Posts

MeshCentral - Support for User Groups

Image
MeshCentral is being used in increasingly larger and more complex environments and so, the user community has been asking for features that will enable larger deployments. One of the most important asks has been user groups support, that is, being able to group many users into a user group and assigning a user group a single set of permissions to devices. This way, you can have many technicians in a group and assign the permission only once to a set of devices. This makes permission management much simpler. In this new version of MeshCentral, user groups are now fully supported. In details:
User Group Management. As an administrator, you can now go in “My Users”, “Groups” sub tab and create or remote users groups. You can also duplicate an existing group making it easy to create an new group using permissions from an existing group. Once created, you can click on a group and edit the name, description and members of a group.Improved Device Group Permissions. Once a user group has been …

MeshCentral - 2019 Review and New Features

Image
2019 has been a wonderful year for MeshCentral. The code base has gained many new features over the year, but what is even more impressive is the GitHub community around the project. Here is the MeshCentral 2019 Year in Review (PDF), it gives a nice overview of the community and interest around MeshCentral. There are a bunch more big features being worked on, but for now here are just some of the features that here added at the end of 2019.
Dutch translation. Peter van Vlijman is our latest community volunteer to contribute a language translation to MeshCentral. After Czech and Portuguese translations announced last time, Peter contributed the Dutch translation and continues to improve the Dutch version and keep up with updates. Thanks Peter for your hard work!Device Group Summary. When clicking on a device group, there is now a new “Summary” tab that shows live graphs of the computers in this group. Just like the rest of the MeshCentral user interface that is fully real-time, the grap…

MeshCentral2 - Language Support, Terminal, File Editor

Image
One of the great things about being open source project is that there is a growing community of people willing to help. One area that helps a lot is with translation into other languages. A few months back, MeshCentral got the capability to be translated into other languages, this is still ongoing work as more improvements in this area are ongoing. Community volunteers in the last month have translated MeshCentral to Czech (Thanks Martin) and Portuguese (Thanks Carlos). In the last weeks, a new online translator tool was added to MeshCentral along with more features. In details:
New Built-in Translation Tool. MeshCentral now has a built-in web-based translation tool. If you are site administrator on a MeshCentral server, you can access this new page from the localization settings dialog box. The new tool allows you to see all the MeshCentral strings, change string for any supported language, save them back to the server and have the server re-translate the web pages to see immediate re…

MeshCentral2 - Next Generation Mesh Agent

Image
On Thanksgiving day, MeshCentral got a major new update with the release of the next-generation Mesh Agent that has been over 4 months in the making. When installing MeshCentral v0.4.5-b or higher, the server will automatically update all agents with the more capable next generation agent. Probably the most awaited feature that comes with this agent is the new remote desktop privacy bar. When enabled, this displays a bar at the top of the remote device when doing a remote desktop session indicating that the system is being remote controlled and by who. In addition, the terminal was significantly improved for the latest Windows10 along with wall paper toggling and more. In details:
Remote Desktop Privacy Bar. With this new update, you can now configure the device group to show a remote privacy bar at the top of the remote device’s screen indicating that the device is being controlled and by who. This privacy bar is built to work on Windows and many Linux distributions. In addition, when…

MeshCentral2 - Let's Encrypt & Security Improvements

Image
As MeshCentral is being used by some as an internet facing server, it's important that as many industry standard security features be implemented. In the past weeks, MeshCentral and MeshCommander got more releases to continue to move security forward. From improved Let's Encrypt support to MeshCommander support for two-factor authentication, a lot of improvements have been made. Here is a list of the big ones:
GreenLockv3 support. MeshCentral has built-in support for getting and auto-renewing TLS certificates using Let's Encrypt which is a free CA service for web servers. Let's Encrypt updated it's validation protocol and is dropping support for the old protocol on December 1st requiring that everyone move to the new version. In the last week MeshCentral switched to using GreenLock v3 and made improvements. For example, MeshCentral will first try to get a Let's Encrypt staging certificate to test that everything is working before getting a production one.Invalid…

MeshCentral2 - Multi-Language Support

Image
MeshCentral is already widely used and some from the GitHub community has already taken the step to translate MeshCentral into other languages. Until now MeshCentral did not support multiple languages but this is changing today as an updated version was just published that has multi-language support. As one can imagine, with about 1400 different strings (not including duplicates) the work required make MeshCentral support a different language is significant. We have come up with a new system that makes the process fairly painless. Here are the details:
First, the MeshCentral web pages including the main web application and mobile application have been changed so that all JavaScript strings that need to be translated are double-quoted “” and non-translatable strings are single quoted ‘’. This makes is possible to automatically parse and extract all strings that need translation.Next, a new string extractor is packaged in MeshCentral that parses the HTML and JavaScript of all web pages a…

MeshCentral2 - Security, DB Record Encryption, Vault support

Image
Because MeshCentral is a web site that has control over a lot of devices, security is super important. MeshCentral already implements two-factor authentication, FIDO2 hardware keys support and much more. In the last few months, we added even more security features to insure that compute assets are as protected as possible. Here are some of the security features that were added recently:
Database Partial Record Encryption. When saving data in the database, some of the fields will need to be indexed for fast retrieval, but some of the data is sensitive such as account two-factor keys and Intel® AMT credentials. For these values, MeshCentral now offers an optional additional encryption layer using AES256-GCM. Fields that are marked as sensitive are encrypted and encoded in a special _CRYPT value in the database. When reading the record back, MeshCentral decodes and places the sensitive fields back transparently to the rest of the server code. This feature can be used on top of encryption …