines.

Tactical RMM User Interface is nice and fast

Tactical RMM User Interface is nice and fast

Client onboarding ^

Once you have defined your client and site structure, you can create a deployment. Select the agent type, expiration date, whether you want to enable agent ping and RDP support, and the OS architecture.

Creating a new deployment

Creating a new deployment

When your deployment is created, you can download the installer using the link provided:

New deployment created

New deployment created

Now, you can install the agent on your client machines using your method of choice: GPO, PowerShell, or manually. A minute after your agent is installed, it will magically appear in your managed client section. Agent updates are automatically managed by the Tactical RMM Server.

Managing clients ^

From a management perspective, you can do everything you need to perform periodical maintenance routines and provide remote support to users:

  • Check machine and asset information.
  • Check installed software and install new software, pulled directly from the Chocolatey library.
  • Run scripts, pulled from the Tactical RMM script library.
  • Schedule checks and receive alerts (by email or SMS).
  • Schedule tasks, which are basically scripts (PowerShell or batch files). You can also execute a task in "Collector Mode," in which the output can be used to update a field on the host inventory. Tasks can also be triggered by a scheduled check failure.

Automation Manager ^

Scheduled checks and scheduled tasks can be assigned at the client/site level using the Automation Manager. In the Automation Manager, you can also define patch management policies. You can decide by patch severity (critical, important, moderate, low, or other) if the patch will be automatically installed, manually installed, or ignored. You can also select which schedule to apply. If automatically applied, you can reboot machines when required by updates.

Patch policy editor in action

Patch policy editor in action

Endpoint management ^

When it comes to endpoint management, Tactical RMM reveals its full power. When you right-click on an endpoint item, a very rich context menu appears:

The endpoint management menu

The endpoint management menu

My favorite feature is the "Take Control" action, which instantly opens a MeshCentral window and instantiates a blazing fast remote desktop connection.

Remote control leveraged by MeshCentral

Remote control leveraged by MeshCentral

Another interesting feature is the Remote Background action, which can be used for troubleshooting a machine without interrupting user activity. You can open a command prompt, manage files, and check services, processes, and Windows events.

Remote background file manager

Remote background file manager

User management ^

Tactical RMM provides a simple yet effective way to manage users and permissions, using a granular permission scheme. Every significant action is logged and can be further audited. Currently, only local authentication is supported with 2FA enforced, but it looks like a SAML/LDAP integration is planned.

Security ^

From a software security perspective, Tactical RMM developers ensure that API endpoints used for agent management are decoupled from user interface endpoints.

At the time of writing this article, the Open Source RMM Agent executable is not digitally signed. However, the developers offer a subscription service in the form of a GitHub sponsorship to provide digitally signed agent files if a user needs them. This means that if you want to use the Open Source agent, you need to add the agent folder/executables to the exclusion list of your endpoint protection software.

Integration ^

Tactical RMM is developed in Django, so under the hood almost every function provided is callable via the API. Thus, integration with other products (for example, your favorite ticketing system) is fairly easy.

Subscribe to 4sysops newsletter!

Conclusion ^

Although Tactical RMM is a young product, the energy and community orientation that the developers demonstrate gives me hope that the project will continue to grow in the right direction. We now have an RMM that is fast, stable, and functional. In the future, I expect an even more reliable multiplatform product enriched with even more enterprise features.

avatar
1 Comment
  1. Daren Dozier 3 months ago

    Riccardo Bicelli,
    Great review of TRMM. I am using TRMM in a closed environment and want to bring it to production. Do you know of any companies using this in production?

Leave a reply

Your email address will not be published.

*

© 4sysops 2006 - 2022

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account