Understand how SAM uses Orion agents
An Orion agent is software that provides a communication channel between the Orion server and a monitored computer. Agents are used as an alternative to WMI or SNMP to provide information about selected devices and applications.
SAM uses Orion agents to gather information for component monitors (and their parent application monitors) from target servers across your environment. Agents are also used to monitor servers hosted by cloud-based services such as Amazon EC2, Rackspace, Microsoft Azure, and other Infrastructure as a Service (IaaS) products.
Using the Orion agent instead of traditional polling methods can provide many advantages, including the ability to:
- Poll hosts and applications behind firewall NAT or proxies.
- Perform secure, encrypted polling over a single port.
- Poll nodes across:
- Multiple discrete networks with overlapping IP addresses.
- Low bandwidth, high latency connections.
- Domains where no domain trusts are established.
- Leverage full, end-to-end encryption between the monitored host and the Main Polling Engine, which is usually the Orion server.
After agent deployment, all communication between the Orion server and the agent occur over a fixed port. The agent protocol supports Network Address Translation (NAT) traversal and passing through proxy servers that require authentication.
If an agent is used, all SAM application data is collected by the agent. You can override this behavior at both the template and application monitor level to use another polling method. For example, if a SAM template includes a User Experience Monitor but you do not want to measure response time locally from the server where the application is installed, you can switch to Agentless polling. To learn more, see Decide between agent vs. agentless polling methods in the SolarWinds Success Center.
Agent communication modes
You can configure agent communication modes that determine how the agent and the Orion server communicate. This is frequently influenced by where the device you want to monitor is on your network.
- Server initiated communication: Any communication between the Orion server or additional polling engines and the agent is initiated by the Orion server itself. To allow communication from the Orion server, the firewall service running on the monitored device or the network firewall must allow incoming connections through port 17790. If the agent is configured to use another port, update the firewall rules to allow incoming connections from the other port.
This communication method is also known as a passive agent.
- Agent initiated communication: Any communication between the Orion server or additional polling engines and the agent service is initiated by the agent service itself. Update your firewall rules to allow outgoing connections through port 17778 to enable communication between the agent and the Orion server. Open port 17791 if the agent is on a Windows 2008 R2 server.
This communication method is also known as an active agent. In active mode, there are no listening ports on the agent.