When Should I Use Agentless and Agent-based Solutions?

Shavlik Protect is, at its roots, an agentless solution. With a few simple configuration steps, however, Shavlik Protect can also provide agent-based services. This section explains when to implement each solution.

For Patch Management and Asset Management Tasks

Start with the Agentless Features of Shavlik Protect

For large enterprises containing thousands of machines, the ease of use provided by the agentless technology of Shavlik Protect can be used to address the patch management and asset management needs of the vast majority of the machines in your enterprise.  Shavlik Protect can be used to discover which target machines are missing patches and automatically deploy the missing patches. It can also scan your target machines and report on the software, hardware, and virtual assets contained on the machines. Using Shavlik Protect you can scan and fix, from one central location, the vast majority of the machines in your network within minutes.

Polish Things Off with the Agent-based Features of Shavlik Protect

Most large enterprises have machines in hard-to-reach places: machines in remote locations, laptops that roam to different locations or that park and dock outside the office, machines in protected zones (DMZs), etc.  For these devices you can use the agent-based features provided by Shavlik Protect, which are implemented using Shavlik Protect Agent. With Shavlik Protect Agent you can be sure that these machines are scanned regularly, even if they are disconnected from your enterprise network.

Note: There is one exception; agents can be used to perform software asset scans and hardware asset scans, but they cannot perform virtual asset scans.

For Threat Management Tasks

The threat management capabilities within Shavlik Protect must be implemented using agents. With the threat management capabilities you can configure an agent to scan for and remediate threats such as spyware, worms, viruses, trojans, rootkits, and more. You can also configure it to provide real-time monitoring and protection on your target machine against known and unknown threats.

For Power Management Tasks

A number of the power management tasks apply only to agentless situations. This includes the Shutdown now, Restart now, and Wake-On-LAN tasks that are initiated from Machne View or Scan View. These tasks require the target machines to be accessible from the console and are therefore not implemented within an agent policy.

Power management tasks that use a power state template, however, can be implemented in either an agentless or agent-based manner. You may consider using an agent-based power state task under the following conditions:

An agentless power state task will push a small number of files from the console to each target machine -- if a large number of machines are involved it may affect the performance of your network.