Getting Started with the Datto Windows Agent
Topic
This article describes system requirements for the Datto Windows Agent.
Environment
- Datto Windows Agent
Description
This illustrates a generalized data flow for the Datto Windows Agent solution.
System requirements
OS |
Datto Windows Agent 3.0 and above (Current production version)
Datto Windows Agent 2.1 to 2.8 (Legacy)
Datto Windows Agent 1.0 and 2.0 (Legacy)
|
Supported disk types |
|
Disk space requirements |
|
CPU and Memory requirements |
|
Network |
|
Anti-virus recommendations |
Datto recommends making the following exceptions in your anti-virus software to avoid potential issues.
|
Compatibility |
|
Other Requirements |
|
Datto currently supports Core based versions for any applicable Windows operating systems listed above. For more information on how to install these, please see Installing the Datto Windows Agent.
Considerations
Compatibility of this backup solution with any hypervisor environment or operating system not listed in this article is untested and may yield unreliable results. Universal VM Backup may be a viable alternative for backing up virtual machines with operating systems that are not listed as compatible.
- Due to their mobile nature, Datto does not endorse or support backing up laptops, tablets or mobile devices. Devices must be inside the LAN, and not on a wireless network, to perform backups promptly. Attempts to back up any of these devices are at your discretion. Due to the range of touchpad drivers, custom drivers, and hardware configurations available for laptops, tablets, mobile devices or all-in-one workstations, restoration support for these platforms is 'best-effort' only.
- The Datto Windows Agent can only be used to back up volumes that are recognized by the Windows operating system as logical, stable volumes, Backup of mapped network drives, iSCSI targets not attached as a logical volume, or removable drives is not supported.
- The Datto solution can back up multiple types of disk sector schemes. The process writes an image-based backup to a file that is 512 bytes per physical sector. While rare, some software that relies on advanced formats, such as 4K, may have issues with the sector size change. Datto recommends performing regular DR tests to ensure that all required applications function as expected in our virtualized environment.
- System compression, also known as "Compact OS", is a Windows feature that allows rarely modified files to be compressed using the XPRESS or LZX compression formats and is NOT supported.
- Backup and virtualization of of deduplicated volumes is untested and may produce inconsistent results, particularly with File Restores . Use an alternate restore method where the volume is mounted in Windows to avoid these scenarios. DWA versions prior to 3.0 are more prone to issues due to deduplicated volumes and should be updated.
- Backup of User Profile Disks used by the Remote Desktop Service is unsupported. Remote Desktop Service (external link). These volumes should be excluded from backups.
- The file restore option is not compatible with Microsoft One Drive. You'll need to mount a volume restore or virtualization to retrieve these files from oneDrive in the event of a disaster recovery.
- CB Defense Anti-Virus software (external link), has been found to cause Datto Windows Agent backup failures. If the protected system uses CBDefense, you should set it to bypass the following files:
c:\windows\system32\vssvc.exe
c:\windows\system32\swprv.dll
*\swprv*
- If you are protecting any volumes on your machine using an anti-virus software that uses VSS to allow for rollback remediation or snapshotting in the event of a security / encryption breach (like SentinelOne, for example), this will need to disabled in order for the Windows agent to properly backup these volumes.
- The Datto Windows Agent Service that runs inside of the Operating System is communicating with the Datto device across port 25568 utilizing TLS 1.1 & TLS 1.2. ( We suggest that you limit your system to utilizing TLS 1.2 only for highest security. )
- TLS 1.1 is included in this stack to allow for Legacy Windows operating systems to be backed up with our agent. If you disable TLS 1.1 on your system to force TLS 1.2, you may break additional compatibility with other applications on your system. Make sure you validate all applications that are running on your system before you make that change. You can view a list of legacy systems in the OS section above.
- The Transport Service that runs from the protected machine to the Datto device runs across Mercury on port 3262 & utilizes only TLS 1.2.
- Storage Server operating systems are not supported at this time, unless explicitly included in the OS section above.
NOTE Please see Troubleshooting Agent Certificate Issues if you are having an installation issue that could be a result of a rejected CA certificate
Versioning
You can download the latest version of the Datto Windows Agent from the Datto Downloads page.
Version numbers for all Datto Windows Agent endpoints protected by your Datto device appear on the appliance's Device Overview page, in the Local Agent Information field, under the Agent Version heading for each listed production machine.
