Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup™ Snapshot Manager Install and Upgrade Guide
  3. Section I. NetBackup Snapshot Manager installation and configuration
  4. Configuration for protecting assets on cloud hosts/VM
  5. Deciding which feature (on-host agent or agentless) of NetBackup Snapshot Manager is to be used for protecting the assets
NetBackup™ Snapshot Manager Install and Upgrade Guide

Deciding which feature (on-host agent or agentless) of NetBackup Snapshot Manager is to be used for protecting the assets

For NetBackup to discover and protect assets on a host for single file restore or filesystem/application consistency, then install the agent on the host.

The agent installs necessary plugins for performing the required operations for protecting the assets on the host.

One of the following approach can be used to install agents on their hosts that must be protected:

  • On-host agent

  • Agentless

In both the above approaches, the same plug-ins are installed on the host to perform the operations. However the difference in the above two approaches are as follows:

On-host agent

Agentless

User must manually install the agent on the host and register it to the Snapshot Manager host

The agent can be installed on the host using the NetBackup Web UI, by connecting/configuring the VM.

User must not share the Host credentials to the Snapshot Manager, as the user would install it manually on the host.

The Host/VM credentials must be stored in NetBackup credential manager, so that Snapshot Manager can connect to the host and install the agent and necessary plugins.

Connection is permanently setup over RabbitMQ port 5671 to the host VM from the Snapshot Manager to collect and send data.

Each time when an operation (as follows) must be performed on the host, then the Snapshot Manager temporarily connects to the VM using SSH port for Linux, WMI and SMB port for windows and installs the agent:

  • quiescing filesystems/applications for consistency

  • Single file restore

This then pushes the plugins to performs necessary operations and uninstall itself. The data is however transferred.

The agent once installed manually always remains on the host unless it is uninstalled, hence the name on-host agent feature.

As the agent is not always present on the host hence, the name agentless feature.

As connectivity is established once and remains until the agent is unregistered and uninstalled. This approach is faster compared to agentless feature while performing the operations on the host.

As connectivity has to be established each time an operation has to be performed on the host, and agents/plugins would have to be installed for each connection. This approach is time consuming in comparison to on-host agent feature.

Upgrades have to be manually performed on the on-host agent when NetBackup Snapshot Manager would be upgraded.

When NetBackup Snapshot Manager is upgraded the upgrades are automatically pushed to the host from NetBackup Snapshot Manager.

More Information

Protecting assets with NetBackup Snapshot Manager's on-host agent feature

Protecting assets with NetBackup Snapshot Manager's agentless feature

Feedback

Was this page helpful?
Previous

Configuration for protecting assets on cloud hosts/VM

Next

Protecting assets with NetBackup Snapshot Manager's on-host agent feature

Feedback

Was this page helpful?