Documentation
Table of Contents
4 Key differences between Zabbix Cloud and on-premises
Introduction
This page highlights the main limitations and unsupported features when using Zabbix Cloud compared to an on‑premises installation. A summary comparison table is provided below; subsequent sections describe selected items in detail.
| Feature / Aspect | Zabbix Cloud | Zabbix on‑premises |
|---|---|---|
| Vulnerability patching | Automatic OS/Zabbix patching | Manual patching by user |
| HTTPS certificate | Valid certificate out‑of‑the‑box (no Let's Encrypt) | Self‑signed by default (Let's Encrypt or other CA can be configured) |
| DB performance (INSERT/UPDATE/SELECT) | Auto‑partitioning for max speed; no long-running DELETEs | Manual partitioning & cleanup (long DELETE transactions possible) |
| Performance tuning | Auto‑tuned by Cloud team (no changelogs) | Full visibility & control over tuning parameters |
| Ease of use | Turnkey service | Requires full install, config and maintenance |
| Firewall control | Managed by Cloud team; GUI/trapper ports not exposed publicly | Full control of firewall rules and port exposure |
| DB isolation & protection | Highly isolated, no direct DB/SSH access | Depends on your network and host security |
| Release cycle | Sticks with LTS releases | You choose your Zabbix version (stable, beta, custom builds) |
| High availability (HA) | No built-in HA for application, frontend, or DB server; can scale horizontally via proxies | User-managed HA |
| API calls | Unlimited (subject to user roles) | Practically unlimited (subject to server resources) |
| SNMP traps | Only via dedicated Proxy (no HA/load‑balanced trap receiver) | Direct or via Proxy, HA/load‑balance possible |
| SNMP polling | Hard without proxies (each device needs NAT/custom port) | Native SNMP polling; proxy optional |
| Retention settings | History/Trends/Audit only via UI (no API or configuration file) | Configurable in Zabbix server configuration file or via API |
| Custom scripts | AlertScriptsPath, ExternalScripts, frontend & community modules not supported |
Fully supported (scripts path, modules, integrations) |
| ODBC monitoring | Only PostgreSQL (driver {postgresql}); MariaDB plugin present as a placeholder |
ODBC for PostgreSQL, MySQL, Oracle, etc. - fully configurable |
| Limiting ODBC calls | Not possible (StartODBCPollers=1 only; heavy sync queries block other work) |
Fully tunable poller count & scheduling |
| SAML certificate upload | Not supported | Supported via UI or API |
| Scheduled reports | Must create own Email media (script media unsupported) | Supports both script and Email media out‑of‑the‑box |
| Zabbix agent 2 | Not available. Cloud nodes do not run Zabbix agent 2 | Fully supported; Zabbix agent 2 can be installed and used locally |
| Host interface for active checks | Auto‑created IP may be external; manual cleanup needed for consistency | Interfaces managed by you; IPs under your control |
Feature differences
SNMP traps
SNMP traps are only supported through a dedicated Zabbix proxy. If SNMP trap monitoring is required, automated load balancing or high availability for the proxy cannot be used because SNMP traps must be sent to a single IP address.
SNMP polling
Without proxies, SNMP polling requires each device to be exposed via NAT and custom ports, making large-scale SNMP polling difficult.
Retention settings
Configuration of history, trends, and audit log retention periods is only available via Zabbix Cloud UI. These settings cannot be configured through zabbix_server.conf or the API.
Manual per-item history overrides are not supported (partitioning is controlled globally). Additionally, the Cloud node URL does not accept the same query parameters as an on-premises install.
Custom scripts
The following custom script types are not supported in Zabbix Cloud:
- Alert scripts (
AlertScriptsPath) - External scripts (
ExternalScripts) - Frontend scripts on Zabbix Server
Community-developed frontend modules cannot be installed.
ODBC monitoring
Zabbix Cloud supports ODBC monitoring only for PostgreSQL. Use the official Zabbix ODBC template and define the connection string in the template using:
A MariaDB plugin is also installed but currently not functional. If used, define:
There is no known working configuration for Oracle MySQL 8.0 in Zabbix Cloud. While simple queries (such as SELECT 1) may succeed, more complex queries return SQL_ERROR.
It is not possible to limit ODBC calls (StartODBCPollers=1 only). Heavy synchronous reporting may impact performance, and only a single SELECT can run at a time.
Infrastructure access
Zabbix Cloud does not provide SSH access to the underlying nodes, nor does it permit direct database connections (for example, to port 3306). All configuration, monitoring, and troubleshooting activities must be carried out via the Cloud UI or API, ensuring that the OS and database layers remain isolated and secured.
Active checks interface
Active checks in Cloud automatically create a host interface with an IP unrelated to your on-premises network. By default, this IP may be external. To maintain consistency, you can manually delete or adjust the host interface after creation.
SAML certificate upload
SAML authentication is supported, but uploading a custom certificate or metadata file is not currently available.
Scheduled reports
The default Cloud Email media type uses a script transport and cannot be used for scheduled reports. To send reports by email:
- Create a new Email media type.
- Assign the email media to your user in User settings > Media.
- Select that media type when configuring scheduled reports.
Zabbix agent 2
Zabbix Cloud nodes do not run Zabbix agent 2, so it is not possible to use checks that require it—for example, HTTPS certificate monitoring using the web.certificate.get item.