Agent-based vs Agentless monitoring: A Comparison
What is Agent-based network monitoring?
As the name suggests, an agent-based network monitoring technique uses agents to monitor the devices in a network. The agents are installed on the devices that need to be monitored. These agents are in constant contact with the network monitoring tool and are involved in data collection. The collected data is then sent to the monitoring tool for tracking and management.
What is an Agent?
An agent is a lightweight software application that is installed in the end devices to monitor their performance. Agents collect the monitor data by themselves and send it to the main server for further tracking and analysis. The information flow is not bidirectional but unidirectional i.e. only the agent can contact the main server and not the other way around. Agents reduce the workload on the main server by collecting data all by themselves. Furthermore, even when the OpManager MSP probe server is down, no data is lost since the agent collects and stores data even if the prime server is under maintenance.
Strengths:
- Dependent protocols like WMI/ SNMP doesn't have to be enabled in the end system.
- Single way HTTPS outbound connection from end machine to OpManager MSP probe server doesn't call for inbound connection requests to the end machine.
- Enabling of necessary ports will suffice rather than enabling all the ports.
- Monitor data is collected even when OpManager MSP probe is down.
- Public exposure activities such as opening ports, allowing outside network requests are not needed.
- This monitoring technique is much more secure.
- Agent-based monitored devices do not log event 4672, indicating a device logon.
- ICMP or any other outbound connection is not required in OpManager MSP probe-installed server.
Shortcomings:
- Only windows systems are supported for the time being.
- Agent must be installed on all monitoring servers.
- Only limited monitor types are supported for the time being in OpManager MSP.
When to go for Agent-based Monitoring?
- When your credentials cannot be shared.
- When you cannot allow outside access requests to your network.
- When you cannot open your ports.
- Since WAN devices are movable, their IP address constantly changes. This can be best tackled by using agent-based monitoring technique.
- When your network has less number of devices.
What is agentless network monitoring?
Agentless network monitoring technique monitors the devices remotely with the use of protocols, rest APIs, third parties etc. Agentless network monitoring doesn't require the installation of agents on the network devices.
Strengths:
- Does not require the installation of agents.
- OpManager MSP supports a wide range of monitor types for agentless monitoring.
- Supports virtual hosts.
- Supports all kinds of servers.
Shortcomings:
- Credentials must be shared.
- Dependent protocols like WMI/ SNMP must be enabled in the end system.
- Dependent ports in end machine and OpManager MSP server must be enabled.
- When OpManager MSP is down, monitor data is not collected.
When to go for agentless monitoring?
- Agentless monitoring is best suited for network devices such as servers, switches, routers etc.
- When your network has virtual devices.
- When you don't want applications to be installed in your network.
The Network world is not the way it was before. Things are changing at an increasingly faster pace. Organizations are using networks that are getting more and more complex day by day. Such complexity calls the need for both agent and agentless monitoring techniques. Both agent and agentless monitoring techniques have their fair share of pros and cons. Hence, a network admin must leverage the pros and use techniques that are best for a given situation. Rather than focusing on what type of technique to be used, a network admin must focus on the end result and how to achieve it effectively.