IT Asset Discovery und Inventory-5 Gründe Agentless to Go
20, Juni 2018
- Geschrieben von: Bruce Aboudara
We are all very familiar with software agents. Many enterprise software tools have their own need for one that is generally unique to their application. These agents are useful as they tend to act on the environment and run without continuous supervision, while transmitting data or performing some function essential to the system it resides on. But there are downsides depending on the use case. There are of course always InfoSec concerns about introducing another agent. But they also require fairly intense operations support due to concerns about bandwidth, compatibility, the need to comply with change management processes and, worse yet, one size does not fit all cases.
Das ist, wo der agentenlosen Ansatz helfen kann. Lassen Sie sich auf fünf Gründen suchen, um die Verwendung einer agentenlose Entdeckung und Verfolgung Fähigkeit zu machen.
Zunächst einmal, wissen Sie nicht, was Sie nicht wissen. Agenten können nur auf Computern installiert werden, die bekannt sind und verwaltet werden. Agentless Scan bietet eine sehr schnelle Art und Weise jedes Delta zwischen zu erkennen, was auf dem Netzwerk ist und was ein Agent installiert ist. Diese Lücke Analyse kann leicht adressieren Fragen zu Sicherheit, Compliance, Kosten und in der Migrationsplanung verwendet werden, um nur einige zu nennen.
Secondly, a need to know now. Agentless scanning can provide a very rapid discovery of networked devices and present an almost instant picture of the nature of an ITAM estate. Consider the effort to certify an agent, implement the change management program, accomplish the deployment (which never goes easily the first time) and wait for the data to accumulate. An agentless program can be accomplished in a matter of hours and begin returning data immediately.
Our third reason applies to the audit or investigation of IT Assets in an otherwise tightly controlled section of a network. In the situation where speed is essential or software installations are not allowed, often a service account will have remote access already and leveraging this for discovery and inventory is a very real option.
Fourth on our list are areas where IT policy severely restricts the use of agents. Data center inventory is probably the most common. Although server estates are often tightly controlled and monitored, a simple agentless scan almost always reveals new or a previously unknown architecture. This can be new Virtual Machines, databases and software liabilities that may have been created quite simply by accident. It is often the case that new VMs are created using clones of existing ones without considering the software and services installed and running on them.
Number five is about future proofing. Agentless probe development is incredibly agile, whether it be developing a brand-new probe or extending the capability of an existing one. In a SaaS deployment development can often happen within a single iteration and sometimes even faster. Because the infrastructure is already in place, new capabilities can be implemented with no change to the endpoints. Updating an agent (even its configuration) is often tightly bound in change control and time-consuming process, especially when the size of the asset pool starts to exceed a few thousand. With new device types continuing to emerge, such as IOT, this adaptability will be critical.
A robust, fully integrated discovery and tracking tool is key to providing the foundational data quality that is needed in all sorts of situations. Whether looking for rapid physical audit support, a security assessment of who has what asset and where it is or supporting a software asset management program, agentless discovery plays a key role. When looking at agentless tools you should consider an integrated solution such as Asset Vision®. Asset Vision incorporates discovery, inventory, normalization and reconciliation in a single solution which will help ensure you achieve rapid results with the highest asset data quality.