Systems Management Question

K1000 Agent v7.0 : Difference between AMP and KONEA?

01/17/2017 7575 views
In the K1000 Systems Management Appliance 7.0 Release Notes it says "[...] the AMP protocol and AMPAgent service are replaced with the Konea service and protocol."
Does anyone have further information about the differences of those protocols? It's described in 2 sentences, but I'd like to know some details, on how konea works differently than amp.
Also I have the v7.0 Agent installed on my computer, the "AMPWatchDog" Service is still active and I can see 2 running AMP Processes ("AMP Offline Scheduler" and "AMPWatchDog"). Additionally a Service and Process called "Konea" is running. I'm pretty sure the konea.exe process was allready there, when I had the old Agent (6.4.522) but I'm not 100% sure. But even if not, I'm confused, why 2 AMP Services are running even though I have the new Agent, because I thought it would be replaced with konea. 
Can anyone clear this up for me?

I have one additional question, regarding this topic:
The release notes state, the new agent is "sticky" to the first certificate it downloades and the agents would be orphaned, when the certificate changes.
I think this applies, when I e.g. replace the certificate in order to update it (which I have to do every 2 years). Does this mean, the Agents won't be able to connect to my k1000 after updating the certificat? If tha'ts the case, how do I establish the connection again? Do I have to deploy the Agent again, like I did, when I installed the k1000 and enrolled the agent for the first time (via GPO)? 

Here's the link to the referred release notes: 

Thanks for your answers!

3 Comments   [ + ] Show comments


  • I'm also interested in this. Since updating to agent 7.0.763 none of our clients are showing as online. If I look in the konea.log they all have the same error:
    2017-01-24.12:46:00Z|INFO |serverconn.go:280:Connect | Connecting |{"url":"https://<server name>:443"}
    2017-01-24.12:46:01Z|ERROR|serverconn.go:298:Connect | Could not Negotiate |{"err":"x509: certificate is valid for <server name>.com, www.<server name>.com, not konea"}
  • I have the same question about certificates. We have to renew our cert this year (luckily not until the later half) so it'd be great to know how to prepare.
  • In my prepping to move from 6.4.120822 to 7, we do see konea already including the usual AMP Agent/WatchDog.

    Hopefully my current self signed cert didn't already screw my future plans to get a trusted cert in place!

Community Chosen Answer

I too am interested in this inquiry.

We recently found our physical appliance (v6.4.x) showed presence of an ~v5.x exploit vulnerability and as a result, have spun up a VM and I am almost finished doing a completely new installation and setup.

We're now on server version 7 but still using agent 6.4. I have a script running on my physical box to update the client hostname in amp.conf so I get all my existing computers facing the new server but am concerned that when I upgrade the agent, I'm going to lose them.

Answered 01/17/2017 by: phillybits
Orange Senior Belt

All Answers

I just chatted with one Kevin from support and he confirmed that simply renewing your cert WILL NOT orphan agents: "That option is in the case that you change something on the K1000 (FQDN or IP). If the domain name or the IP is the same, it will not be any problem for that"
I mentioned that the release notes are confusing (the "IMPORTANT" note you quoted above) and he admitted that is misleading.

The main difference, it seems, between konea and ampagent is that konea communicates through a 'standard' port and amp used 52230. I don't know of other differences. You are correct that "konea.exe" has been part of the agent in previous versions. "Watchdog" was introduced in 6.3 to automatically restart the agent for common problems.
Answered 01/31/2017 by: JasonEgg
Red Belt

  • Any mention on why the two now three processes exist; I'm seeing them before going to 7 already (agent 6.4.522)?
    • "AMPagent" "AMPWatchdog" and "konea" have all been active processes since 6.0. It seems that all previous AMPAgent actions have been merged into konea
      • And as Christian1616 noted, the AMP's didn't go away in 7. So it begs the question of whether we need to uninstall/re-install agents to cleanup?
      • We saw a few instances where 6.4 didn't fully uninstall. It turned out the best solution was to uninstall 7, install 6.4, then let the server update the agent to 7 (using "update agents" in Settings > Provisioning)
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