Management software and security

by Mitch Tulloch [Published on 28 Sept. 2005 / Last Updated on 28 Sept. 2005]

Which kind of management software is more secure, agent-based or agentless?

Which kind of management software is more secure, agent-based or agentless? I vote for agentless software for one simple reason: less risk of a service account dependency creating an unexpected vulnerability in your network. Generally, if you're using an agent-based management platform you must have admin credentials on all the systems being managed, and this creates what's called a service account dependency, see my blog for more info on this problem. In other words, if the account used to run your management software is somehow compromised, then every system this software managed is effectively compromised also. So my preference is for agentless management software as it's inherently more secure, and usually a lot easier to deploy as well!

The Author — Mitch Tulloch

Mitch Tulloch is a widely recognized expert on Windows administration, networking, and security. He has been repeatedly awarded Most Valuable Professional (MVP) status by Microsoft for his outstanding contributions in supporting users who deploy and use Microsoft platforms, products and solutions. Mitch has published over two hundred articles on different IT websites and magazines, and he has written or contributed to almost two dozen books and is lead author for the Windows 7 Resource Kit from Microsoft Press. For more information, see www.mtit.com .

Latest Contributions

Featured Links