February 03, 2022

Agent-Based Backup or Agentless Backup: Which Backup Agent is Right for You?

By David Weiss
Cloud Backup

Agent-based backup or agentless backup? It’s an important decision for managed service providers (MSPs) to weigh, and determine which is the best fit for your clients.

Besides aiding in the central mission of data protection for business continuity and disaster recovery (BCDR), choosing between agent-based versus agentless backup can impact the bottom line. A physical server today typically hosts many virtual machines (VM), while the portability of VMs allows them to move easily within on-premises and cloud environments. That can make it expensive to buy and manage a unique backup agent for each different physical and virtual server (agent-based), versus using just one agent to manage and backup many VMs (agentless).

As we’ll see in more detail below, agent-based backup works by installing an individual piece of backup software (the agent) on each VM. In contrast, agentless backup doesn’t actually eliminate the agent from the picture — instead, it centralizes the backup capabilities, executing disk-to-disk backup from one administration point. This retains agent-based backups’ benefits, without the expense of installing an agent on each server.

There are specific circumstances that call for agent-based backups versus agentless backup, and as with all things computing each method has tradeoffs. Here’s the rundown between these two VM backup approaches.

What is Agent-Based Backup?

Agent-based backup products require the user to install a lightweight piece of software on each machine they want to protect. The agent software lives at the kernel level in a protected system, so it can easily detect block-level changes on the machine. Since agent-based backup doesn’t need to scan the entire file system to determine changes for incremental backups, it can be more efficient than agentless for physical machines.

A disadvantage of agent-based backups, however, is that they rely on local computing resources to perform the backup and send it on to the backup target. Because of this, the backup process can impact application performance if the protected server does not have the needed computing power to perform backups alongside production workloads. This isn’t usually an issue as long as the server has sufficient resources, but it is something to keep in mind.

When system admins are dealing with mixed environments with both physical and virtualized servers, agent-based backup is typically required for the physical servers. From there, they can choose between either non-image-based or image-based.

What is Non-Image-Based Backup?

This scenario applies agent-based backup systems to the recovery of files that have been lost, deleted, or corrupted. Non-image based backups are not capable of recovering overall systems, however they can execute extremely granular file recovery.

What is Image-Based Backup?

In this scenario, image-based backup systems take a snapshot of all of a server’s drives or volumes, which eliminates the need to reinstall the OS and restore files ad hoc to replicate the previous system. This makes for a fast full restore — often within minutes — without the risk of critical files going missing, which can happen with non-image-based backup that is only file-level.

Most image-based backup systems today provide granular file restoration benefits, the same as non-image-based systems do. In addition, image-based backups can create incremental backups, meaning that it saves only those portions of the server that have changed since the previous backup was created.

Incremental backup has helped image-based backup systems to emerge as the standard for physical server disaster recovery. This is because incremental backup offers a number of advantages over non-image-based including:

  • more recovery points
  • more economical
  • support for fast recovery time objectives (RTO)

What is Agentless Backup?

Agentless backup, as the name implies, does not require users to install agents on protected servers, which makes this method easier to deploy and monitor. This is particularly important in virtual environments that host many production machines. In this scenario, VMs can be spun up so easily that it’s common for them to go unprotected when using agent-based backup because that backup agent never gets installed. With agentless, this isn’t an issue, since the agent intelligence is centralized from a single source and can be deployed on a network across multiple environments.

Where agentless backup procedures really shine is VM infrastructure. A good agentless backup software uses the Changed Block Tracking (CBT) integrated with the Hypervisor (CBT identifies data blocks that have changed or are in use). You get more benefits using agentless backups with a virtual storage location that understands how to transmit data from the hypervisor to the data store, without using networking traffic. Therefore, you don’t have to be concerned with input/output operations per second (IOPS) on the local VM, or use network bandwidth that would be better used for actual production processes.

Is Agentless Backup Cheaper than Agent-Based Backup?

A benefit of agentless backups is that they can be less expensive than agent-based backups, because users do not need to pay licensing fees on a per-agent basis. Pricing models, of course, vary from vendor to vendor.

What Are the Benefits of Agentless Backup?

Data centers are hosting VMs in ever-greater numbers. This is making agentless backup increasingly practical, due to its advantages for virtualized networks hosting many VMs that are constantly fluctuating in number. These advantages include:

Simpler Administration: Centralized agentless systems allow admins to control every VM from a single pane of glass and view backup across an entire network. Once the backup administrator designates which network machines and data require backup, the designated data is transferred to the backup target by the network-based agent. The restore process is similarly simplified in this way.

Better Flexibility: Virtually all current operating systems, email formats, and databases are supported by agentless backup architectures.

Increased Security: With agentless backup, the protected assets do not need to be directly accessible by the backup appliance/destination storage. This limits the attack vectors that malicious actors can target.

Application Consistency: Snapshot technology is supported by agentless backup, resulting in a complete point-in-time copy of a virtualized server or VM. This snapshot recovery capability means that applications can keep running without losing data. As a result, MSPs can more easily ensure application consistency that contributes to meeting business continuity goals. Since snapshot data remains uncompressed for storage, it can be quickly restored.

Increased Control: Policy-based management is a natural complement to agentless backup, leading to improved control of backup and recovery while taking less time. Some virtualization software provides integrated support for agentless backup, such as VMware vSphere’s Storage API for Data Protection. This API enables agentless backup, eliminating the need to install additional backup software.

LAN-Free Backup: The efficiencies of agentless backup are magnified in LAN-free backup environments, where backup and recovery are provided via the storage network instead of through the LAN. For example, this feature is provided automatically on VMWare vSphere using VMware vSphere Storage APIs.

Reduced Cost: As mentioned above, agentless backup equates to lower costs. Besides significantly reducing the purchase and licensing costs of having an individual agent-based backup for every VM on a network, CPU and bandwidth consumption are lowered, and communications are reduced.

Agentless vs. Agent-Based Backup: How to Choose?

As you can see, there are many factors to consider when choosing between agentless versus agent-based backup. For maximum flexibility, MSPs should look for a BCDR solution that supports both.

Datto’s SIRIS secure data protection solution supports agent-based backup with our Datto Windows Agent and Datto Linux Agent. SIRIS supports agentless backup for users operating in VMware environments.

To learn more about SIRIS, schedule a demo.

Suggested Next Reads