The current production release and is not compatible with Windows Server 2008, but is compatible with Windows Server 2008R2.
Unlike previous DWA versions that used a CoW (copy on Write) file, DWA 3.0 and newer versions use Volume Shadow Storage (VSS) that must be enabled on any protected volumes. While this is normally enabled by default, if it's not, you can use an elevated CMD prompt on each volumes to do so:
To add Shadow Storage
vssadmin add shadowstorage /For=(volume): /On=(volume): /MaxSize=(either pct or Unbounded)
To resize Shadow Storage
vssadmin resize shadowstorage /For=(volume): /On=(volume): /MaxSize=(pct or Unbounded)
For more information on VSS Shadow Storage see Microsoft's documentation (external link).
For the current version of the Datto Windows Agent and information on recent changes, refer to Datto Windows Agent (DWA) Version 3.0 and above: Release notes.
The legacy 2.8 version of the Datto Windows Agent should only be used for these older Windows systems where newer DWA versions are not compatible. For release notes, refer to the Datto Windows Agent (DWA) 2.4 to 2.8 Release notes.
The legacy 2.0 version of the Datto Windows Agent should only be used for these older Windows systems where newer DWA versions are not compatible. For release notes, refer to the Datto Windows Agent (DWA) 1.0 and 2.0: Release notes.
You can download this version of the agent software from the following link: Datto Windows Agent: Legacy Installer (2.0).
Update notes for all versions
- The agent software automatically updates itself when a new version becomes available. If the release includes a driver update, the software will update, but a reboot of the protected machine will be required before the new driver will be installed.
- When upgrading from Datto Windows Agent 2.7 to 3.0, incremental backups will continue to run until a reboot (recommended). The first backup after reboot will be a differential merge.
- After a Windows update, only the OS volume will perform a differential merge, rather than all protected volumes.
- The Datto Windows Agent will attempt to connect with Datto' servers to check for updates on a daily basis. If your protected machine does not have regular internet access, you will need to check for and install updates manually.
Installation
You can download the Datto Windows Agent from the Datto Download Page. Full installation instructions can be found here: Installing the Datto Windows Agent.
When the Datto Windows Agent is installed, it installs the following services on the Windows machine.
- Datto Backup Agent Service: This is the primary service for the webserver, backup jobs, logging, and operation.
- DattoProvider: (versions 2.7 and older) This is the driver that handles the backup engine and VSS interaction. This service is required to quiesce the operating system and take a block-level backup. Versions 3.0 and newer do not contain this service.
Datto recommends reviewing the Encryption Compatibility With The Datto Solution Knowledge Base article when deploying the agent to encrypted machines.
Datto recommends running the following checks on the system you are protecting before installing the Datto Windows Agent:
chkdsk
- Run chkdsk to be sure that all RAIDs and individual disks report back as healthy. Perform necessary disk repairs before deploying any backup agent. Failure to do so may result in backing up corrupted systems and restoration failures.
Disk defragmentation
- While Datto can perform backups that are running disk defragmentation, be aware that this rearranges data at a block level, and may result in larger backups.
- Run disk defragmentation before you deploy the agent.
- VSS-aware disk defragmentation programs may allow for smaller backups but are optional.
Windows updates
- Download Windows updates, service packs, and any other Microsoft-provided updates. After installing these updates, reboot the server. When scheduling your deployment, remember that the 2nd Tuesday of every month is Microsoft's 'Patch Tuesday.'
Virus scan
- Run a virus scan before you deploy the Datto backup solution to your production machine.
Event Viewer
- Check the target's system and application logs to see if there are any VSS or hardware errors.
- Resolve any errors before attempting to install the agent.
Previously installed backup software
- Before installing the Datto Windows Agent, you should disable and remove all other backup software from the production machine. Depending on the software, you may need to completely uninstall it for backups to run correctly.
- When uninstalling other backup software, use a high-level program that eliminates all traces of the incompatible software, including registry keys, DLLs, and stray folders. These components can cause conflicts.
Group Policy
- To avoid issues with installing the necessary certificates, ensure that the Windows Group Policy is not set to "Allow only Enterprise Administrators"
See Installing the Datto Windows Agent to learn how to deploy the agent to your production machine.