Agentless vs Agent-Based IT Asset Inventory Management
Published on April 23, 2019,
When we talk to customers about asset inventory discovery, one of the topics that comes up often is whether to use an agent on the clients/devices or to go agentless. Inevitably, many IT organizations are reticent to put agents out on clients, as they require ongoing maintenance, take up client resources and pose certain security risks. For the most part, organizations can get most of the benefits of an asset discovery solution without having to deploy an agent. There are certain scenarios where an agent is essential, but the use cases are limited.
Ultimately, there are technical reasons to deploy an agent-less discovery asset solution for inventory collection, but for lack of a better word, there are political reasons also for going with an agent-less solution. Whether technical or political, most organizations lean towards an agent-less solution for the reasons outlined below. There are scenarios where you can not get around the necessity to have an agent on the client which we will also highlight below.
With today’s advanced agentless solutions you can expect the following:
- Less bureaucratic hurdles to overcome – Since an agentless solution does not require an install on the client, this lowers the overall bureaucratic issues one must overcome within the IT, compliance and security organizations. Some organizations just won’t allow an agent to be installed which can stop a discovery and/or SAM project dead in its tracks.
- Low impact – With the next generation of agent-less discovery solutions you do not have to worry about issues with network bandwidth or administrative access to the clients. These solutions are able to send only differential changes from the clients, as well as monitor the network, and communicate when network traffic is low. Overall, this reduces the impact an agentless solution puts on clients’ resources and the network.
- Deep asset interrogation – In the past, it was necessary to place an agent on a client to get an exhaustive inventory of that device but with the exception of software and hardware usage, this limitation has been eliminated by modern agentless discovery technology.
- Less maintenance required – Using an agentless inventory discovery approach eliminates the entire need to maintain the agent on the client system and perform ongoing compatibility testing. If the agentless solution can access the client via one of a variety of protocols, it can perform its tasks over the network.
- Usage information and statistics – today’s next generation discovery and software asset management (SAM) solutions are more than capable of finding assets and exploring their configuration. However, if you are looking to determine actual usage of software and hardware on the clients, this will require an agent of some sort to be monitoring the system constantly in order to capture this information. There is no way that would respect the network and capture the information of intermittently connected devices without using an agent on the clients/devices. In these situations, it is obviously best to have an agent with the smallest footprint and least impact on client resources.