cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

SAM 6.2 Beta - Because Sometimes You Feel Like A Nut - Part 2

Product Manager

As promised in my earlier blog post entitled, "SAM 6.2 Beta - Because sometimes you feel like a nut - Part 1," here are some additional scenarios where the new agent included in the forthcoming Server & Application Monitor 6.2 beta could prove beneficial in ways you may not have even thought of yet. (As a reminder, SolarWinds remains firmly committed to our "Agentless First" approach for virtually everything we do!)

For those who need an agentless alternative to monitoring certain aspects of their environment, the new and optional agent is yet another powerful tool in your arsenal. Where you might wield this new weapon is entirely up to you.

Below are three additional examples in a continuing series where I outline some of the tangible benefits of the agent. If you'd like to kick the tires on the new agent, please feel free to participate in the SAM 6.2 beta. We'd love to get your feedback. Simply sign-up by clicking the link below:

SAM6.2Beta Button.png

Head in the Clouds

Monitoring applications and servers running in the cloud using traditional agentless protocols is fraught with issues. For instance, by default, the WMI protocol is not fully encrypted, nor will it traverse NAT boundaries. WMI also requires a healthy number of open ports to function properly, not to mention that it's a fairly chatty protocol that doesn't tolerate bandwidth congestion or high latency conditions very well. Problems like these are further exacerbated by the fact that many ISPs block RPC traffic on the internet due to the protocols historical association with worms and hacker exploitation.

Unfortunately, the SNMP protocol fares only slightly better than WMI. Currently, all versions of Windows still rely upon SNMPv2, which provides no authentication or encryption. While SNMP has been designed to work in harsh bandwidth contentious environments, as well as traverse firewalls with ease, there still remains an ever decreasing amount of useful information available that can be collected from Windows devices via SNMP. This fact alone, coupled with Microsoft's recent depreciation of SNMP in Windows 2012, suggests that no further dependency should be built on the protocol for monitoring Windows devices.

Passive vs Active.png

The agent included in the SAM 6.2 beta allows you to monitor servers hosted by cloud based services such as Amazon EC2, Rackspace, Microsoft Azure, or virtually any other Infrastructure as a Service (IaaS).


Agents installed on Windows servers hosted in the cloud are then monitored by Orion no differently than any other server in your environment. Each agent can be configured independently to operate in the mode that best suits your needs. For instance, you may want to use Server Initiated mode for servers hosted on Amazon EC2 because they all have publicly routable IP addresses. Conversely, you may want to use Agent Initiated mode for servers you're hosting in Azure because these servers may be hidden behind a NAT.

Each agent can also be configured to communicate with a specific Orion server or additional poller for load distribution.

Once deployed, the agent eliminates the issues associated with the WMI and SNMP protocols outlined earlier. All communication between the Orion server and the agent occur over a single fixed port. This communication is fully encrypted using 2048 bit TLS encryption. The agent protocol not only supports NAT traversal, but also supports passing through proxy servers that require authentication. The protocol the agent uses has been designed from the ground up to be extremely efficient and operate in low bandwidth, high latency environments. This makes it ideal for monitoring servers located in the cloud.

Finally, the agent is far more secure than either WMI or SNMP simply because there are no listening ports at the endpoint when using the Agent Initiated mode. This means there is zero attack footprint exposed by the Agent on the monitored endpoint that could be leveraged and exploited remotely by hackers or cyber criminals. Both SNMP and WMI expose listening ports on the host where they are running, making the agent a much more attractive option for monitoring servers running in the cloud.

You can't keep a good agent down

Agent Connecivity Failure.png

Unlike traditional agentless monitoring techniques, the Agent included in the SAM 6.2 beta is resilient to failure. In the unlikely event the Orion Server or Additional Poller were to go down for any reason, agentless monitoring of any hosts or applications monitored by that poller stops until that server is brought back online. This leaves gaps in performance charts and availability reports. This is also true for other types of failures that can occur anywhere in between the poller and what's being monitored, such as network equipment issues, WAN circuit problems, or VPN tunnel hiccups.

The agent, on the other hand, operates independent of the poller it's associated with and continues monitoring the server and its applications, regardless of whether or not it can communicate with the poller. Once connectivity to the poller is restored, the agent then forwards the results of its monitoring during the outage to the poller for processing, All gaps in the data will be filled with the data collected by the agent that would have ordinarily been lost if the host were being monitored without an agent.

These were just a few additional scenarios where you might find using an agent beneficial in your environment. As previously stated, the new agent is completely optional and intended to address specific needs where agentless monitoring of Windows hosts is either difficult, or simply not possible. As my final example demonstrated, there are other advantages the agent can provide to complement your agentless monitoring architecture. I will outline more examples in a follow-up posting, as well as provide a walkthrough of some of the agent deployment methods that are available in the beta.

The SAM 6.2 beta is not yet available, but will be very soon. If you would like to sign-up to participate in the beta, you can do so by completing a short survey. You need only be an existing SAM customer under active maintenance. Once available, you will be notified via email with a download link to the SAM 6.2 beta.

7 Comments
Level 14

Killer use case.  Bridging the gap between private and public cloud is going to be critical, especially when public cloud is run as an autonomous environment with limited connectivity to an enterprise network.

I know you said that NPM would not provide an agent option any time soon, but could we suggest that it does?!? (hint, hint)

Product Manager
Product Manager

network cloud infrastructure is seldom if ever monitorable via SNMP, so I'm not really sure where you're going with an "NPM Agent". It's no as though I can install and agent on a Switch or Router. It sounds like what you might be asking for is an Additional Poller. These can already today be installed at remote locations.

Level 14

I was thinking for an NPM agent for servers only.  (Unless of course your Windows server is a router --- do people still do that?!?)  As for an additional polling engine, I agree, but at $18,000 that is way out of reach for small business customers.  Even amortized over 3 years that is still $500 a month.  What I was thinking was a cheaper additional polling engine option (say 50 or 100 elements) rather than the SLX license.

When I worked for an MSP I had plenty of discussions with Solarwinds product managers about this gap for MSPs.  It hasn't been resolved to date.  I don't work for an MSP anymore so it isn't a pressing matter, but it would be nice to have a way to relay monitoring from an small site to a central server at a cost point that was actually sellable.  Going to some sort of agent model, or an agent that could relay SNMP queries (I know, I'm stretching), is a killer feature.

After all of that the sum message is this, the agent model for SAM is awesome -- especially since we have the option to choose.  Well done, well done.

MVP
MVP

Adding the agent is a great step forward - can't wait to have that option and will certainly be able to leverage that!

There is still a need for a "Lite" Additional Poller to really round out the none-local monitoring.

Our use case is that we have a bunch of small branch offices with a few switches and a server or two - but the cost of an additional poller is prohibitive for four or five devices.

The agent fixes the Windows server, but leaves the linux servers and network devices out - but we have to start somewhere and here is good start

Level 14

I think our voices have been heard.  https://thwack.solarwinds.com/ideas/3061

MVP
MVP

that's funny - I commented on that one as well but forgot about it

Level 17

Using the holiday slowness to set up this beta.  So far I like what I'm seeing with the AppStack and AppInsight for IIS.  I'm hoping to incorporate the new SRM and NPM betas into the server soon.  The additions look like they are going to assist a lot with our groups looking into overall issues from a single point.