Professional Documents
Culture Documents
Review of Cloudamize Platform and CSAT
Review of Cloudamize Platform and CSAT
The Cloudamize Agentless Data Collector can be used to discover and assess physical
and virtual machines without installing software agents on each machine throughout
organization infrastructure. The collector is deployed on a physical Windows
server or Windows virtual machine, and can be used to discover and assess
both Windows and Linux machines. Each collector can, by default, be used to monitor
up to 500 machines, though this limit can be increased in the collector's settings, or
additional collectors can be installed on additional machines, to monitor larger
infrastructures.
The Cloudamize Agentless Data Collector uses SSH to discover and communicate with
Linux machines on the subnet, and WMI/RPC to discover and communicate with
Windows machines. The collector then sends the TLS v1.2 encrypted data to the
Cloudamize servers for processing. MFA (Multi-Factor Authentication) is not
supported for connections to Windows or Linux nodes from the Agentless Data
Collector.
Agent-Based VS Agentless
There are advantages and disadvantages to utilizing the Cloudamize Agentless Data Collector as
opposed to installing software agents throughout the infrastructure. One obvious advantage will
be in the case of high-security compliant infrastructures which are not permitted to install software
and communicate out to remote servers from each machine in the infrastructure. The Cloudamize
Agentless Data Collector can be installed on one machine in cases like this, and the entire
infrastructure being assessed will send that data to this one machine over WMI (Windows) and
SSH (Linux). All of this communication happens on the internal network and data will only leave
the network from the machine with the collector installed.
The table below highlights the feature comparison between agent-based and agentless data
collection.
Without having software agents installed on each machine, there are also
disadvantages in a few areas. The following table shows a set of metrics and the
impact that taking an agentless approach will have.
Metric Impact
Short-lived If a connection is short-lived, it is not captured and that may
connections result in missed inter-connectivity
Lower performance Monitoring window is at every 5 min rather than every 30
resolutions seconds. Possible to miss short-term peaks
Performance Agentless monitoring does not have performance controlling
Throttling mechanism on the monitored host
What is Cyber Security Assessment Tool, CSAT?
Additionally, CSAT uses a questionnaire to collect data about policies and other key
indicators. The collected data can be analyzed on the customer’s machine and will be
great input to making informed decisions on new security initiatives etc. The CSAT is
using agents which delete themselves following the endpoint scan, hence, the effort
required from the internal IT department is kept to a minimum.
1. If the Agency will in the near or far future migrate to using cloud services, then it will be a good
idea to adapt the use of cloudamize platform. However, cloudamize agent is recommended due
to it numerous merits over the agentless platform.
2. The CSAT can be a very useful and an easy tool that can assist the Agency in her quest to analyzing
and mitigating cyber security threat which can help in making and taking informed decisions on
network resource usage etc.