Securely Control and Manage Your Remote IoT Devices

macchina.io REMOTE provides secure remote access via web (HTTP), shell (SSH), file transfer (SCP, SFTP), remote desktop (VNC, RDP) and other protocols to IoT devices behind routers or firewalls. No port forwarding, scarce public IPv4 addresses, or complex and inflexible VPNs required.

Try for Free
Secure Remote Access and Control of Your IoT Devices

Secured and authenticated remote access to...

Secure Remote Access to Web Applications

Web Applications

Secure remote access to web applications running on IoT devices or machines on private networks.

macchina.io REMOTE provides secure and transparent remote access to the built-in web server of an IoT or edge device, or any machine on a private network behind a NAT router or firewall. Access the web interface of your device from anywhere using any web browser.

Access REST APIs and TCP-based Protocols Remotely

APIs and Protocols

Remotely access REST APIs on devices or connect to industrial protocols such as Modbus TCP.

macchina.io REMOTE allows mobile apps to securely talk to REST APIs on remote IoT devices. Or remotely access TCP-based industrial protocols such as Modbus-TCP and OPC-UA on the shop floor, from desktop applications or cloud services.

Remote Access to SSH, File Transfer and Remote Desktop

Shell & Remote Desktop

Secure remote management via shell (SSH), file transfer (SFTP) and remote desktop (VNC & RDP).

macchina.io REMOTE provides secure remote forwarding of TCP-based protocols, including SSH, SFTP, VNC and RDP, for secure remote management, user assistance, troubleshooting and debugging.

Benefits

Secure Your IoT Device

The internet has become a dangerous place for devices. With macchina.io REMOTE, you don't have to expose your device to the internet using a public IP address or port forwarding on a NAT router. Your device can stay behind a firewall or router, and you can exactly control who is allowed to access it remotely (RBAC and 2FA) - leaving zero direct attack surface. Of course, all communication between your device and macchina.io REMOTE is encrypted with TLS.

Easy & Quick Deployment

A remote access solution with macchina.io REMOTE can be set up in less than one hour. The macchina.io REMOTE server can run on premises or on a virtual machine in the cloud - it's your choice. The macchina.io REMOTE device agent can be easily integrated into Linux-based devices or gateways, or can run on a Windows, macOS or Linux machine in the same network as the device. No changes to the network infrastructure are required in order to access the device.

Enhance Your Product and Service Offerings

macchina.io REMOTE provides secure remote access for your in-house support staff, external service partners, or end users. A powerful user management and permissions system controls who has access to which devices. Besides providing remote access for customer assistance, support, servicing and trouble-shooting, macchina.io REMOTE greatly simplifies integration of mobile apps or voice assistants with your devices.

Flexible & Cost Effective

The macchina.io REMOTE web user interface can be highly customized to fit your device design and branding. Plug-ins, REST APIs and webhooks allow deep integration with your own applications and systems.
Deploying a remote access solution based on macchina.io REMOTE is much more cost effective than rolling your own solution.

Features

Secure

The tunnel connections between device and macchina.io REMOTE server and also the connection between client (web browser) and macchina.io REMOTE server are secured using TLS. Furthermore, your devices are never exposed directly to the internet — they can safely stay behind a firewall or router, leaving zero direct attack surface. Access to macchina.io REMOTE can be protected with two-factor authentication (2FA) using time-based one-time passwords (TOTPs).

Works for Devices Behind NAT Routers and Firewalls

Through a secure tunnel to the macchina.io REMOTE server the edge device becomes just another host on the internet, addressable via its own URL and protected by macchina.io REMOTE against unauthorized or malicious access. No public or static IP address is required for the device.

Cloud-Ready and Scalable

The macchina.io REMOTE server typically runs on a virtual Linux server or in a container. It can be deployed on cloud service such as AWS or Azure, or on-premises. Multiple instances can be run in a load-balancing setup if required to reliably handle a very large number of simultaneously connected devices and user sessions. Metrics are exposed via a Prometheus/Open Metrics interface.

Flexible and Customizable

macchina.io REMOTE can be easily customized and extended via plugins to customize the user interface or add customer-specific features. It optionally supports LDAP for user authentication and provides REST APIs and webhooks for integration with customer-specific or third-party applications.

No VPN Required

macchina.io REMOTE does not require a VPN. Devices connect to macchina.io REMOTE using a TLS-protected WebSocket connection. This connection is then used for tunneling TCP connections to the device. Therefore, macchina.io REMOTE is the perfect solution in situations where a VPN cannot be used for technical or legal reasons, or where a VPN simply does not fit the requirements, e.g. if fine-grained access control is needed.

Supports All Kinds of Devices

macchina.io REMOTE works with home automation devices, monitoring and control systems for green energy facilities, remote automation and data acquisition devices, data loggers, device servers, IoT gateways, POS systems, IP cameras and network video recorders, telecommunication equipment, industrial automation systems (PLCs), remote edge computing infrastructure, or any other connected device. The device agent is available for multiple operating systems and hardware architectures.

Users and Permissions Management

macchina.io REMOTE supports flexible users and permissions management, including role-based access control (RBAC), via its web application, the REST API, or a command-line interface (CLI). This allows very fine-grained control of which users may access which devices (and which ports). For example, an end user may only access their own device, wheres service partners may access all their customer's devices. Or some users can only access the web application of a devices, and some may connect via SSH too.

API

The REST API provides full access to all device management features of the reflector server. Using the REST API, devices can be created and deleted, device properties can be retrieved, modified, added and deleted, and available devices can be queried. There is also a REST API for managing users and their roles and permissions (role-based access control).

Learn More

How to Provide Secure Remote Access to IoT Edge Devices


IoT in the Real World - Secure Remote Access for AGFEO, Their Service Partners and End Users


How to Evaluate Products for Secure IoT Remote Access

Get Started with a Free Account

Getting started with macchina.io REMOTE is done in a few easy steps and takes less than five minutes.

Ready to Deploy Your Own Server?

Please contact us for pricing and licensing information.