Remote File Access. Fully access files on any system remotely including download, up-load, rename, creating new folders and more. The storage of your own devices ac-cessible from anywhere.
Power State Monitor & Control. Trace when a device is powered on and use your existing live devices to send Wake-on-LAN commands on remote networks allowing remote device power management.
Text and Video Chat. While performing a remote support session, you can initiate a chat session with the remote user. If WebRTC is available, you can even perform a live audit and video chat
Port Forwarding. Use the router tool to map any local TCP or UDP ports on your local machine to ports on remote devices. Per-form RDP or SSH sessions to devices any-where on the Internet.
Multi-OS Support.The server is built on NodeJS and can be installed on any major operating system. The agent is build in C and has ports for 32 and 64bit Windows, Linux (x86 & ARM), MacOS and FreeBSD.
Multi-User. MeshCentral fully supports mul-ti-user and multitenancy permitting servers to be used by many people at once with different permissions on device groups for efficient server use.
Intel Active Management Technology.By optionally using Intel® AMT when available, administrators can remotely power on, boot to BIOS and manage a system regardless of the operating system state
Activity Logs.Trace what users are doing on remote devices with a real-time event log that can be filtered per device or per user. Perfect for auditing management operations.
Server File Storage.Use the server as a file store to upload, download and make files available for public access. Makes it easy to use your MeshCentral server as a cloud file storage server.
Session Recording. Remote desktop, termi-nal and Intel AMT KVM sessions can all op-tionally be recorded by the server for later playback adding an additional layer ofauditing capability.
MeshCentral was architected from the start with both security and easy of use in mind. This document highlights the security features present in MeshCentral that make is unique as an open source remote management server.
Two Factor Authentication. Passwords are not sufficient to protect users anymore. With support for two factor authentication, remotely managed assets are better pro-tected against password disclosures.
HTTP Content Security. To secure against any possibility of unwanted cross-site scripting and other attacks, MeshCentral’s HTTP headers includes browser instructions to limit the source of content that is loaded.
Let’s Encrypt Support.With built-in support for Let’s Encrypt, MeshCentral can obtain a valid TLS certificate for the domain name and auto-renew the certificates making it easy to establish trust to users.
FIDO2 support. With built-in support for hardware authentication keys (Bluetooth, USB and NFC) administrator can setup an extra factor of authentication that defends against fishing attacks.
Strong Cryptography.By default, strong cryptography is used including SHA385, AES256 and RSA3072. This is a step above the industry and recommended good prac-tice for quantum computer resistance.
IP address token binding. All session tokens and cookies generated by MeshCentral are bound to the requester’s source IP address making it impossible for malware stolen tokens to be reused at a different location.
Use of TLS 1.3.Strong security includes use of strong cryptographic transport protocols. MeshCentral makes use of TLS 1.3 on it’s HTTPS port 443 and disables use of weaker generations of TLS on that port.
Reverse Proxy Support. By supporting re-verse proxies, MeshCentral can be installed in most modern data centers without having MeshCentral know the main HTTPS private certificate key.
Strong Password Enforcement.By optional-ly requiring that users make use of strong passwords and requiring use of two-factor authentication, user accounts security can be improved.
HashiCorp Vault Support.MeshCentral can be configured to retrieve and store all con-figurations settings and secrets in Vault, making the server stateless and adding an extra layer of protection.
Database Record Encryption.If enabled, MeshCentral will encrypt all sensitive fields before storing then in the database. This can be done in addition to database provid-ed encryption for extra security.
Strong Password Hashing.By default, MeshCentral account passwords are hashed using PBKDF2 with 12000 rounds of SHA384 and a 128 byte long salt providing security and dictionary attack resistance.