Mailbag: Agents and agentless management

* Readers weigh in on agent use in management

Last week, I wrote an article on the trend of vendors providing both agent-based and agentless monitoring and management. I received feedback from several readers that I thought I’d share in this week’s column.

One reader writes:

“The most important decision between the two choices is dependent on the server crash… in an agent-based system using store-and-forward, the root cause is usually captured for analysis; however, in an agentless system there isn't a store-and-forward mechanism and the data is lost for root-cause analysis. To my firm and clients - this is the holy grail… capturing the data that is needed for root-cause analysis and not the second-guessing, armchair-quarterbacking, or finger-pointing that usually occurs after a failure.

“The decision is [also based on] the standardization of the hardware systems from a vendor - both HP and IBM provide a robust agent and free agent to monitor the performance layer of the hardware with some basic monitoring for customer identified services.”

Another reader says:

“One of the main challenges with agents is not really the agents themselves; it is the networking challenges that make it tough to deploy them. As you point out, agents typically provide more in-depth capabilities. One of them is usually the ability to query the agent on-demand from your management console in order to get real-time ‘right now’ data and status information without remote control.

“To achieve this, the agent requires two-way TCP communications. This is where the trouble begins. With today's complex networks, agents now have to wrestle with DHCP (changing IP addresses), multiple network interfaces in a server (multiple IP [addresses]), firewall rules (DMZs, etc.), local firewalls and IDS/IPS software on servers, and lastly, routing issues. Generally, this is where the server management teams get into fistfights with the network team.

“So agentless seems like an easier approach. Not necessarily. The key and important downside to agentless (aside from limited functionality) is network overhead. This is significant and must be evaluated. On a high-speed data center LAN, this may not be much of an issue, but on a distributed WAN, agentless can be a killer. This is why we (and perhaps others) have developed a hybrid approach: easily distributed one-way TCP, super-lightweight agents. These new agents remove the aforementioned networking issues from the mix and provide minimal bandwidth utilization, enabling distribution of agents a reality where it would have been unthinkable before.”

Now that you have a choice of management approaches - agent-based or agentless - I’d like to hear your preferences for using these approaches and your experiences. Please send me e-mail (ITers only - no vendors please!). Let me know why or when you use one vs. the other. If I receive enough responses, I will write a follow-up article to report the results. Please send your response to mailto:Rasmussen@enterprisemanagement.com with “AGENTS” in the subject line.

Learn more about this topic

Taking on IT service management

Network World, 06/13/05

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Related:

Copyright © 2005 IDG Communications, Inc.