How to decide between
Agent and Agentless
IT Assets Monitoring
IT Asset Management Software, SAM Software
An IT assets monitoring tool can provide analysts, network engineers, managers, and other members of your IT team much needed visibility and insight into the inventory and health of your IT infrastructure. But before choosing a specific product, it’s important to understand that there are two types of monitoring tools – agent and agentless.
Knowing the differences between these two, as well as their individual strengths and weaknesses, can help you make an informed decision when deciding which tool is the best fit for your IT Asset Management.
What is Agent-Based IT Monitoring?
Agent-based IT monitoring requires the installation of one or more instances of an agent software on each target system. These agents are responsible for collecting performance and availability metrics from your servers, desktops, laptops, virtual machines, operating systems, middleware, and even certain network devices and software applications, and then transmitting the collected data to a central monitoring station a.k.a. collector, hub, controller, server, etc.
Agents are usually deployed manually. This typically entails either:
- physically going to each target machine and installing the agent or
- remotely installing via: SSH (for Linux machines); RPC and SMB (for Windows machines); or any similar method.
Some agents may also be installed using certain automated mass deployment technologies but not all IT assets monitoring solutions support this capability.
Because these agents reside on the target systems themselves, they are able to collect a wide range of information such as service availability, file system usage, network utilisation, process availability, CPU performance, memory state, and several other metrics with greater breadth and depth compared to their agentless counterparts. This in turn amounts to deeper insights for troubleshooting and root-cause analysis.
In addition, some monitoring solutions provide builder tools for creating customised agents or agent extensions that further enhance the capabilities of each agent instance. You can use these builders to add custom metrics, queries, and scenarios. Depending on the product, customised agents and extensions can be built through scripts or via a GUI tool.
While these agents provide greater functionality and extensibility to the monitoring solution, they also have some disadvantages. One of the downsides of agent-based software asset management tools is that manual deployment can be tedious and time-consuming. Also, the agents may have to be occasionally patched as well as checked for connectivity issues, file corruption, and availability.
Although some solutions support mass deployment, automated upgrades, and agent health monitoring capabilities, they nevertheless add a certain degree of deployment and maintenance overhead. They may also have to be factored in when troubleshooting certain issues. This can be particularly problematic in large enterprises who operate across different geographical locations and possess a massive inventory of IT assets.
Agents add to the computing overhead of the target system as well, and can impact performance especially when deployed on aging hardware or systems with limited resources.
Lastly, because the agents have to be installed on target systems and need to connect to a monitoring station, they can raise privacy and security issues. If you work in a government agency, a large enterprise with onerous security and privacy policies, or an ITIL-compliant organisation, you might need to go through an extensive approval process before you can proceed in installing agents.
What is Agentless IT Monitoring?
As its name implies, an agentless IT monitoring tool is one that doesn’t require any agent software to perform monitoring. These monitoring tools typically collect metrics by either leveraging APIs provided by the target systems or by using management protocols or specifications like the Simple Network Management Protocol (SNMP), Windows Management Instrumentation (WMI), or Common Information Model (CIM).
Because there’s nothing to install on the target systems, agentless monitoring solutions are devoid of the deployment and maintenance hassles that accompany their agent-based counterparts. They’re faster and much easier to implement. However, the absence of agent software comes with a price. Agentless IT monitoring tools can’t match the breadth and depth of metrics that agent-equipped tools are able to gather.
While agentless monitors don’t add to the computing resource overhead of their target systems, they do come with greater network overhead, as much of their monitoring activities (e.g. for polling target systems to retrieve monitored data) are carried out over the network. Their overdependence on the network also make agentless solutions susceptible to network issues. Latency, packet loss, and poor network conditions can impact the reliability of these solutions.
When is it ideal to use agent-based IT monitoring?
Agent-based monitoring solutions are ideal for situations where you suffer from network quality or availability issues because these solutions are less dependent on the network. In fact, some agents are designed to collect data even without a network connection.
Hence, generally speaking, agent-based tools are perfect for monitoring IT assets that need to be reached through a WAN or VPN (where network conditions are sometimes poor). They’re also good for monitoring endpoints that may sometimes disconnect from the corporate network, e.g. mobile devices and laptops.
Most of all, they’re the better choice if you want to achieve greater visibility and in-depth analysis of your IT assets and can afford deployment and maintenance overheads.
When is it ideal to use agentless IT monitoring?
First of all, agentless monitoring tools are ideal for situations when it’s just not possible to install an agent at all. For example, you can’t install agents on printers, switches, routers, and other network devices. In situations like these, you really have no choice but to use an agentless solution.
They’re also the better choice if:
- You lack the manpower to deploy, manage, and maintain agent-based solutions;
- You only need to collect basic inventory and performance metrics;
- You need to monitor legacy systems or systems with serious resource constraints; or
- You want to avoid bureaucratic red tape or privacy issues altogether.
Agent-based vs Agentless Discovery Method
Requires installation of agents on each target system. Particularly difficult in large, geographically dispersed organisations.
No installation needed
Breadth/depth of metrics
Can monitor a wider variety of metrics. Provides deeper insights into inventory and performance of IT assets
Can monitor a relatively lesser variety of metrics, resulting in relatively superficial insights into inventory and performance.
Can consume a certain amount of computing resources on the target system. Impacts performance of legacy or resource-constrained systems.
No resource overhead on the target system
Minimal network overhead
Uses up a larger amount of bandwidth
Less dependent on the network. Some agents can operate even when momentarily disconnected from the monitoring station
Always requires network connectivity
Agents can be customised and extended
No such capability
Requires occasional patching, monitoring, and troubleshooting of agents on the target system side. Particularly difficult in large, geographically dispersed organisations.
No maintenance needed on the target system side.
May require approval from higher ups when installing agents in certain organisations.
No such issues.
In most real-world scenarios, you’ll rarely find situations where you’ll only need either an agent-based monitoring tool or an agentless tool. In most cases, you’ll need both. That’s why in most implementations, you might want to combine two solutions – one agent-based and one agentless – or perhaps find a solution that already incorporates these two.