Whether you are a large company or a small startup, you need to have a backup solution to protect your IT assets. While most traditional backup solutions use backup agents, this backup method changed as virtualization technology and cloud computing became more common. Cloud computing technology has enabled IaaS providers such as Amazon Web Services (AWS) to create revolutionary backup solutions that leverage specific building blocks, such as AWS EBS volume snapshots and instance AMIs, without necessarily performing any actions from within servers.
These “agentless” backup solutions provide great benefits over agent-based backup. Other cloud provides take a more traditional approach and continue to base their backup solution on agents that are locally installed on the virtual machines. In this article, we will highlight the differences between the two methods as well as the values that the agentless approach presents in comparison to traditional agent-based solutions.
Agentless Advantages vs. Agent-Based Pitfalls
There are many drawbacks to using agent-based backup solutions. First, backup agents need to be deployed and managed, resulting in additional work for the administrator in charge. Think about maintaining dozens, hundreds or even thousands of servers – effectiveness and efficiency can be challenging. Second, agents may potentially harm your production environment in some cases. For example, certain backup agents use a kernel level space object and may cause a server to crash (if they have a bug). Third, a locally-installed backup agent may cause security vulnerabilities. And finally, even if everything is running well, agents potentially affect server performance.
Agentless backup solutions have become increasingly prevalent and have proven to be very viable and reliable. They have simplified backup operations and relieved system administrators of the responsibility to ensure that agent software is installed and up-to-date on user servers. In a cloud environment, an agentless solution is even more important. Modern cloud environments are dynamic, versatile and allow for automatic bulk deployment and management. In order to attain the most efficient deployment in the cloud, it would be best to leverage the cloud’s native building blocks using APIs and build highly automated backup and recovery mechanisms.
Agent-based backup solutions are mainly required where the infrastructure to copy the data from outside the server (e.g. hardware snapshots in traditional data centers or EBS snapshots in EC2) is not available, a certain subset of the data needs to be copied out (such as granular backup) or when an application-aware backup is performed. An agent-based solution is required in cases where there is a need to back-up a subset of a server’s content, such as a specific part of a database or specific files. Another case is if there is a need to communicate directly with an application to support an application-consistent backup. A third scenario is where the application and data cannot be reached from outside of the IT environment due to security policies.
It is important to mention that sometimes connecting to a server can be a method that can replace an agent. For example, the backup application can potentially connect to the backed-up server before the backup starts and perform any needed operation without actually installing software on the server. Connecting to the server can be done with standard tools that are typically OS-related, like SSH in Linux servers and powershell in Windows servers. In a perfect world, every operation should be performed through infrastructure APIs that allow your backup operations to scale. However, in today’s world, many operations, including legacy ones, are still managed within a server itself. So let’s look at a “hybrid approach”.
The Hybrid Approach
Based on the considerations mentioned above, we believe that you should strive for an agentless backup solution in environments deployed in the public cloud. However, in many cases you may still be required to deploy agents, depending on the use case and the building blocks provided by the cloud vendor. At N2W Software, we offer an enterprise backup solution for the AWS environment called Cloud Protection Manager (CPM), that is aiming to be as agentless as possible. By using AWS services such as EBS snapshots, Cloud Protection Manager allow our customers to typically run agentless cloud backup operations, which seems to us as a competitive advantage. The only exception is for customers performing application-aware backup for Windows applications. In this case, agents need to be locally installed on the Windows machines. Learn more about Windows backup with EC2 using volume shadow copy service (VSS).