Fleet & edge management
Manage hundreds of edge agents from one console.
Edge agents are useless if they cost more to operate than they deliver. Indentia ships a fleet console that scales — device groups, signed updates, live event streams and remote browse — with no inbound ports on the devices themselves.
Capabilities
Six controls. One operational surface.
Device groups
Group hundreds of edge agents by site, role or tenant. Issue commands, push policy and roll out updates to a group instead of one device at a time.
Signed self-updates
Every agent binary is minisign-signed. The on-device agent verifies the signature before applying. A signed `/agent/versions/{platform}/{arch}` manifest tells each device which version it should be on.
Live event streams
Per-device Server-Sent Events with a replay ring buffer. Reconnect after a network blip and replay missed events — no holes in the timeline.
WSS control channel
Devices initiate an outbound WebSocket-Secure connection. No inbound ports on the device side; the platform reaches devices through their own connection.
Remote browse & fetch
List directories on a remote device, fetch a file, run a scoped command. All actions authorised, audited and bounded by the device's registered scope.
Server-side credential vault
Per-device secret vault on the platform, synced down to the agent over the signed WSS channel. Archive passwords and source credentials never leave your perimeter.
Outbound-only by design
Devices reach the platform. The platform never has to reach in.
Every device opens an outbound WSS connection on boot. The platform delivers commands, file requests and updates back through that same connection. Network-team friction drops to zero — no inbound firewall rules, no port-forwards, no jump-hosts. Pairs naturally with our IndentiaLocal edge agent and the NATS event mesh.