Académique Documents
Professionnel Documents
Culture Documents
WHAT ARE THE APPROACHES, ADVANTAGES AND CHALLENGES OF DEPLOYING TECHNOLOGIES THAT USE AGENTS VERSUS AGENTLESS ONES?
SEPTEMBER 2011
ABSTRACT: We discuss the issues around deploying either agent-based or agentless technologies for successful IT operations. Companies need to understand the values of both and the operational ability of each approach. The decision reached is usually dependent on the data that needs to be collected, how often it is collected and what you want to do with the data. Purchasing decisions need to be determined by your data needs and the way your network is architected.
All rights reserved. No part of this document shall be reproduced, stored in a retrieval system, or transmitted by any means, electronic, mechanical, photocopying, recording, or otherwise, without permission from 1E. No patent liability is assumed with respect to the use of the information contained herein. Although every precaution has been taken in the preparation of this document, 1E and the author s assume no responsibility for errors or omissions. Neither is liability assumed for damages resulting from the information contained herein. The 1E name is a registered trademark of 1E in the UK, US and EC. The 1E logo is a registered trademark of 1E in the UK, EC and under the Madr id protocol. NightWatchman is a registered trademark in the US and EU.
Contents
Introduction .............................................................................................................................................................. 3 Why you want an agent working for you.................................................................................................................... 3 Why does running an agent lend itself to power management? ......................................................................... 3 Avoiding dependence on the network connection .............................................................................................. 3 Centralized security model ................................................................................................................................. 4 Minimize network hassle ................................................................................................................................... 4 High scalability ................................................................................................................................................... 5 Precision............................................................................................................................................................ 5 Actions are taken almost immediately................................................................................................................ 5 How to avoid common issues when deploying agents ........................................................................................ 5 Platform specific agents are required ................................................................................................................. 5 Human intervention and objections ................................................................................................................... 6 Myth busting ............................................................................................................................................................. 6 Agents usually place additional load on the network .......................................................................................... 6 Interference with the operating system and applications ................................................................................... 6 Opening up the machines to security vulnerabilities ........................................................................................... 6 Summary................................................................................................................................................................... 7 Telescope or spy? .............................................................................................................................................. 7 References ................................................................................................................................................................ 7
1E 2011 2
Introduction
1E efficient IT solutions, specifically NightWatchman Enterprise and NightWatchman Server Edition, require IT departments to install a software agent (which resides on a workstation or server) and collects data based on a centrally set policy. Agents collect, aggregate and process local data and only communicate changes when necessary. Many other software solutions on the market adopt an agentless approach, relying instead on a central service that interrogates systems remotely to retrieve data, without having a locally installed agent on each client. We look at the pros and cons of each approach and debunk the myths around installing agents. According to Gartner there is already a consensus that neither approach to monitoring is absolutely superior. Each has its strengths in different contexts.
An agent is like a spy in the ranks, giving you a lot more information than you would get from just looking through a telescope (agentless)
Why you want an agent working for you
Why does running an agent lend itself to power management?
An agent running on the system is capable of local data collection, correlation and processing. Taking PC power management as an example, the agent can make better decisions based on activity that happens locally, for example whether the user is active before prompting to power off the system. An agent running on the machine can query the operating system to check when the user last used the machine and whether he is logged on locally or remotely in order to defer or force the low power state. With multiple users logged on, each users documents can be saved before logging off. In summary, user productivity is not disrupted. Using an agent for a server power management solution is the only way to identify whether useful work is being carried out on a server. This is the only way to accurately determine if a server is being used, enabling you to easily discover and decommission the 15% of servers doing no useful work. With agentless technology, there is reliance on remote methods to find interactive user sessions which have a dependency on specific remote accessible APIs that cannot return whether the sessions are really active i.e. user logged on and working. There is also no solution for true useful work detection with an agentless approach as this data is not exposed remotely.
1E 2011 3
it is not. Conversely, without the ability to probe the system for more data, an agentless approach could potentially power down a machine when a user is using it. An agent has a degree of IT autonomy and can cache data and execute actions based on an existing policy even if the management server or its connection fails. It can send the data back to the management server when communication is restored.
1E 2011 4
High scalability
Agentless solutions have to ping/ investigate/ poll data from a large number of monitored systems, so there is a natural limit (number of metrics per number of systems at a given polling interval) a server can process. This also adds additional strain to the network. An agent-based approach to management is very scalable. Events are sent asynchronously after local processing and the agent can take decisions to enhance scalability such as only sending up data when it changes, sending differences, randomized time of sending or batching data based on server load all which enable scalability through less server resources. Using stateless configuration and reporting over HTTP allows load balancing the server environment. Numerous architectural patterns exist for scaling HTTP and HTTPs environments and making them highly available.
Precision
Agentless generally means polling. As the polling frequency is increased you get a better understanding of what is happening on the network. An agent doesnt need to poll at all. It simply subscribes to operating system notifications and is informed of any state changes. Reporting can be initialized even before the machine has been allocated an IP address and can be accurate to the millisecond. The state of the machine can be validated through querying multiple data sources before a report is generated. An agent can collect and process data locally and generate a behavior model to make certain intelligent decisions such as powering the machine down when a user has not logged on or if the machine has not been used for a while. The agent can also probe the operating system to model the behavior of the systems idle timers and use intelligent logic to force the machine to sleep saving even more power.
An agentless solution has its own equivalent though, for instance having to support multiple protocols and methods of remote querying, for example, WMI or SNMP.
Myth busting
Agents usually place additional load on the network
Agents can employ intelligent data caching and spooling to send up less data than an agentless solution would. The agent can send up data when the status changes or differences only. Reports are batched up and sent up at random intervals, which means that the load on the network is minimized. Agentless servers create data requests centrally to remotes devices, which then reply with data. This bi-directional chatter will generally consume far more network bandwidth.
1E 2011 6
Summary
Telescope or spy?
So what does agentless really mean? Agentless generally means that you will not have to install a software agent to perform any power monitoring. While this might be technically true for a moment, agentless is really a misnomer. Agentless implies that since there is no software to install, it is therefore easier to deploy, manage and maintain. In most cases, the supposed agentless solution simply uses the agents that come with another vendor's product instead, such as: Windows WMI or SNMP Service. The Windows SNMP service is not fully configured or enabled by default in Windows XP and above; you have to manually configure it which is not easy to do. Configuring security for WMI namespaces and enabling DCOM remote access is not trivial either. Although you don't have to install an agent, you may have to spend an almost equal amount of time configuring the built in one. Agent-based technologies are like having a spy in the ranks giving you a lot more information than you would get from just looking through a telescope (agentless). With an agent-based approach you get greater command and control capabilities, more granular information gathering and much less impact on the network. There are the additional benefits in real-time reporting (detecting which workstations are no longer in use or servers that are not being useful) which brings the sought for benefits of Power Management (by powering them down).
References
Further Reading: How to Choose between Agent-based and Agentless Monitoring, Gartner Research, by David Williams 12 July 2010
1E 2011 7