A hosted, agentless IT asset discovery and inventory solution is a great example of the expression “less is more.” The internet offers a great definition of what that less is: “The notion that simplicity and clarity lead to good design.” (http://www.phrases.org.uk/meanings/226400.html) A hosted, agentless solution is one way to bring clarity to IT asset discovery and inventory.
IT asset discovery and inventory solutions can be placed into three groups. The first is locally installed solutions that utilize installed agents. The other two groups do not install an agent, but instead execute discovery the through the use of a piece of code that does not reside on the end point device. For purposes of this article these two types of solutions will be referred to as “agentless.” The distinction between groups two and three is whether the solution is locally installed or hosted elsewhere.
To clarify the groups, think of the “agent” as some amount of code that has to be placed on each device that is going to be discovered. An agentless solution avoids that invasive distribution. In contrast, agent-based solutions place a piece of code on each scanned device that performs the data collection and transmission process. “Installed solutions” reside on a server within an organization’s IT infrastructure. “Hosted” or SaaS solutions are provided as a vendor service and operate outside the user organization’s IT infrastructure. That means that agentless solutions, whether installed or hosted, place no code on any device and collect the information via a network-based transaction. A case can be made for any of these architectures; however the focus of this article is on where and why agentless solutions, and particularly hosted ones, may be the best choice for IT asset managers.
Into the Cloud
By virtue of their design, agentless solutions are ideally suited as hosted offerings. By definition, hosted solutions require no locally installed software and minimal space in the hardware infrastructure. An effective, agentless hosted offering provides IT departments with great benefits in terms of cost, flexibility, simplicity and maintenance without sacrificing features, accuracy or security. Operationally, agentless hosted solutions reduce or eliminate the operating overhead associated with use of the tool, as well as reducing the load on the organization’s network. From a practical perspective, reliance on an installed agent would be counter to the architecture of a true SaaS solution.
Furthermore, the agentless hosted solutions currently provide all the security, features and functionality required by enterprise level organizations as well as small and medium sized businesses. For example, a hosted agentless solution was adopted for statewide use by the New Mexico Department of Health, instead of an installed agent-based solution. The selected application met all of the State’s requirements for performance and functionality, with the added benefits of not having to install any additional software on the end user devices or maintain a locally installed application on a dedicated server. (Go to www.xassets.com to read the State of New Mexico Department of Health case study.)
Light and Fit
A review of RFPs issued by major organizations seeking to implement enterprise-wide IT asset management solutions revealed that an overwhelming number included a requirement that the proposed application have no impact on daily operations. Specifications demand that the solution must not degrade network or end user processor performance, and not add any software to the end-user configurations. A hosted agentless solution actually exceeds this type of requirement. Installed discovery agents use CPU cycles, and often a series of start-up or scheduled processes can conflict, “bringing the system to its knees.” In contrast, agentless discovery uses few system resources and transmits a minimized packet of information to the collection server. The collection server might even be a virtual machine. This architecture reduces the impact on both the scanned system and the network itself. A hosted agentless application can satisfy the needs of the end users and the IT department, while providing the depth of detailed information that is required by management.
Not on My Computer You Don’t
There are numerous computing environments where the addition of software into the network or onto end-user devices is unwanted, impractical or regulated. In these cases, introducing a software discovery agent on end-user desktops or laptops, or even an ITAM application on a server that resides on the network, becomes a major project for the IT team. In these cases a hosted system with no installed software or agents is an ideal alternative. Two specific computing scenarios illustrate this point.
FDA Validated Systems
The US Food and Drug Administration (FDA) mandates that all computers even remotely involved in the process of developing, testing, manufacturing medical devices or pharmaceuticals, or the management of those processes, must be validated. That entails documenting the tested baseline configuration and any and all changes to that configuration. In addition, if changes to a system configuration cause a problem in any part of the operation, the changes must be documented to the level of detail that would enable an IT professional to reverse them. Installing agents on validated systems constitutes such a change, and would require that each end every affected device would need to be re-documented.
A hosted agentless ITAM solution eliminates the time and expense of this configuration process for discovery and inventory processes. Devices are discovered without altering the end point devices. Even when changes are made to the discovery software by the vendor over time, no changes must be made to the end point computing devices as no software was ever installed.
SAS 70 Certified Service Providers
In today’s business environment, service organizations or service providers are required to demonstrate that they have adequate controls and safeguards when they host or process data belonging to their customers. Section 404 of the Sarbanes-Oxley Act of 2002 makes SAS 70 audit reports a critical proof of effective internal controls for financial reporting. Service organizations that impact a user organization’s system of internal controls include application service providers, bank trust departments, claims processing centers, data centers, third party administrators, or other data processing service bureaus. (http://www.sas70.com/about.htm#about 100)
Part of maintaining the SAS 70 certification is demonstrating strict controls over the configurations and systems used to provide those critical services. Similar to FDA Validated Systems, maintaining a SAS 70 certified operation depends on controlling and fully documenting the computing environment. A hosted, agentless solution gives service providers a tool to constantly inventory and document their infrastructure while eliminating the need to install, track and manage yet another component of their computing environment.
A LAR’s Best Friend
Using the data on their websites, it appears that the majority of large Account Resellers (LAR) provide a software asset management (SAM) service for their customers. With an agent-based installed solution, the LAR would need to devote resources to go on site, install the software on a server on the customer’s network, an agent on the end-user computers and then run the software and analyze the output. Conversely, using a hosted agentless solution, the LAR can manage the entire process remotely, only downloading a data collection application temporarily onto a virtual machine at the customer site. The hosted solution can be operated as a service, running only as long as it takes to discover and inventory the entire network. Analysis can be performed off-line, and the cost to the LAR and/or the customer is minimized. From the customer’s perspective, the best advantage is that the customer’s operations are never disrupted by the SAM process.
Enhanced Time to Value
Any purchasing decision includes a consideration of the timeframe between expenditure and return on investment. Obviously, the easier and faster a system can be implemented, the sooner an organization can realize the targeted savings and benefits from the acquisition. Hosted agentless discovery and asset management applications are, by their very nature, easier and faster to install and deploy than their installed agent-based counterparts. In many cases, an organization realizes benefits within weeks, and typically the system is fully functional in four to five weeks. Organizations that require immediate access to the desired data or that have a critical problem to solve can truly benefit from the advantages offered by hosted agentless discovery solutions.
Of course all hosted agentless, or even installed agentless applications, are not created equal. Even though most such applications are light and fast, the discovery techniques and technology required to make a hosted agentless discovery system truly effective are complex. An agentless solution needs to collect and recognize detailed system information as if an agent was installed. To meet the demanding requirements of today’s IT managers, the hosted agentless solution must:
- Access the Windows API and local resources for detailed discovery
- Discover hidden executables
- Discover the entire machine and connected peripherals (e.g. monitors, printers, back-up hard drives)
As with any software purchase, IT managers are advised to conduct a comprehensive market survey and trial period. There is nothing better than a real test of the solution on a real network to determine the true value of any discovery application to the organization. However, xAssets has an agentless hosted discovery service and experience that has shown how a full featured hosted agentless solution provides IT professionals with the speed, accuracy, flexibility and cost savings their management demands without the complexities of other agent-based solutions available in the market today.