MeshCentral - Intel AMT Super MPS & Manager

In the past two weeks MeshCentral got a lot of infrastructure improvements for handling Intel® AMT. For anyone that is familiar with this technology, there are many ways to communicate with Intel® AMT and supporting them all using a clean design is difficult. This is exactly what MeshCentral now accomplishes with it’s new Super MPS and AMT Manager modules and use and a new ultra-configurable server-side WSMAN stack. The result is a beautiful design and leads seamless Intel® AMT usages. In detail:

  • Super MPS. MeshCentral how has an improved Management Presence Server (MPS) that can receive tunneling connections from both TCP/TLS and WebSocket and can handle many connections targeting the same device. Since each Intel® AMT device can only connect CIRA once, why would this matter? The CIRA protocol is a great tunneling protocol for LMS and future relay software. This allowed MeshCentral to reach Intel AMT in many ways while keeping a simple and clean design.
  • MeshAgent CIRA client. Thanks to Joko Sastriawan for this code, the MeshCentral agent is now capable is initiating a CIRA-like connection to the server for the purpose of relaying LMS traffic. This CIRA connection uses WebSockets as the transport, but otherwise uses the same “APF” protocol as a regular CIRA connection. MeshCentral can then attach it’s WSMAN stack to a channel within this connection to configure a device thru LMS.
  • Intel® AMT Manager. MeshCentral has a new management module for Intel® AMT. When an Intel® AMT device is detected on the local network or thru one or more CIRA connections, the management module binds a WSMAN stack to a new channel and attempts to connect. It will automatically try TLS or non-TLS using credentials stored in the database or by trying out a list of provided usernames and passwords to find the right one. Once connected, it will sync the clock, poll the power state and more.
  • Intel® AMT power state. The new manager module will automatically poll for Intel® AMT power state and display this on the web site. Because Intel® AMT can be polled when the computer is Soft-Off, Sleeping or Hibernating, these new states now show up on the web site. Polling occurs every 5 minutes. In addition, the manager module will perform system wake when requested, this supplements existing support for Wake-on-LAN.
  • Hardware Inventory. If you setup an agent-less device group and place one or more Intel® AMT devices in that group, the new management module will automatically pull the Intel® AMT hardware inventory and save it in the MeshCentral database. This information will then populate the device’s “Details” tab with CPU, BIOS, Motherboard, Networking and Media devices. As you see in the last picture below, the new information is much like what the MeshAgent would get, but without the need for an OS agent.

Most of the work above is infrastructure that needed to be built in order to support future usages. As usual, feedback is appreciated. If you see any problems and need support on something, please create a new issue on GitHub or help other users.

Enjoy,
Ylian
Twitter: https://twitter.com/meshcentral
Reddit: https://www.reddit.com/r/MeshCentral/
GitHub: https://github.com/Ylianst/MeshCentral/issues
MeshCentral2: http://www.meshcommander.com/meshcentral2






Popular posts from this blog

Starting work at Microsoft

Image
Hi everyone. It’s been a while since the last blog post and I wanted up update everyone on what is going on. As many of you know already from a discussion on GitHub , Bryan and I have been laid-off from Intel in early November 2022. This was quite a surprise as MeshCentral, MeshCommander, MeshCMD and other tools where widely used. This said, Intel has been having poor financials and Bryan and I where part of a very large first wave of downsizing by the company that involved many people that I know and worked with for a long time. I had been working for Intel for over 25 years having started in September 1998. Over the years I worked on IPsec key negotiation, Universal Plug & Play, DLNA and Intel® AMT. I loved working on all these projects and especially loved working with the open-source community on Mesh projects. Obviously, this was not my decision and Bryan and I had look for what comes next. One option was to continue working on MeshCentral as part of another company or with
Read more

MeshCentral - Windows ARM64, NodeJS v11, NPM Packages

Image
Hi all. It's been a while since I last posted and now that I am settling a bit more in my work at Microsoft, I have a bit of time to occasionally look after MeshCentral again. It's about time, there where a bunch of things that needed to get fixed. Before that, I want to say that I am doing great. I am working on Microsoft Forms which is one of the offerings of Microsoft 365. For kicks, I started a YouTube channel on Microsoft Forms here during a Microsoft hacking week. I tried to up my game since the videos I last published for MeshCentral. Also, I wanted to share pictures below. I was at a Tesla Supercharger last weekend and, by luck, got to see a Tesla Cybertruck in person. It's very big. Obviously, this is a release candidate driven by a Tesla employee. I saw it after attempting to see the solar eclipse over Oregon, but sadly, too many clouds and saw nothing. In any case, back to MeshCentral. In the last few months a few things have happened with the new releases. Wind
Read more

MeshCentral - New Windows Agents - Installation Dialog, Customization and Server Lock

Image
Lots is going on with MeshCentral, just yesterday Bryan Roe released a new MeshAgent for Windows with many improvements. An improved installation dialog box, logo customization and, to continue MeshCentral’s leadership in security, a new agent code signing locking feature that will surely be used by many to improve trust and security of their MeshCentral installation. In addition to this, we have many more server improvements to cover. In detail: MeshAgent with improved installation dialog box . The new MeshAgent for Windows is much improved with months of changes and bug fixes. The most noticeable feature is by far the new installation dialog with the new logo and connection details button. The new installer is a lot friendlier and easier on end-users. MeshAgent with improved customizations . In addition to all the existing agent customizations available in prior versions, the MeshAgent has new server settings for the installation text and logo. You can now set your own 200x200 PNG c
Read more