Best Agentless Discovery Tools for ITAM

IT asset management systems and also system performance and security monitors need to know exactly what devices are connected to a network. The network is the territory that needs to be monitored and the asset discovery system is like a population count. You can’t monitor a system if you don’t know what equipment is involved.

Here is our list of the best Agentless Discovery tools for IT Asset Management:

  1. FirstWave Open-AudIT This IT asset discovery package scans a network and catalogs all of the devices connected to it. It then scans each endpoint and generates a software inventory. Runs on Windows Server and Linux.
  2. ManageEngine ServiceDesk Plus This on-premises package uses SNMP to track the presence of all equipment on a network. It is then able to support a Service Desk team with functions that follow ITIL best practices. Runs on Windows Server and Linux.
  3. Paessler PRTG A collection of monitoring tools that starts its work by discovering all devices connected to the network and offers network, server, and application monitoring. Installs on Windows Server.
  4. Nagios XI This package of monitoring tools provides a unified console for a large library of network, server, and application monitors. Runs on Linux.
  5. Zabbix This is a free system monitoring package with an attractive and easy-to-read console and an automated discovery process. Runs on Linux.

You can read more about each of these options in the following sections.

There are several ways to record what devices you have connected to a network – an automated digital system is preferable to a manual pen-and-paper strategy. Fortunately, there are several methods that you can use to discover all of the devices on your network that is already installed and available.

Next, you need to decide whether to opt for agent-based or agentless discovery methods.

Agent-based discovery

An “agent” is a useful data collection and reporting program. For example, cloud-based network monitoring systems install an agent on one of the servers connected to your network to gather information. However, systems that rely on agents resident on endpoints aren’t really practical for discovery because you would need to already know of each device’s instance to install an agent on it.

Agentless discovery

Your network is created by several services. These include address allocation systems, such as the Dynamic Host Configuration Protocol (DHCP), the Domain Name Service (DNS), and the Address Resolution Protocol (ARP). Those systems keep a live report on the addresses of each device on your network. If a device hasn’t been allocated an address, technically, it isn’t on your network.

The easiest agentless tool that you can use to discover all devices on your network is to query one of those systems. Open a Command Prompt/Terminal window and type in:

arp -a

The results of this query will bring a list of all devices, showing the IP address and MAC address of each.

The ARP report doesn’t give you any details on each device. However, it gives you a starting point and it is an example of how easy it is to discover the devices connected to a network without the need of an agent.

Is it agent-based or agentless?

Working out whether a particular discovery system is agent-based or agentless is not so simple. A big issue is what constitutes an agent. Cloud-based systems will advertise agentless network discovery and monitoring, but how do they do that?

Cloud-based monitoring systems and IT asset management tools can, in theory, be agentless by connecting to a network through a remote terminal session and then performing queries, such as the ARP command explained above. However, that would be a cumbersome process because the connection can’t be kept open forever and the monitor would have to run a lot of different utilities through that remote terminal window.

It is just a lot simpler to use one connection to a server on the monitored network to download an agent and let that gather data and upload it. The producers of cloud-based IT asset management services stretch the definition of what an agentless system is by saying that their data collection agent is a monitoring agent that performs agentless discovery locally. So, yes, there is an agent involved, but the system is still agentless.

Even locally-installed network monitors use agents for device discovery. Here again, the sales copy will stretch the definition of “agentless.” A system that collects IT asset data without an agent is using a system of agents that was installed by someone else. By the strict definition of no agent being involved in the discovery process, there is no such thing as an agentless discovery service.

The Simple Network Management Protocol

The mechanism that gives the producers of IT asset management systems the ability to label their systems as “agentless” is called the Simple Network Management Protocol (SNMP). This uses a device agent that is installed on every network device. Endpoints also have an SNMP Agent – for example, it is included in all versions of the Windows operating system.

The SNMP system requires a central Manager that communicates with device agents. The manufacturers of network devices load an SNMP Agent on each. All that’s missing is the SNMP Manager. Network monitoring tools are, effectively, SNMP Managers.

The SNMP Manager sends out a request for reports as a broadcast. These requests are not addressed to any specific devices and so all devices pick them up and the SNMP Agent on each responds. The SNMP response is a list of statuses and also details about the device. So, once all of these reports return to the SNMP Manager, those details can easily be compiled into an IT asset inventory. Thus, an automated discovery process has been performed.

The SNMP response/request cycle repeats continuously, so the IT asset inventory is always kept up to date.

The best agentless discovery tools

When looking for agentless discovery tools for IT asset management, we first had to decide which definition of “agentless” to run with. We chose to follow the definition that regards the SNMP Agent as part of an “agentless” system.

What should you look for in an agentless discovery tool for IT asset management?  

We reviewed the market for agentless discovery systems and analyzed the tools based on the following criteria:

  • A central monitor that acts as an SNMP Manager
  • A tool that can compile the data returned in SNMP responses
  • A system that uses no agents other than the SNMP Agents
  • A tool that will spot changes in the network infrastructure and update the inventory
  • A service that facilitates the timing of asset retirement
  • A free trial or a demo package that allows a no-obligation assessment
  • Good value for money from a tool that offers efficient service at a reasonable price

With these criteria in mind, we looked for good value SNMP-based monitoring systems that will automatically compile an inventory to facilitate IT asset management.

1. FirstWave Open-AudIT

FirstWave Open-AudIT Racks

FirstWave Open-AudIT is an IT asset management and auditing system that implements autodiscovery to assemble and maintain hardware and software inventories. The discovery service uses SNMP processes to acquire information on all devices connected to the network and writes that information into a database.

