MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this...

18
MeshCentra l

TAGS:

Transcript of MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this...

Page 1: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentralTechnical Presentation

Page 2: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in problem with no network setup

Meshcentral

Peer-to-peer network

2

Page 3: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Mesh Agent runs on:

• Microsoft Windows (32bit & 64bit)

• Apple Mac OSX (x86)• Linux (x86, 64bit, MIPS, ARMv6)• Raspberry Pi & PogoPlug (ARMv6)• Xen (x86)

• Google Android (x86, ARM)

Agent is open source.All Mesh Code is 100% Intel.

3

Mesh AgentSource Code

VisualStudio

GCCCross-

Compile

AndroidSDK

Page 4: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

TerminalCommand Shell

LocationWiFi reporting

R-WakeIntel® Remote

Wake

TLSClient

TCP ForwardIntel® AMT ForwardUDP

16990

TCP 16990

UDP 16991

TCP 16991

Intel® AMT

Serial-over-LAN

TCP Forward

SupportLibraries

Microstack OpenSSL SQLite

MESH

P2PModule

S-UDPServer / Multicast

HTTPSServer

Guardpost

ManagementModule

STUNClient

SR-UDPFirewall Buster

TLSServer

SerialCOM Port

TCP10 Relay Sockets

WMIManagement

LMS/MEIIntel® AMT

DesktopRemoting

FilesRemote Access

TCP5 Relay Sockets

Intel® AMT

Mesh Server Intel® Smart Connect Agent

CryptoAPI

Intel® Remote Wake

Intel® IdentityProtection Technology

Intel® Active ManagementTechnology

Trusted Platform Module

Wake-on-LANSupport

AES Acceleration(AES-NI)

Digital Random Generator(RDRAND)

- Agent Design

WebRTCData Channel

Web Browser

Page 5: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Mesh Agents are signed and self-updating from the server and from other agents. Scalable update and agents.Over 100 agents updates have been this way.

Meshcentral

5

Page 6: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Mesh agents have their own messaging API application can use to unicast to a single agent, or multicast in the P2P network.In both cases, the message will “hop” from node-to-node.

6

Hopping Unicast Message

Hopping Multicast Message

Page 7: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Web based remote desktop encodes the desktop as JPEG images and sends them to a web or C# client. The web client uses an HTML5 canvas to display the decoded output and capture input.

7

Windows, Linux, OSXMesh Agent

HTML5 Browser

JPEG Images

Input CommandsKeyboard, Mouse,

Touch

Page 8: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Secure Direct Connections Behind NAT’s• Agents have STUN support and a WebRTC data

channel stack.• Management traffic can flow directly from a console to

a relay agent within a network.• Use direct tunnel for any TCP traffic: KVM, Files, Intel®

vPro… Meshcentral

8

STUN Server

Router NATBarrier

WebRTC / STUN

TURN Server

WebRTC / TURN

Web Socket

Page 9: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Mesh Server Direct Connections• If the Mesh server is installed in an intranet

environment, a the server direct mode can be enabled.

• Nodes are checked to see if they are directly routable.• Server initiates TCP connects to routable nodes.• No relay agents needed.

Meshcentral

9

Server and some clients are the same

network

Mesh Server initiates TCP connections

Page 10: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Intel® vPro support• Monitors Intel® vPro computers in sleep states• Solves four big deployment problems with Intel® vPro:

Discovery, Credentials, Remote Access & Provisioning• Remote access to BIOS, boot repair OS…

Meshcentral

Out-of-bandCommunication

10

Intel® vProP2P Monitoring

Page 11: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Remote access to private web pages. A routing cookie is sent to the browser along with a redirection to a different web port. Each HTTP request is forwarded over the P2P network.

Meshcentral

11

Relay Agent

Target HTTPServer

Routing Cookie& Redirect

HTTP Traffic

Page 12: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Intel® vPro Fast Call for Help (CIRA) support• Built-in support for Intel® AMT remote access

connections.• Traffic automatically routed to CIRA when possible.• All applications API’s stay the same, identical security

model.

Meshcentral

12

Out-of-bandCommunication

Intel® AMT 4.0+

Javascript WSMAN Stack(Used for Web Applications)

Page 13: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Intel® vPro traffic is routed 3 ways- Agent Relay, CIRA and Direct.

Meshcentral

13

Proxy / NAT

NAT

DirectRouting

AgentRelay

CIRARouting

Page 14: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Intel® vPro events- Correctly routed when coming over a CIRA channel

14

Meshcentral

NAT

CIRARouting

Page 15: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

The Meshcentral multi-display feature uses both Websockets and WebRTC for more efficient traffic handling.

15

Meshcentral new Multi-Desktop feature.

Monitor many computer’s screens at once.

Efficient use of a single Web Socket to relay

all of the desktop thru Meshcentral

If the browser supports it, create many WebRTC connections to the target

computer for even more efficiency & speed

Page 16: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Developer API’s are available for writing new usages on top of the mesh infrastructure. Web, agent and control API’s provide developers with flexibility.

Meshcentral

Online web APIEnumerate devicesRemote power controlRemote messagingRemote TCP streaming

Local Control APIEnumerate devicesLocal power controlLocal messaging

Agent APIInter-agent messagingBroadcast messagingCapability search

16

Page 17: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral

Main site

meshcentral.com

Information

info.meshcentral.com

17

Page 18: MeshCentral Technical Presentation. MeshCentral Based on a local peer-to-peer mesh of agents, this secure and scalable architecture solves the outside-in.

MeshCentral.com

18


Kaspersky for Business - Ibis Instruments · *The Gartner Peer Insights Customer Choice Logo is a ... Kaspersky Security for Mobile solves these issues by providing multi-layered

Kaspersky for Business - Ibis Instruments · *The Gartner Peer Insights Customer Choice Logo is a ... Kaspersky Security for Mobile solves these issues by providing multi-layered

Via response Solves 8 Big Problems

Via response Solves 8 Big Problems

MeshCentral Installing & using on Intel® Galileo.

MeshCentral Installing & using on Intel® Galileo.

New DNA technology solves cold case

New DNA technology solves cold case

Censor Chen Ingeniously Solves the Case

Censor Chen Ingeniously Solves the Case

Plasma Diagnostic Solves Steel Industry Problem

Plasma Diagnostic Solves Steel Industry Problem

Nielsen solves the digital puzzle

Nielsen solves the digital puzzle

Hannah Solves Inequalities

Hannah Solves Inequalities

Breakthrough Technology Solves World Energy Crisis1

Breakthrough Technology Solves World Energy Crisis1

CSS Solves Paperk bjk

CSS Solves Paperk bjk

How Unipart solves the productivity puzzle

How Unipart solves the productivity puzzle

EE Times - IBM Solves Quantum Computing

EE Times - IBM Solves Quantum Computing

Only the Network Solves the Impossible

Only the Network Solves the Impossible

Computer Simulation Solves Conveyor Problems

Computer Simulation Solves Conveyor Problems

MeshCentral Installing & using on Android devices

MeshCentral Installing & using on Android devices

How KC solves world problems

How KC solves world problems

Sceneverse Solves Web 2.0 Paradoxes

Sceneverse Solves Web 2.0 Paradoxes

MeshCentral Installing & using Intel® Remote Wake.

MeshCentral Installing & using Intel® Remote Wake.

10th arithmetic progression solves questions

10th arithmetic progression solves questions

Briquetting Plant Solves Our Top Environmental Issues

Briquetting Plant Solves Our Top Environmental Issues