Mainflux IoT management solution for remote onboarding
monitoring, and management of IoT gateways and devices at scale.
It delivers efficiency of development and maintenance, reducing
operating cost, and maximizing device uptime.

iot device management edgeflux


Deployment of IoT devices and the complete technology stack that support it is just the first phase of the IoT solution. Considering that many IoT deployments consists of a huge number of gateways and different devices,a successful IoT solution requires their remote maintenance and management.

Mainflux remote device and gateways management ensures the secure and proper functioning of multiple IoT devices and gateways after they have been deployed.

A full range of Mainflux IoT Device Management functionalities includes fast device onboarding with bulk provisioning, in-depth visibility of device status, its performance metrics and security issues, logical groupings of devices into hierarchical structures and software and firmware update actions.

Device Onboarding

• Device discovery and connection

• Provisioning and Registration

• Device authentication

Device Monitoring & Diagnostics

• Remote device monitoring and troubleshooting

• Predictive maintenance

Device Management

• Secure device data transfer to cloud

• Device organization and configuration

• Device location across the entire device fleet in real-time

Device Updates

• Remote software and firmware updates (OTA)

• Reboots, factory resets, and security patches, bug fixes

• New feature enhancements


Mainflux IoT Edge Gateways works within system which consists following components:

1) Devices - Sensors and actuators

2) IoT Edge Computing Gateway - MFX-1 with based on Mainflux IoT Platform

3) Mainflux IoT Core Platform - Open-source patent – free IoT Platform

4) Mainflux UI - A system for remote device and gateways management

Mainflux IoT Core Platform and UI – Remote Gateway Management

Mainflux IoT Core Platform accepts connections from the gateways on the south side. Each gateway has dedicated channels (at least).
On the north side, Mainflux is connected to UI, and serves as a middleware (messaging bridge) between gateway management and data acquisition apps in the cloud and thousands of remote gateways in the field.

IoT device managament

Mainflux has several important roles:

• Control plane communication - commands for gateway management

• Data plane communication - data acquisition and storage

• Bootstrapping - initial gateway config, plug-and-play for factory devices

Mainflux UI gives visualisation and monitoring of the gateways:

• Metrics from each of the gateway (CPU, memory, networking)

• Map geopositioning

• Various logs

One of the most important features of remote gateway management are Secure Remote Terminal and Secure Remote Browser.

Secure Remote Terminal

Secure Remote Terminal is basically Linux terminal - to - MQTT(S) proxy, that lets apps in the cloud open remote and secure SSH-like sessions,
but without a need for heavy VPN infrastructure to be maintained (these infrastructures in the cloud present heavy burden for operators,
as they are complex and expensive. Moreover, gateways act as SSH servers and need to keep ports open to accept connections).

Gateway MQTT connections are client initiated (no need to open extra ports on gateway), secured with PKI X.509 certificates and encrypted via mTLS.

This innovation allows very lightweight, simple and secure logging into each of remote gateways, executing commands interactively, opening and editing files, debugging and so on.

This innovation allows very lightweight, simple and secure logging into each of remote gateways, executing commands interactively, opening and editing files, debugging and so on.

 Diagram of Agent daemon which has to be deployed in to the  IoT gateway and serves as bridge between remote IoT gateway and Edgeflux

Secure Remote Browser

Similar to Secure Remote Terminal, Secure Remote Browser is HTTP-to-MQTT proxy, that bundles HTTP requests and responses into MQTT messages.
These HTTP req/resp are executed on a gateway itself, as often on the gateway there is a local web browser that serves configuration or other web pages.
Typically these web servers on gateways are accessed via VPN, which again means that gateway needs to keep port 80 open as well.

Mainflux Edge avoids heavy VPN infrastructure, and uses lightweight technology to wrap HTML content into secure MQTT messages and send them
to the cloud, where this content is examined in the browser and acts like the browser actually accessed the server on the gateway itself.

Again - benefits are simplified infrastructure and higher security, as MQTT connections are client-initiated, so gateways can close port 80
(and all other ports) for external access.

Mainflux IoT Agent - Linux Daemon Agent – Gateway Remote Management Enabler

Mainflux IoT Agent is a Linux daemon agent that runs on the remote gateway and connects to Mainflux cloud in order to enable remote management,
monitoring and alerting and the Control Plane of the gateway. It is subscribed via MQTT to Mainflux IoT Core Platform on the CMD channel.
It gets commands from Mainflux, executes them on the gateway and returns responses to Mainflux.

It configures and manages all other services on the gateway, as well as aforementioned remote terminal and remote browser.

Diagram of Agent daemon which has to be deployed in to the  IoT gateway and serves as bridge between remote IoT gateway and Edgeflux

Export Service – Gateway Data Acquisition With Buffering

Export service is used to send data from gateway to Mainflux cloud. One of the common problems with IoT gateways are intermittent connections due poor network reliability (especially with moving objects). Export service is an intelligent service: it constantly monitors the network availability and in the case of disconnection it buffers data locally, so none of the data points are lost. When the network comes back on, Export service sends a buffered data stream
to the cloud while preserving order of messages.


  • Bootstrapping
  • Mainflux provides gateway auto-conf and onboarding via Bootstrapping Server

  • Secure Without Need For VPN
  • VPN is traditionally used for secure tunnel, remote terminal and desktop. However - it is difficult (and expensive) to configure and maintain it. With Mainflux security there is not need for the secure tunnel. Additionally, a remote terminal can be implemented as a Mainflux app. For most IoT apps, remote desktop is not necessary, as IoT gateways are “headless”.

  • Remote Terminal
  • The remote terminal can be implemented as a Mainflux app over MQTT. Part of this app is the MQTT client on the gateway, embedded in Edgeflux Agent daemon. Another part is the UI app on the top of the Mainflux presenting the actual terminal.

  • Data Storage and Graphs
  • Mainflux provides data storage. Edgeflux UI can additionally provide graphing this data.This way users get not only gateway management system, but also comprehensive end-to-end IoT solution.


Dashflux is a rich UI for the control and management of Mainflux Core services, LoRa adapter, gateways (through the Agent deamon service running in the gateways) and devices connected to it via Mainflux IoT Platform. The UI is separated into 5 parts: - Dashboard - Things - LoRa - Edge - Admin.

remote device management dashboard for device and gateway location remote device management dashboard for gateways provisioning remote device management dashboard for gateway configuration remote device management dashboard for gateway configuration