Agent Configuration

Agent is an executable software that resides on a target machine and periodically updates SapphireIMS server with data collected from various end nodes or machines. In the case of an agent-less setup, SapphireIMS server has to connect to the nodes remotely for information to be updated in the database.

SapphireIMS server is the sole trigger point for all activities to manage your network resources. In case the target node is not reachable (in case the user is outside the corporate network or the remote machine is residing on a network that is different from that of the server or the port is not open for communication) from the server, then you would not be able to manage the target node. But if an agent is present on the target node, all routine tasks that do not require a trigger from the server can be configured to run on the agent node without any intervention from the server. However, only when the target node is able to communicate to the server, it would be able to push the collected data to the server.

Agent less monitoring needs certain ports to be open and services to be running. For example, in case of SSH data collection type, port 22 (default port) has to be open for communication and SSH service has to be running in the end node. However organizational security policies may prohibit opening of such ports. In such situations, a recommended solution is to implement SapphireIMS agent architecture

Some operations like software metering, software blacklisting, antivirus data collection and policy analyzer support are only possible using SapphireIMS agents.

The agent configuration module allows support for dynamic agent configuration change on the server for the following:

1. Primary/Secondary IP

2. Primary/Secondary port

3. Primary and secondary https status

4. Proxy IP/Port

5. Proxy username / password

6. Master Agent port

7. All the agent timers

8. Individual Agent based timers

9. Providing a single check-in interval for all the agent communication for e.g. job check, inventory check etc

Note: In order to use agent based monitoring, a pre-requisite is the installation of the SapphireIMS Message Queue Plugin. Refer to the SapphireIMS Message Queue Plugin document for more information on downloading and installing the plug-in.

Master Agents can use HTTP/HTTPS protocol for file download. Using HTTP/HTTPS, master agents can be exposed to the internet to allow roaming assets to connect to the master. There is also a provision for fall back mechanism where if the master agent is not reachable, then slave agents can directly download files from the central SapphireIMS server.

Configuring HTTP/HTTPS based file transfer requires installation of a web server (Jboss) and the SapphireIMS file transfer service on the master agent system. You can contact SapphireIMS support for documentation related to configuring the required service.

Create Agent Configuration Profile

1. Click the 'Settings' tab. In the 'Asset and Inventory Management' section, click 'Agent Configuration'

Note: A Default Profile is provided which contains default agent configuration settings, i.e. default ports. You can edit this profile or add another profile if you want to provide a different set of settings for a different set of agents.

2. Click 'Add'

Serial No	Field Name	Description
1	Profile Name	Enter the agent configuration profile name
2	Description	Enter a brief description of the agent configuration profile
Timer Settings
3	Agent Discovery Time	Frequency at which discovery data (like IP address) is collected and compared against what is previously collected and changes sent to the server
4	Download Job Timeout	The timeout for the File Download Jobs from the server to the agent system. At the end of the defined timeout, the download job is aborted.
5	Check-in interval	The frequency at which the agent reports to the server.
6	Connection Timeout	The timeout for all communication attempts from the agent to the server.
7	Event Log Upload Interval	The frequency at which the agent uploads collected Event Logs to the server.
8	Performance Monitoring Data Upload Interval	The frequency at which the agent uploads the collected Performance Monitoring Data to the server.
Security Settings
9	Uninstallation Password	The password to uninstall the agent application
10	Agent FTP Port	Agent FTP Port
11	Agent Menu Settings	The following settings can be done for the Agent: - Enable or disable the 'Display Agent Tray Icon' - Enable or disable the menu option 'About' - Enable or disable the menu option 'Exit' - Enable or disable the menu option 'Asset Tag' - Enable or disable the menu option 'Routine Task' - Enable or disable the menu option 'Server Web Portal' - Enable or disable the menu option 'Agent Service Start/Stop'
Download Settings
12	File Download Bandwidth	The bandwidth usage limit for the agent to download files from the server. If you select 'Limit' option then enter the bandwidth limit.
13	File Download Retry Count	The number of times for the agent to retry file download, if download fails.
14	File Download retry for Slave Agent	The number of times for the slave agent to retry file download from the master agent, if download fails.
15	File Download retry for vendor site	The number of times for the slave agent to retry file download from the vendor site, if download fails. This is applicable when the download is happening directly from the software vendor.
16	File Download location for WMI	The location where the downloaded files have to be stored on the agent machine. If you select 'User Defined', you need to provide the path. The path can include system defined variables (e.g. %SYSTEMDRIVE%)
17	Master or Standalone Agent File download order	Select the order of the master or standalone systems for download. Note that the SapphireIMS server option is mandatory.
18	Slave Agent File download order	Select the order of Master Agents from which the slave should download. Note that the Master Agent is mandatory.
Other Settings
19	Antivirus Data Collection	Enable or disable collection of Antivirus Data
Communication Settings
20	Server Configuration	This option allows you to change the Server IP or Port or SSL Enable/Disable or proxy Enable settings. The existing server configuration is retained until the new configuration settings are applied by the agent.
21	Load Balancing Configuration	This option provides the primary and secondary server configuration for the agents. All agents communicate to the server using the primary server configuration; in case there is a communication failure using the primary server configuration, the agent then uses the secondary server configuration to communicate to the server.
22	Agent Server Migration	This option allows the server to be migrated to a different machine. Once the agent has mapped to the new server configuration, the agent uses the new configuration to communicate to the server. The existing server configuration is retained until the new settings are applied by the agent.
23	Primary and Secondary Servers	Enter the 'Server IP/ Host Name', 'Server Port', 'Proxy List' and check 'SSL' if enabled. Multiple proxies can be configured. Click on to add a new Proxy Server. A pop-up is displayed in which you need to enter the 'Profile Name', 'Proxy IP/Host Name', 'Proxy Port', 'Proxy User Name' and 'Proxy Password'.

