Understand how SAM uses agents
An agent is software that provides a communication channel between the Orion server and a monitored computer. Agents are used as an alternative to WMI or SNMP to provide information about selected devices and applications.
SAM uses Orion agents to gather information for component monitors (and their parent application monitors) from target servers across your environment. Agents are also used to monitor servers hosted by cloud-based services such as Amazon EC2, Rackspace, Microsoft Azure, and other Infrastructure as a Service (IaaS).
These agents provide the following advantages:
- Polling hosts and applications behind firewall NAT or proxies.
- Polling nodes and applications across multiple discrete networks with overlapping IP addresses.
- Secure, encrypted polling over a single port.
- Support for low bandwidth, high latency connections.
- Polling nodes across domains where no domain trusts are established.
- Full, end-to-end encryption between the monitored host and the main polling engine (usually the Orion server).
After agent deployment, all communication between the Orion server and the agent occur over a fixed port. The agent protocol supports NAT traversal and passing through proxy servers that require authentication.
If an agent is used, all SAM application data is collected by the agent. You can override this behavior at both the application and template level to use another polling method. For example, if an application monitor template includes a User Experience Monitor but you do not want to measure response time locally from the server where the application is installed, you can switch the application to poll without using an agent.
Agent communication modes
You can configure agent communication modes that determine how the agent and the Orion server communicate. This is frequently influenced by where the device you want to monitor is on your network.
- Server initiated communication: Any communication between the Orion server or additional polling engines and the agent is initiated by the Orion server itself. To allow communication from the Orion server, the firewall service running on the monitored device or the network firewall must allow incoming connections through port 17790. If the agent is configured to use another port, update the firewall rules to allow incoming connections from the other port.
This communication method is also known as a passive agent.
- Agent initiated communication: Any communication between the Orion server or additional polling engines and the agent service is initiated by the agent service itself. Update your firewall rules to allow outgoing connections through port 17778 to enable communication between the agent and the Orion server. Open port 17791 if the agent is on a Windows 2008 R2 server.
This communication method is also known as an active agent. In active mode, there are no listening ports on the agent.