Management software and security

by Mitch Tulloch [Published on 28 Sept. 2005 / Last Updated on 28 Sept. 2005]

Which kind of management software is more secure, agent-based or agentless?

Which kind of management software is more secure, agent-based or agentless? I vote for agentless software for one simple reason: less risk of a service account dependency creating an unexpected vulnerability in your network. Generally, if you're using an agent-based management platform you must have admin credentials on all the systems being managed, and this creates what's called a service account dependency, see my blog for more info on this problem. In other words, if the account used to run your management software is somehow compromised, then every system this software managed is effectively compromised also. So my preference is for agentless management software as it's inherently more secure, and usually a lot easier to deploy as well!

See Also


The Author — Mitch Tulloch

Mitch Tulloch is a well-known expert on Windows Server administration and cloud computing technologies. He has published over a thousand articles on information technology topics and has written, contributed to or been series editor for over 50 books.

Featured Links