Are Agents Necessary for Accurate Network Monitoring?
||How does an IT team ensure accurate and complete visibility? Obtaining comprehensive visibility into network performance requires not only looking at the network and application, but digging into infrastructure health and performance. Solutions providing this view typically utilize two different approaches: agent or agentless.
Selecting the best method for your team requires understanding the options and selecting the solution that integrates well with your existing resources. In this article, we will:
- Define agent and agentless approaches
- Outline pros and cons for each approach
- Establish a strategy for cost-effective, scalable performance visibility
Defining Agent and Agentless
Agents are typically proprietary software loaded on to relevant application components, devices, and servers. The question to ask application performance management (APM) vendors is whether their platform requires software to be installed on your critical infrastructure.
If the answer is “yes,” the program you’re loading is most likely an agent, which gathers data and sends it to the console or platform for analysis. Agents can also perform tasks that impact or modify the operation of the device.
If the answer is “no,” the APM platform is likely relying upon polling technologies to acquire device performance and related application information. These solutions are typically referred to as agentless.
Agentless solutions often tap into pre-existing or native agents and reporting capabilities placed on the system or device by the infrastructure manufacturer. Utilizing intelligence from these native agents allows agentless solutions to track performance variables including power, CPU, and memory usage without affecting device performance. Additionally, using polling technologies like SNMP or querying Windows systems through WMI provides nearly limitless information about devices and hosted applications.
Assessing the Pros and Cons
The following chart outlines the benefits and costs of each option
| ||PROS ||CONS
- Designed to provide critical management specific metrics
- Uses SSL or other encrypted methods to provide data
- Typically will auto-update to avoid maintenance overhead
- Can impact critical infrastructure, consuming device’s CPU, memory, and storage
- Cannot monitor beyond system on which its installed
- Time-consuming deployment requires agents for every critical device monitored
- Every new server requires additional agents be purchased
- Only tracks conditions and metrics it has been designed to target
- Cloud vendor may prohibit agents; coverage of multiple VMs can be cost prohibitive
- Tracks performance without impacting devices
- Immediate device discovery and monitoring, once IP address and credentials provided
- Scales as fast as new devices can be added
- Any devices can be monitored with minimal deployment effort, not just critical devices
- Taps into cloud vendor APIs and mimics user experience via synthetic transactions
- Data sources may not provide full or relevant data
- Typically requires pre-existing services and agents to be turned on; may also require changes to firewall
- On larger networks, polling needs to be spaced out enough to avoid overlapping executions
Establishing Effective Performance Visibility
Ultimately, each team must assess the merits of leveraging proprietary agents versus going agentless. As our discussion has shown, each has strengths and weaknesses. Many vendors now offer significant insight into the underlying health and status of the devices and network by exploiting the wealth of information infrastructure and application developers now incorporate directly into their solutions with native agents. Cloud providers as well are introducing APIs that can be readily supported by agentless solutions. This is an important point as cloud vendors generally forbid the placement of any agents within their environments.
Alternatively, if you have ready access to source code and/or require unique visibility into devices not available from agentless monitoring, then proprietary agents could be a consideration. For select applications, they can offer deep insight into application health at the expense of broad service support.
Finally, whether utilizing proprietary agents or an agentless approach, it is important to note that many solutions also provide packet-based analysis to monitor the flow of applications traversing the network. This integrated monitoring approach yields highly granular detail on the overall health of applications and infrastructure, enabling optimal operational efficiency and reduced MTTR when problems are detected