[osiris-devel] Agent Architecture question
mailing lists
thelists at gmail.com
Tue Nov 23 17:25:04 EST 2004
This question pertains to a particular architectural issues with the
scan agent component of Osiris. The knowledge I have was gathered
solely from the online documentation and through perusal of the
mailing lists.
It appears that the scan agent component listens on a TCP port (2265)
for incoming connections from the management console. Presumably all
conversations between these pieces take place within this connection
(encrypted). Assuming this is all correct;
What was the reasoning for having an open port on all agent machines
versus one open port on the management system? Admittedly, it is
simple enough to firewall off this port with little to no consequence
to other activities, but I'm not fond of having any more open ports on
my systems.
Could the communication not have been done with a client push / pull
to the management console instead? Is it possible to turn off the
listening feature of the agent component and force a push within the
current framework? I would tend to agree that letting the management
piece initiate the conversations lends itself to a more real-time
reporting environment, but what are the trade offs?
That said, I'm looking forward to giving Osiris a whirl. It's good to
see solutions out there that are open.
More information about the osiris-devel
mailing list