Cherwell IT Service Management Blog
Resources, Best Practices, and Solutions for ITSM Pros

The Real Scoop On Agent-Based IT Asset Management Technology (Part 2 of 4)

Posted by

This post is part 2 of 4 of a series of articles addressing many of the common misconceptions associated with agent-based asset management solutions. The four parts to the series are as follows:

  1. Intro: The Great Debate
  2. Agent Deployment
  3. Data Collection
  4. Network and End-User Impact

Part 2: Agent Deployment

One reason computer inventory agents have developed a reputation for being “invasive” is because they physically reside on end-user machines. In contrast, agent-less technologies don’t require deploying software to target machines; depending on how the solution is implemented, machines may be accessed remotely or asked to run an inventory collection program installed on a network share.

As such, many wrongly assume that agent-based solutions are, by definition, difficult and time-consuming to implement relative to their agent-less counterparts. While these characteristics are often portrayed and/or believed to be both inherent and inescapable, the real story is not so black and white. To be sure, agent-less solutions don’t require wide-spread deployment; and implementations that rely upon a resident computer inventory client will certainly add some time and overhead to the overall implementation process. The important questions are 1) how much time (it may, in fact, be trivial), and 2) is the extra time worth the advantages? (I’ll discuss these advantages in my next post.)

Some critics point to the fact that administrative access is required in order to remotely deploy the agent to end-user PCs. But the truth is that even an agent-less solution requires administrative access in order to perform the process of data collection (unless end-users are expected to invoke a remote collection mechanism themselves). This is because Windows security requires elevated access to get at any box from the outside. So this issue boils down to the simple question of when the access is needed—upon client deployment or prior to an inventory being run?

For organizations that already have a deployment tool in place (for example, Microsoft SMS/SCCM, Altiris Deployment Solution, or New Boundary’s Prism Deploy) deploying an agent is typically no different from deploying any other standard software package; the effort required to deploy the agent depends on the capabilities of the deployment tool being used. Organizations without a deployment tool may choose to rely on the deployment functionality built into the IT asset management technology.

We know from experience that larger, more complex framework IT asset management products typically have more cumbersome deployment processes, whereas lighter, more specialized point products tend to be more straightforward from a deployment perspective. But like any other technology, the ease of agent deployment will vary depending on the quality of the technology, the emphasis any given vendor places on this aspect, and the existing deployment tools administrators have at their disposal.

One area in which agent-less technologies are generally acknowledged to have a advantage is with respect to upgrade management. When an agent-less solution needs to be upgraded, there are no agents to un-install and re-install. Generally speaking, agent-based solutions require that agents be re-deployed. (That said, our customers will be pleased to hear that our next release of Express Software Manager will upgrade the agents automatically when machines “check in”, making this process transparent both to administrators and end-users.)

In my next post, I’ll explore the debate surrounding the collection of IT asset data using agents-based technology.