Table of Contents
ToggleIf Your Conversation is Agent vs Agentless, You’re Focusing on the Wrong Comparison
“Agent-led solutions are more resource-heavy” one person might say, while the other counters with “Agentless options are far less accurate.”
At Faddom, we believe that you’re having the wrong conversation and that this may lead to your business accepting a network discovery solution that is inherently limited. In reality you don’t have to compromise on either resource consumption or accuracy. (For more information, see our guide to it asset management.)
Here’s why an approach that achieves network discovery based on wire data and real traffic data will check all the boxes for your application dependency discovery project.
How Does it Measure up for Security?
Every open port is a potential gap in your security ecosystem, a hole that can be leveraged to gain access to your network. Both Agent and Agentless network discovery solutions need to open firewalls in order to achieve their discovery capabilities. In fact, in an Agent-based solution, firewalls need to be opened from every server back to the central server to allow the Agents to communicate information.
In contrast, Faddom’s proprietary network discovery technology works without firewalls, offering a much higher level of protection than either of the former choices.
Lanir specializes in founding new tech companies for Enterprise Software: Assemble and nurture a great team, Early stage funding to growth late stage, One design partner to hundreds of enterprise customers, MVP to Enterprise grade product, Low level kernel engineering to AI/ML and BigData, One advisory board to a long list of shareholders and board members of the worlds largest VCs
Tips from the Expert
In my experience, here are tips that can help you better approach network discovery for hybrid environments:
-
Leverage flow-based analysis: Utilize NetFlow/sFlow for discovery to minimize network changes and enhance security
-
Combine discovery methods: Use both agent-based and agentless methods for comprehensive coverage and validation.
-
Automate dependency mapping: Automate to quickly identify the impact of network changes or failures.
-
Ensure multi-cloud compatibility: Choose tools that seamlessly integrate across different cloud providers.
-
Prioritize real-time monitoring: Opt for tools that adapt to network changes dynamically to reduce manual effort.
How Easy is Deployment for Each Option?
It goes without saying that an agent-based network discovery solution has a complex deployment attached to it. After all, you will need to install an agent on every server, a major project in an enterprise data center. Agentless discovery solutions also require architecture and network changes, opening inbound ports and configuring the solution on each and every endpoint.
Faddom network discovery can be achieved with no network or infrastructure changes, in a matter of minutes from your dashboard. Simply set up NetFlow or sFlow on your environment, enter a URL and you’re ready to start viewing application maps.
What’s the Impact of Faddom Network Discovery on Resource Consumption?
Any network discovery solution with access to your servers will be resource-intensive, whatever a vendor promises. Think about having an Agent on every server, which has a direct impact on the CPU and memory resources of those servers, by their very existence. An Agentless network discovery solution impacts resources in a different way. As your performance data is sent over the network from the servers to a remote data collector, the additional network traffic is a strain on resources.
That’s one of the reasons why we designed Faddom’s solution to work without access to your servers at all. No access means no impact, and we can truly call ourselves lightweight.
Can you Compete with Agent Network Discovery Solutions on Accuracy and Scale?
Yes! We worked hard to ensure that our application discovery tool offers the same high level of accuracy and scale as an Agent-based application discovery tool.
In terms of accuracy, both agent-based and agentless network discovery solutions discover all applications and their dependencies with granular detail. In contrast, an Agentless solution is subject to protocol limitations and relies on low-frequency data collection. This usually results in low accuracy, with a limited amount of applications and dependencies identified on your map.
Now let’s think about scale. For Agentless solutions, it’s a non-starter again. Your server will have an intrinsic limit on how many connections it can handle at the same time. Scale? What scale? Agent-based network discovery solutions are known for being easy to scale, as the server can handle more processes at the same time. Faddom discovery uses NetFlow, allowing a single server to scale to a very large enterprise data center, and unlike Agent-based tools, without any additional resource requirements on your servers.
I’m Intrigued. But How Robust is Faddom Network Discovery?
Let’s bring it home for you. Agent-based network discovery solutions rely on installing an Agent on every single server. New servers will be blind spots until that work is done. As soon as one Agent stops working, your visibility is gone. This could happen at any time, with zero warning. If you turn to an Agentless solution to avoid these gaps, now you’re subject to networking issues. One unstable network connection and your data is going to suffer in accuracy and availability. This is down to the way that process initiation and stream handling is all done on the server itself.
Faddom network discovery automatically collects data from any new servers on the network, and the network connection hardly affects mapping at all.
Why rely on a server-level solution that’s prone to blind spots and networking issues, if you can use statistical network analysis and data sampling to get more secure, accurate, and cost-effective network discovery and mapping?