Meshcentral High Level Architecture



Download 0.87 Mb.
View original pdf
Page8/12
Date28.12.2020
Size0.87 Mb.
#55526
1   ...   4   5   6   7   8   9   10   11   12
nanopdf.com mesh-architecture
3.3 Mesh Server Connection
Now that we have addressed the inbound management and peer to peer ports, let’s turn our attention to the connection made by mesh agents to the central server. The connection is always initiated from the mesh agent to the server, this allows for router, firewall and proxy traversal. The server connection is authenticated and secured using a mutually authenticated TLS connection. Just like when peer-to-peer connections occur, each side of the connection infers the others parties identifier by performing a hash of the public key of the certificate. In the case of a server connection, the agent checks the mesh server’s certificate against its policy and the server infers the nodes identifier.

High Level Architecture
MeshCentral.com
6 The mesh agent connects to a component called the swarm server. The swarm server communicates to all mesh agents using binary commands that are secured using TLS. The mesh agent starts by sending the server its signed information block, then, other peer information is sent. The connection is kept open and often idle except for occasional 4 byte ping commands. Using this connection, the administrator can initiate operations such as power commands or TCP relay from the server to the local private network. All operations are authenticated and secured within the TLS connection. The mesh agent will also verify that the server is authorized to perform a remote operation by checking its mesh policy.

Download 0.87 Mb.

Share with your friends:
1   ...   4   5   6   7   8   9   10   11   12




The database is protected by copyright ©ininet.org 2024
send message

    Main page