# Why another Agent? Qpoint operates directly on your Linux application servers through our Qtap eBPF sensor. This host-based approach is fundamental to providing the deep visibility and process-level traffic attribution that makes Qpoint powerful. ## The Power of Being Local Operating directly on the host gives us several key advantages: * **Process Attribution**: We can see exactly which processes are making external calls * **Pre-Encryption Visibility**: Access to traffic before TLS encryption occurs * **Container and Pod Context**: Direct access to container runtime information * **Efficient Operation**: Minimal overhead by operating at the source * **No Network Changes**: No need to redirect traffic or modify network architecture ## Technical Foundation ### eBPF Technology At the heart of Qtap is eBPF (Extended Berkeley Packet Filter), a powerful Linux kernel technology that allows us to: * Execute programs safely within kernel space * Attach to specific kernel functions and events * Access network events and socket operations * Collect detailed process and connection information ### Kernel Integration Points Qtap taps into several key areas of the Linux kernel: 1. **Network Stack** * Socket operations * TCP/IP protocol events 2. **Process Context** * Process creation and execution * Container runtime details 3. **TLS/SSL Libraries** * OpenSSL function calls * GoTLS operations * NodeTLS interactions * Java 11 - 21 ## Linux-Centric Design Qtap is specifically designed for Linux environments because: * eBPF is a Linux kernel technology * Most cloud-native workloads run on Linux * Linux provides rich kernel instrumentation capabilities * Strong container and orchestration support ## Operating Modes Qtap can operate in two primary modes: 1. **Native TLS Introspection** * Direct integration with SSL/TLS libraries * Works with OpenSSL, GoTLS, and NodeTLS * No configuration changes needed 2. **Egress Controller** * Support for other runtimes * Simple environment variable configuration * Local certificate injection --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.qpoint.io/readme/why-another-agent.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.