In the administration point of view, an agent based solution adds a lot of new services to be monitored (deployment agents). Otherwise, we have a better scalability and security in this scenario. I want to know the perspective that usually has more relevance in other companies.

Most of the new monitoring software products, and my clients, are moving towards agentless solutions.  The agent based solutions tend to be from older software designed in the 1980s - 90s; so designed for a far less distributed environment. 

The advantages of an agent based solution are:

• The agent can continue to monitor if communications are lost.  Although no useful real-time monitoring can be accomplished in this scenario, historical data can be preserved.  This may, or may not, be important.  Note that this capability (history) is NOT available on agentless monitoring software.  

• Requires outbound communications from server being monitored to server hosting the monitoring.  This is generally considered more secure than allowing inbound communications from agent-less monitoring software.   

• Generally every possible metric for the software being monitored can be gleaned by the agent.  The agent can also, in theory, glean additional information such as server resource utilization (CPU, memory, etc.).  This was critical in the past but now most, if not all, of the required information can be accessed via IP.  

The disadvantages of an agent based solution are:

• Requires software installation on the server being monitored.  This requires access to the server, User IDs on the server, access control on the server, etc.  Generally considered to be another, and unnecessary, surface for security penetration attacks.  This is obviously not required in an agent-less solution.  

• Requires software maintenance (for product upgrades) to be performed on every server being monitored.  This solution does not scale well (imagine tens of thousands of monitored servers).  Obviously, maintenance is only required on the central server(s) for an agent-less solution.  

• May require local configuration on the product being monitored.  In general, these configuration requirements are equal to or greater than the required configuration for agent-less products (which typically only require IP access).  

• The TCO (Total Cost of Ownership) for agent-based solutions is higher than for agent-less solutions due to the effort of maintaining the agents.  Note that these costs increase with the installation base, while the agent-less costs are nearly flat.  

The things that are the same with both approaches are:

• Neither approach will provide real-time monitoring if communications are down.  

• Both approaches require fire-wall rules for support.  Agent-based solutions require outbound firewall rules (from the perspective of the server being monitored) while agent-less solutions require inbound firewall rules.  

• Both approaches typically require from to zero to trivial configuration on the monitoring server when new monitoring targets are added.  Agent-less solutions almost always require some configuration (e.g. adding the server name to a list of monitored targets).  

• In many cases, all of the information to be retrieved with either method of monitoring.  Certainly the trend is to web enable monitoring and the Cloud will only accelerate this transformation.  

In general, agent-less solutions are considered: (1) lower cost to install, (2) lower cost to operate, (3) more secure, and (4) have equal or nearly equal quality of data.  

Regards,

Glen Brumbaugh