Key Features:

  • Hardware inventory
  • Software inventory
  • Writes to a database
  • Constantly re-queries
  • Software license management

Apart from the discovery system, the Open-AudIT package includes a configuration manager and a network mapper. The configuration manager is a security service because it takes a snapshot of the settings of each device and rechecks all equipment periodically. The snapshot can also be used to standardize the settings of all similar devices.

The network mapper offers a range of formats that include a plot on a real-world map and a rack visualization.

Pros:

  • Includes a network topology mapper
  • Offers a range of layout views
  • On-premises or cloud (with an agent)
  • Configuration management
  • Network administration automation

Cons:

  • Full features only available in the most expensive edition

The Open-AudIT software runs on Windows Server and Linux. There is also a SaaS version available. The on-premises system is offered for free as a Community Edition, which includes asset discovery but not all of the features of the paid packages. The other two options are Professional and Enterprise. You can use the Professional Edition free forever to monitor up to 20 devices. You can also get a 30-day free trial of the full Professional Edition.

2. ManageEngine ServiceDesk Plus

ManageEngine ServiceDesk Plus

ManageEngine ServiceDesk Plus is an ITIL-based asset management system and it bases its functions on an asset inventory autodiscovery service. There are three Editions to the ServiceDesk Plus system. The first of these, Standard, is a Help Desk system. You need to go up to the next level, which is the Professional package to get the IT asset discovery service.

Key Features:

  • Three plan levels
  • Automated inventories
  • SLA tracking

The device tracking system discovers endpoints, including desktops and servers, and also network devices, such as switches and routers. The tool also provides a software inventory. So, the result of the discovery process is a hardware inventory and a software inventory, both of which are continuously updated.

The Professional package also includes a Help Desk system, SLA tracking,  and a purchase management module.

Pros:

  • Constantly updated hardware and software inventories
  • Help Desk system
  • ITIL-based asset management

Cons:

  • No network topology mapping

The on-premises software for ServiceDesk Plus installs on Windows Server and Linux. The system is also available as a cloud service. You can assess ManageEngine ServiceDesk Plus with a 30-day free trial.

3. Paessler PRTG

Paessler PRTG Network Monitor dashboard

Paessler PRTG is a bundle of monitoring tools for networks, servers, and applications. Every customer is delivered the same software package but buys the right to activate a certain number of sensors in the service. If you only activate 100 sensors, you can use the system for free.

Key Features:

  • Choice of sensors
  • SNMP-based
  • Network topology mapping

The foundation of the monitoring system is the asset inventory, which is compiled through an SNMP-based autodiscovery mechanism. The tool also includes a network topology mapper and an asset dependency map. The package includes a lot of very useful tools, but you have to plan your requirements carefully to ensure that you only activate those systems that you need.

As SNMP cycles constantly, the asset inventory is automatically updated if a device is added, moved, or removed. Device agent notifications, called SNMP Trap messages are interpreted into alerts by the PRTG system.

Pros:

  • Alerts for performance problems
  • Constantly updated network inventory
  • Free option for small businesses

Cons:

  • Large software packages are delivered even to the users of a small number of sensors

Paessler PRTG runs on Windows Server and you can assess it with a 30-day free trial that includes all sensors activated.

4. Nagios XI

Nagios XI - Easy Network, Server Monitoring and Alerting

Nagios XI monitors networks, servers, and applications. There is a free version of this tool, which is called Nagios Core. Although Nagios Core is widely-respected and has been forked for many other system monitoring brands, it doesn’t include an interface. The Nagios system includes automated network discovery and a constantly maintained asset inventory.

Key Features:

  • Constantly updated asset inventory
  • Extensible with plugins
  • Stable and reliable

Nagios is remarkable for its extensions. These are called plug-ins and the community maintains a list of thousands of them that are available for free. Some of these tools add extra functions, including new monitoring screens, while others are mechanisms to link to third-party tools.

The code for Nagios XI is well maintained, making it a very stable system. Features in the package include a network topology mapper, which can be adapted by plug-ins to provide a variety of layout views. Nagios data can be channeled through to third-party tools such as Splunk for performance analysis and security monitoring.

Pros:

  • Highly respected and widely mimicked
  • Includes network topology mapping
  • Free version available

Cons:

  • Only written for Linux

The code for Nagios XI is written for Linux – specifically CentOS, RHEL, Ubuntu, and Debian distros. It is possible to run it on Windows over a VMWare or Hyper-V VM. Nagios XI is available for a 30-day free trial.

5. Zabbix

Zabbix monitoring dashboard

Zabbix is a great monitor for physical and virtual assets. It is open-source and completely free to use – there is no paid version. The producers of the system make an income by offering support and training packages. This tool uses SNMP for asset discovery and provides additional availability checks with Ping.

Key Features:

  • Automatic asset inventory
  • Virtualization documentation
  • Configuration security checks

This system will also map your virtual servers and their VMs. It has a status checking process that scans configurations of network devices and alerts if changes have occurred since the last sweep.

You can adapt the Zabbix system to perform detailed monitoring for specific makes and models of network devices by applying a template. These plug-ins add extra screens to the interface and they are available for free from the community marketplace.

The system includes an alerting mechanism if performance deteriorates and alerts can be forwarded as notifications by SMS, email, or messenger service.

Pros:

  • Performance alerts
  • Capacity planning and trend analysis
  • Free to use

Cons:

  • Not written for Windows

Zabbix runs on Linux: RHEL, SUSE, CentOS, Oracle Linux, Debian, Ubuntu, and Raspberry Pi. there is no version for Windows, but you could install it over a VM. You can download Zabbix for free.