MeshCentral Blog

While Intel AMT is not required for MeshCentral to manage remote computers, it offers benefits of having an OS independent hardware-based agent built into the platform. In the last month, MeshCentral has had significant improvements on how it handles Intel AMT and now, MeshCentral is capable of fully automating many of the tasks of activating and configuring Intel AMT and deriving value from the feature. Intel® AMT Fully Automatic Policy . MeshCentral has a new, “Fully Automatic” policy for handing Intel AMT. Just set it and MeshCentral will attempt to take advantage of hardware manageability to it’s fullest. It will activate AMT, configure TLS, sync the clocks and setup Client Initiated Remote Access (CIRA) all fully automatically. If a device is already in CCM mode with unknown credentials, it will be automatically re-activated. This and much more makes it super easy to use Intel AMT. Check out the YouTube Demonstration video to see this works and how administrators see real time re...

In the past two weeks MeshCentral got a lot of infrastructure improvements for handling Intel® AMT. For anyone that is familiar with this technology, there are many ways to communicate with Intel® AMT and supporting them all using a clean design is difficult. This is exactly what MeshCentral now accomplishes with it’s new Super MPS and AMT Manager modules and use and a new ultra-configurable server-side WSMAN stack. The result is a beautiful design and leads seamless Intel® AMT usages. In detail: Super MPS . MeshCentral how has an improved Management Presence Server (MPS) that can receive tunneling connections from both TCP/TLS and WebSocket and can handle many connections targeting the same device. Since each Intel® AMT device can only connect CIRA once, why would this matter? The CIRA protocol is a great tunneling protocol for LMS and future relay software. This allowed MeshCentral to reach Intel AMT in many ways while keeping a simple and clean design. MeshAgent CIRA client . Thanks...

This week we have an exciting new experimental tool for MeshCentral called the “MeshCentral Assistant” . This is a Windows tray icon tool that runs alongside the MeshAgent and will monitor and report in real time the state of the agent, what remote sessions are active, the state of Intel AMT and allows the users to request help. To try this tool, administrators must first update to MeshCentral v0.6.61. Let’s look at the features of this new tool: MeshAgent monitoring. The tray icon tool will monitor the state of the agent and report if that Windows service is running and if the agent is connected to the MeshCentral server. MeshCentral assistant can obtain this information because the MeshAgent has a new named pipe communication channel can be used on the local platform to get live state changes from the agent. The tool does not poll the agent, instead the pipe is connected, and the agent will send events when anything changes. Request help. Users can now request help thru the new app...

There is so much to announce this week, I must send the announcement right away before it gets too big. One of the important features of MeshCentral that is often overlooked is its fine grain access control. You can delegate to a user an exact set of permissions to an exact set of devices. To do this, there is a complex system to determine what rights a user has on each device. This week, we added two more access control rights to make granting user permissions even more precise. This is just one of many new features. In detail: New “Remote Command” and “Reset/Off” access rights . Previously, you could ask the mesh agent to remotely execute a command or power off a computer if the user had the “Remote Control” permission. These operations are now their own access right that must be given to a user separately. This is the result of a request made by a GitHub community member and allows a user to be given, for example, the right to remotely run commands without remote desktop access. Imp...