I’ve a question regarding the Windows Agent behaviour. I’d like to improve my understanding of how the agent will react when disconnected from a corporate network, and what if any security concerns there may be. Please note I’m not saying there are, this is due diligence before we deploy to mobile workers.
The scenario here, is pretty simple. Deploy the agent to the mobile workforce (laptop), to monitor typical stuff, CPU, RAM, HDD and key services. What happens when such a laptop is disconnected from the corp LAN. How often will the agent attempt a connection to the endpoint? Could there be an inferred risk from repeat failed connections. How long can the agent be disconnected.
I will be testing this from Wireshark, but was wondering if a dev could comment having knowledge of the source code.