Agents Overview

❗️

Agent End of Life

As of April 30th, 2022, Liongard terminated support for Agents older than 3.0.2. Please update your Agents to ensure your Inspectors continue to function properly.

Agents Overview

What is a Liongard Agent?

Liongard gathers information about your Environments and customer networks via Agents which are installed in the cloud and on customer networks.

Agents run Inspectors, which are the individual queriers that gather information about various systems (the Active Directory Inspector, the SonicWall Inspector, etc.).

📘

Key Concept

Inspectors run on Agents.

Agent Types

Liongard comes with a managed On-Demand Agent. This is baked into your Liongard instance, so its setup and maintenance are completely managed by us. This Agent is used to run inspections that do not require any privileged access to your customers' networks.

On-Premises Agents are installed on your customers' network Environments. These Agents are installed on Windows servers "inside the firewall" (preferably on a Domain Controller) to perform inspections that do require access to servers and services that are not available from the public internet.

For each Environment you manage, only ONE On-premises Agent is required per network; thus, an Agent will be required per VLAN in order to communicate directly with the system it needs to inspect.

Typically, Agents are installed on the Domain Controller. From there, the Agent will auto-discover the Windows Server Inspector, and once activated, the Windows Server Inspector will auto-discover Active Directory Inspectors. The Agent will also automatically discover a Network Discovery Inspector. As you deploy additional Inspectors for on-premises systems, you will select this On-premises Agent, for the Environment, to perform the inspections.

For Environments that do not have an on-premises server, and therefore no way to deploy an On-Premises Agent to inspect edge devices such as Firewalls, you should deploy a Self-Hosted Agent.

Like our On-Demand Agents, Self-Hosted Agents can handle inspections across multiple Liongard Environments and are hosted from your own infrastructure, without the need to allow cloud IP addresses through firewalls.

Deploying a Self-Hosted Agent follows the same process as deploying an On-Premises Agent. Complete instructions on how to deploy Agents can be found on our Agent Management documentation.

Once you have deployed a single Self-Hosted Agent, it can be used for all Environments that do not have the ability to deploy an On-Premises Agent.

Finally, if deploying our Windows Workstation Inspector, you must deploy an Endpoint Agent. Installing an Endpoint Agent on a Windows Workstation will automatically activate a Windows Workstation Inspector for the workstation.

Agent Type

Use Case

On-Demand

Cloud Inspectors

On-Premises

Behind the firewall

Self-Hosted

Serverless Environments

Privileged Network - Hosted in the MSP's data-center - Can access multiple Environments to inspect edge devices

Endpoint

Windows Workstation Inspector

The Admin > Agents screen separates Agents into Self-Managed (including Self-Hosted Agents, On-Premises Agents, and Endpoint Agents) and Liongard-Managed Agents (including On-Demand Agents). Ensure you are selecting the appropriate tab when looking for deployed Agents.

Local vs. Remote Inspections

Remember: Every Inspector runs on an Agent.

When you deploy an On-Premises Agent, it can run inspection jobs aimed at the machine that it's actually installed on (a "local inspection") or aimed at other servers/network devices on the same local network (a "remote inspection".)

This is good to understand for a couple of reasons:

  • You don't need to install an Agent on every Windows server in your customer Environments. One (or in certain cases, a couple) of Agents running remote inspections against other servers and devices will do.
  • Agents need appropriate permissions on the network to inspect target systems, sometimes via credentials put into the Liongard web application and sometimes via the user account executing the Liongard Agent service.

See the Permissions & Authentication page for a deeper dive into permissions.

Local Inspections

Local inspections occur when an Inspector is aimed at the server the Agent is installed. For example, an Agent installed on an Active Directory Domain Controller and running an Active Directory inspection against that domain is a "local inspection."

Remote Inspections

Remote inspections occur when an Inspector is aimed at a server or device other than where the Agent is installed. In the Active Directory scenario above, if the Agent is installed on a member server in the domain and using the local network to inspect the domain controller, that's a "remote inspection".

Remote inspections can happen via SSH connection, API connection, or Remote PowerShell connections. Communication between the Agent server and the target device must be unrestricted based on the connection type necessary for the inspection to complete.

Windows vs. Linux Agent

There are two versions of the Liongard Agent, one that runs on Windows and another that runs on Linux.

The Linux Agent functions in the same manner as the Windows Agent, but is designed for Linux operating systems.

Rolling out On-Premises, Self-Hosted, or Endpoint Agents

You can deploy Windows On-Premises Agents, Self-Hosted Agents, and Endpoint Agents via Liongard's MSI Installer, Command line or PowerShell script using MSIEXEC, or via an RMM Script.

You can deploy a Linux On-Premises Agent via our Linux Agent installation process.

❗️

Traffic to your Network/Websites

Please note by enabling inspections, you will see new traffic from Agent machines depending on the inspection type. In order to verify traffic you see in your network, or against an external facing entity, is coming from Liongard, check the IP of a specific Agent via the Admin > Agents screen on your Liongard dashboard.

More details about finding the IP address of a specific Agent in Liongard can be found here.


Did this page help you?