Mapping Configuration

The 'Default Mapping Profile' maps all the agents to the default profile. But you can create a mapping configuration profile to map certain specific agents to a specific agent configuration profile.

1. Click the 'Settings' tab. In the 'Asset and Inventory Management' section, click 'Agent Configuration'. Click 'Mapping Configuration'

2. Click 'Add'

Select the agent configuration profile and the host profile (s). The host profiles contain the list of nodes which need to be mapped to the agent configuration profile.

Agent Global Settings

SapphireIMS performs a discovery of your entire network either by using agents or without using agents as the case may be.

Agents are intelligent, light weight executables that are usually deployed in the target Windows machines. The deployment of agents is possible from the active directory or from SapphireIMS server. Agents can also be manually installed. These installed agents are responsible for collecting inventory data and performance data from the designated nodes. They also perform various remote tasks like software installation, software un-installation and patch management. They also help in connecting to remote client machines.

The communication between agents and SapphireIMS server is through http/https protocol. Agent periodically polls SapphireIMS server in order to process the required scheduled tasks.

In a customer setup, where the count of agents is very high, typically above 25000, the communication network is bombarded with a lot of http/https hits to SapphireIMS server which brings down the performance of SapphireIMS server. Additionally, there will not be any real time response from agents due to the polling mechanism that is used. To address both scalability and response concerns in an agent setup, a real time signaling mechanism is required.

XMPP servers provide basic messaging and presence features. Integration of such XMPP servers with SapphireIMS can help to address the issues related to load and response in an agent setup.

In order to use XMPP, you need to download and install the SapphireIMS XMPP plug-in.

The main components of XMPP are:

1. XMPP server

2. XMPP client

For integration with SapphireIMS, Openfire is used as XMPP server and libjingle client is used as XMPP client. The following components are shipped as part of SapphireIMS:

Openfire 4.0.2
Libjingle 0.6.14

XMPP server can be installed on a machine different from SapphireIMS server. This screen allows you to define XMPP server settings for integration with SapphireIMS

Sr. No	Field Name	Description
1	Host name	Enter the host name of the XMPP server
2	Listening Port	Enter the listening port of the XMPP server. Default port is 5222
3	Management Port	Enter the management port of the XMPP server. Default port is 9090
4	Retry Count	Enter the maximum retry count which the agent uses to connect XMPP server in case of failure. Maximum is 5
5	Connection Timeout (Seconds)	Maximum connection timeout which the agent uses to connect to XMPP server in case of failure. Maximum: 3600 seconds
Repeater Settings
6	Enable Repeater for data collector	This configuration is used to connect agents through a repeater available in a remote system. By default, agents will connect with it's associated dedicated server along with configured VNC port detail from agent configuration profile
7	IP Address/Host name	IP Address/Host name of the repeater. Empty implies to consider the repeater host as agent's primary data collector server
8	Port	Listening port of the repeater