Select Page

Agentless Backups vs Agent Based Backups: Which is Best?

Agentless Backups vs Agent-based backups

System administrators must make an important decision to evaluate and determine what works best for your customers. In addition to fulfilling the core mission of data protection for business continuity and disaster recovery (BCDR), choosing between agent-based and non-agent backup can impact your bottom line.

Today, a physical server typically hosts many virtual machines (VMs), and the portability of virtual machines allows them to easily move across on-premises and cloud environments. This can make it expensive to purchase and manage a unique backup agent for each individual physical and virtual (agent-based) server compared to using a single agent to manage and back up many (agentless) virtual machines.

As we will see in more detail below, agent-based backup works by installing one backup software (agent) on each virtual machine. In contrast, agentless backup does not actually remove the agent from the image, but rather centralizes the backup functions by performing a disk-to-disk backup from an administration point. This retains the benefits of agent-based backup without the cost of installing an agent on each server.

There are certain circumstances that call for agent-based backups versus agentless backups, and as with all computing processes, each method has trade-offs. Here is a summary of these two approaches to backing up virtual machines.

What are Agent-Based Backups?

Agent-based backup products require the user to install software on every machine they want to protect. The agent software resides at the kernel level in a secure system, so it can easily detect block level changes on the machine. Because agent-based backup does not require scanning the entire file system to detect changes for incremental backups, it can be more efficient than agentless backup for physical machines.

However, the disadvantage of agent-based backup is that they rely on local processing resources to take the backup and send it to the backup destination. For this reason, the backup process can affect application performance if the protected server does not have the processing power to perform the backup along with the workloads. This is usually not a problem if the server has enough resources, but it’s something to keep in mind. When system administrators are dealing with a mixed environment with physical and virtual servers, the physical servers usually require agent-based backup.

From there, they can choose between non-images or image-based backups.

What is Non-Image Based Backup?

Non-image based backups cannot restore the entire system, but they can perform granular file restores. This is helpful as long as the operating system (OS) is unaffected. In the event that the (OS) is corrupted or encrypted by ransomware, administrators have to reinstall the environment before they can use non-image-based backups to restore the files.

What is Image-Based Backup?

Image-based backup systems take a snapshot of all disks or volumes on a server, eliminating the need to reinstall the operating system and restore special files to replicate the previous system. This ensures fast full recovery, often within minutes, without the risk of losing important files, which can happen with non-imaging backups, i.e. only at the file level. Today, most image-based backup systems offer the benefits of granular file recovery, as do imageless systems.

Additionally, image-based backups can create incremental backups, which means that only the portion of the server that has changed since the last backup is saved. Incremental backups have helped image-based backup systems become the standard for physical server disaster recovery.

What are Agentless Backups?

Agentless backup does not require users to install an agent on individual server(s), making them easier to implement and monitor. This is especially important in virtual environments hosting many production machines. In this case, VMs can start so easily that they may not be protected when using agent-based backup because the backup agent was never installed.

In the case of agentless, this is not a problem, since agent analytics is centralized from a single source and can be deployed over a network in multiple environments. Where agentless backups really shine is in virtual machine infrastructure. Good agentless backup software uses changed block tracking (CBT) integrated with the hypervisor (CBT identifies blocks of data that have been changed or are in use). Get more value with agentless backup with virtual storage, which includes ways to stream data from the hypervisor to the data warehouse without using network traffic. Therefore, there is no need to worry about IOPS on the local VM or use the network bandwidth that is best used for real production processes.

Do Agentless Backups Cost Less than Agent-Based Backups?

As agentless backups do not need to be installed on each individual machine, they do not require individual licenses per machine which makes them less costly. However, pricing varies depending on the backup software vendor.

Benefits of Agentless Backups

Data centers are hosting virtual machines in increasing numbers. This makes agentless backup increasingly practical due to its benefits for virtualized networks that host many and ever-changing virtual machines.

Easier administration – Agentless centralized systems allow administrators to manage each virtual machine from a single control panel and view backup across the entire network.

Once the backup administrator has determined which machines and network data needs to be backed up, the assigned data is passed to the backup destination by the network agent. Thus, the recovery process is also simplified.

Compatibility – Almost all modern operating systems, applications, email servers, and databases are support agentless backups.

Enhanced Security – With agentless backup, protected resources do not need to be directly accessible from the target backup device or archive. This limits the attack vectors that attackers can target.

Snapshot Support – Snapshot technology is supported by agentless backup, which creates a point-in-time complete copy of a virtualized server or virtual machine. This snapshot recovery capability means applications can continue to run without data loss. As a result, system admins can more easily ensure application consistency, which helps achieve business continuity goals. Because the snapshot data remains uncompressed for archiving, it can be quickly restored.

Improved control – Policy-based management is a natural complement to agentless backup, allowing you to better manage backup and recovery in less time. Some virtualization software provides built-in support for agentless backup, such as the VMware vSphere Data Warehouse API for data protection. This API provides agentless backup without the need to install additional backup software.

Backup without using a local network – Agentless backup is more efficient in non-LAN backup environments where backup and restore is done over a storage area network rather than a LAN. For example, this functionality is automatically provided in VMWare vSphere using the VMware vSphere storage APIs.

Cost reduction – Agentless backup means lower costs. In addition to significantly reducing the cost of purchasing and licensing, having an individual agent-based backup for each virtual machine on the network reduces CPU and bandwidth consumption and reduces communications.


Agentless vs. Agent-Based Backup: Which Should You Choose? There are many factors to consider when choosing between agentless and agent-based backups. For maximum flexibility, you should look for a BCDR solution that supports both.

Looking to set up agentless backups for your critical workloads? Contact StoneFly pre-sales engineers today!

The Spear Phishing Survival Guide

The Spear Phishing Survival Guide

Spear phishing stands as the favored gateway for ransomware delivery and infiltrating corporate networks. Shockingly, 36% of data breaches in 2022 involved phishing, with 25% utilizing email as the ransomware attack vector. Guarding against cyber threats and...

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

Understanding Detection and Response: EDR vs MDR vs XDR vs NDR

In a digitally transformed landscape fraught with ever-evolving cyber threats, the acronyms EDR (Endpoint Detection and Response), XDR (Extended Detection and Response), MDR (Managed Detection and Response), and NDR (Network Detection and Response) have become...

Trigona Ransomware: What is it and How to Defend Against it

Trigona Ransomware: What is it and How to Defend Against it

In an ever-evolving digital landscape, the specter of ransomware looms large, and Trigona stands as a significant player in the realm of cyber threats. This blog delves into the multifaceted world of Trigona ransomware, unraveling its origins, unique characteristics,...

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

Lockbit Ransomware: Inside the Cyberthreat and Defense Strategies

In the constantly evolving arena of cybersecurity, the digital landscape is fraught with adversaries lurking in the shadows, ready to exploit vulnerabilities and disrupt the operations of organizations. Among these threats, LockBit ransomware has emerged as a...

What Defending Against Ransomware-as-a-Service (RaaS) Entails

What Defending Against Ransomware-as-a-Service (RaaS) Entails

Ransomware has evolved, becoming a thriving business model for cybercriminals. Ransomware-as-a-Service (RaaS) exemplifies this transformation—a lethal alliance between the creators and distributors of ransomware. It’s no longer a threat relegated to tech...

You May Also Like

WordPress PopUp Plugin

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email