Architecture Overview

JFrog Connect was designed by and for developers of Linux-based IoT and edge devices in a wide range of industries.

A basic assumption from the start was that the IoT and edge devices could be in complex network environments with conditions such as:

  • Limited connectivity

  • Located behind firewalls without a public IP address

  • IT staff not available at remote sites

  • Devices deployed outside of the data center security perimeter

  • Many different hardware platforms and configurations

Client-Server Architecture

JFrog Connect is built with a robust client-server architecture scaling to support tens of thousands of edge devices.


The client consists of the Connect Agent running on the edge or IoT device. Connect Agent communicates with the outside world (i.e., the Connect server) as a client only, without using any open ports or listening servers.

Connect Agent periodically sends heartbeats containing status information about the device including CPU, RAM, and disk usage and information about any processes being monitored. The timeout between those heartbeats, also called the Communication Cycle, is configurable per project in the web UI.


The Connect server manages all communications to and from the Connect Agents and performs a number of functions including the following:

  • Receives regular status and monitoring messages from the clients

  • Controls the software update process and all interactions with the agents including remote control and access, obtaining device details, and fetching files requested

  • Processes all interactions between the user interface and the Connect Agents

The Connect server can work in a cloud SaaS mode or in self-hosted mode. Unless specified otherwise, the user documentation describes the cloud SaaS mode. If you have questions specifically about the self-hosted mode, please contact us and we will be happy to discuss them with you.

Infrastructure Configurations

The Connect system supports a number of infrastructure configurations.

Multi-tenant SaaS

This includes a Connect account under a multi-tenant infrastructure, integrated with a single-tenant Artifactory for your software supply chain needs.

Private SaaS

In this arrangement, the complete environment is isolated, with both Connect and Artifactory hosted on one of the major cloud providers.

On Premises

This is an isolated, air-gapped environment, with Connect and Artifactory for setups that require separation from the outside world.

User Interface

The JFrog Connect console is a web UI that enables you full visibility and control of your devices. Using the console you can register devices, manage your fleet, check device status and details, create and deploy OTA updates, open a remote access session with an individual device, and take advantage of the full feature set described in the JFrog Connect Overview.


JFrog Connect provides a REST API enabling programmatic access and control, which is ideal for managing large fleets of devices. The REST API enables you to embed the JFrog Connect functionality into your CI/CD pipeline and deploy OTA updates as part of new application releases. You can also use the REST API to create a custom dashboard or integrate JFrog Connect information with an existing dashboard.


JFrog Connect adheres to industry standards and complies with relevant security and safety regulations to ensure the security of your data. Connect is also dedicated to enabling you to comply with your own internal security policies.

Connect Multi-Tenant Cloud Architecture

The Connect servers, databases, storage, and cloud environment are all based on AWS products with AES-256 encryption and live zone fallback combined with an extra layer of security, a separate Amazon Virtual Private Cloud (Amazon VPC).

JFrog Platform Integration

You can use JFrog Connect standalone to manage your IoT devices at scale, or as part of the JFrog Software Supply Chain Platform to get the full power of the JFrog platform. JFrog Connect is fully integrated with the rest of the JFrog supply chain platform, empowering developers to automate DevSecOps activities with best practices and continuous governance from developer to device.

JFrog Artifactory Edge

Connect supports configuration with JFrog Artifactory Edge. Artifactory Edge (an "edge node") is an edition of JFrog Artifactory whose available features have been customized to serve the primary purpose of distributing software to a runtime such as a data center.

What’s Next?

Last updated