Meshcentral High Level Architecture
Download 0.87 Mb. View original pdf
|
| 4. Swarm Server The swarm server is a C application that runs on one or more server and is built to speak the binary language that mesh agents and mesh consoles (tools) use to do complex operations. Much like ASP.net speaks HTTP, the swarm server has its own port and speaks its own protocol. We opted to use a binary protocol to facilitate transferring bulk data for socket relay and to keep the protocol very efficient. Here is a more complete overview of the Swarm Server. When first starting up, the swarm service loads many settings from a text configuration file. If many swarm servers are running, each instance must have its own configuration file. The file indicates the certificates to use, ports to bind to, MSMQ settings and more. The logs generated by the swarm service into log files are indented to help debug the software they include all exceptions and unexpected failures. High Level Architecture MeshCentral.com 7 The only exposed public port is port 8080 , it’s used by various actors but the most frequent by far is mesh agents who connects to the server and authenticate based on their mesh policy. Port 8080 is secured using Microsoft NET TLS. TLS connections that use a TLS client certificate are mesh agents, other TLS connections that don’t use a client certificate are mesh tools or TCP relay requests. Port 8088 is identical to port 8080 except that it is not authenticated and must only be exposed to “localhost” or to the swarm server’s private network. When a connection arrived on this port, it’s assumed to already be authenticated and coming from a trusted entity. Currently the AJAX server makes use of this port. Two other API’s are used to access the database (Microsoft SQL Server) and the message queue (Microsoft Queuing Server. The queuing server is setup using parameters found in the configuration file, there is one inbound queue and one or more outbound queue can be setup. In general, commands sent to the queue must be received by all other components. The commands content is binary. Download 0.87 Mb. Share with your friends:
|