Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Agentless security explained

InfoSecurity Europe : 17 April, 2009  (Special Report)
Elizabeth Ireland of nCircle explains how centralised administration enables agentless technologies
See our events guide listing for more details

The debates rage on. Creationism vs evolution. Conservative vs liberal. Chocolate ice cream vs vanilla. Agentless vs agent-based security and configuration auditing systems. Well, maybe the last one hasn't reached a level of zealous fervor yet, but it's many an IT professional who has dug in his heels to staunchly defend agent-based technologies or to tout the benefits of next generation agentless systems.

In the end though, agentless systems are likely to be victorious as the preferred means of network security and configuration auditing for several reasons:

* significantly faster to implement
* cost less to own and operate
* provide coverage of devices that cannot support an agent
* scale more easily to cover large numbers of assets
* support heterogeneous assets in distributed or centralized locations

These are clearly compelling reasons, especially in a world where the risk to an organization through unauthorized configuration changes, done either internally or externally, can be significant. Money, resources and time are always scarce, and IT environments get more expansive and harder to control and audit every day.

In environments where security and compliance auditing systems must scale to large numbers of users or implemented in highly distributed networks, agentless solutions are fast becoming the preferred choice. Why? Because of the widespread adoption of centralized administration and authentication technologies.

Active Directory for Windows was introduced in 2000 and today, some form of directory-based authentication exists for every major operating system. Centralized administration is the key enabler of agentless systems and is driving their ever-increasing popularity.

Centralized authentication systems provide single sign on (SSO), allowing users to authenticate themselves across a variety of applications, systems and services with one set of credentials. Centralized administration relies on one directory and eliminates the need for administrators to create and manage accounts for every device on the network, something that would be very difficult to manage across hundreds or thousands of devices.

Agentless systems take advantage of centralized authentication to scale to large numbers of devices with minimal administrative burden. Without centralized administration, every computer needs to have its own account of authorized users. To perform a scan under that scenario, an agentless system would need unique credentials for every device on the network. The maintenance load for administrators would be similar to that of agent-based software, eliminating one of the key benefits of agentless technologies.

Because they don't require software to be installed on every device, agentless technologies are far easier and faster to roll out and manage over large numbers of systems. The 'time to value' for agentless technologies is typically measured in hours, rather than days or weeks. An IT security professional can bring an agentless system online in as few as three hours, without having to seek permission from other departments. Agents typically can only be deployed at the rate of 10-20 per day, after permission and access to the target system is granted. Agents may also be required to run with root authority, taking control out of the hands of the system administrators.

Agentless systems are not invasive, and they are easier to maintain over the long term since updates only affect a handful of servers. From a network control perspective, agentless systems can solve critical IT problems without creating turf battles - IT security staff can implement and maintain them with or without the cooperation of other departments or the need to install proprietary software on equipment owned by others, such as business partners.

Agentless systems can detect and monitor all devices on the network, such as routers, switches, firewalls and other devices that cannot support agents but still can become vulnerable with configuration changes. And very critically, the only way to find rogue systems is using an agentless solution. If they're rogue, then by definition they do not have agents installed. Agentless systems can't be disabled by users like agent-based systems. And when it comes to unknown devices on the network, what you don't know can definitely hurt you and can certainly impact your audit results.

Utilizing centralized administration and authentication, agentless systems can log into target systems across an entire network using single sign on credentials, just as a user or administrator would. Once in, they can check security settings, find out what software is installed and what updates are needed, while detecting any changes or trouble spots that would indicate a violation of security policy or a vulnerability.

Agentless systems are able to consolidate data from all network devices into reports that can alert systems administrators to maintenance needs or breaches—all without the need for any software installed on assets and without the need for administrators to manage authorization for hundreds or thousands of transactions.

Given the cost savings and significant reduction in maintenance headaches, most IT and security professionals would have probably favored agentless technologies all along had centralized administration been available, but because there was no seamless way to manage credentialing, agent-based systems seemed like the only viable alternative.

Agent-based technologies remain widely used and may still be an acceptable solution for some situations, but thanks to centralized administration, they're not the only game in town. A whole new way of streamlining administration and authentication has opened the door for agentless technologies that give IT and security departments broad new levels of flexibility, provide audit capability on devices that cannot support agents, help control costs, and significantly reduce maintenance burdens across an ever-expanding pool of users, devices and distributed environments.

nCircle is exhibiting at Infosecurity Europe 2009, the No. 1 industry event in Europe held on 28th - 30th April in its new venue Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise.

Elizabeth Ireland is Vice President, Marketing at nCircle. Elizabeth's background includes finance, computer system auditing, consulting and marketing.
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo