Virtualization Technology News and Information
Article
RSS
BackBox: Revolutionizing Network Automation for Enhanced Cyber Resilience

interview-backbox-ramakrishnan 

In an era where cyber threats are constantly evolving, maintaining a resilient network infrastructure has become paramount for businesses of all sizes. VMblog recently sat down with Amar Ramakrishnan, VP of Product Management at BackBox, to discuss the critical role of network automation in achieving cyber resilience. BackBox, an extensible security-centric network device automation platform, is reshaping how enterprises and service providers approach network security and management.

Within this Q&A, Ramakrishnan dives into the core components of a robust cyber resilience strategy and explains how BackBox's innovative platform addresses these needs. From ensuring reliable backups and streamlining compliance checks to automating vulnerability management, BackBox offers a comprehensive solution that simplifies complex network operations. Join us as we explore how this cutting-edge technology is transforming the landscape of network security and automation, providing organizations with the tools they need to stay secure and operational in an increasingly challenging digital environment.

VMblog:  What is BackBox? Tell me a little about the product and what you do that's special?

Amar Ramakrishnan:  BackBox is an extensible security-centric network device automation platform for cyber resiliency trusted by enterprise and service providers.

Our product architecture gives us a security focus and simplicity in network automation. As such, we have advantages in terms of ease of use, time to value, and scalability of the solution.

VMblog:  What is cyber resilience and why is it important?

Amar Ramakrishnan:  Cyber resilience is the ability to rapidly adapt to changes in the environment to protect or recover from issues that impact a functioning IT infrastructure. Here at BackBox, we focus on cyber resilience at the network layer to ensure that networks stay secure and available.

VMblog:  What are components of a cyber resilience strategy and how does the BackBox Network Automation Platform fulfill the needs of a cyber resilience strategy?

Ramakrishnan:  There are three components to a cyber resilience strategy for your network:

  1. Have reliable backups. Reliable backups are backups that you have tested to ensure they can be restored easily and quickly in the event of a service disruption.
  2. Compliance and configuration grooming. Whether you follow a formal compliance regime or just want your devices configured "a certain way," it's important that you check for compliance regularly and automatically. Manual compliance doesn't scale and is error-prone. Once compliance is checked, any configuration drift should have the potential to be automatically groomed into compliance.
  3. Vulnerability management and remediation. Dynamically matching inventory to known vulnerabilities helps identify where organizations are vulnerable. Using automation, vulnerabilities can then be remediated either with an automated configuration change or by updating device software.

VMblog:  Backups are often a good place to start, but one would imagine that backups are a solved problem? Why isn't that the case?

Ramakrishnan:  There are a few reasons why backups remain a complex problem. To start, companies often have different backup solutions for each device vendor they have in place. This adds complexity, and complexity is the enemy when trying to restore quickly in the event of a failure.

Companies try to address this by crafting their own backup scripts using code like Python. However, when they do that, they tend to stay focused on the happy path-they assume everything goes well only to find that a backup isn't there or isn't recoverable when needed.

At BackBox, we talk about reliable backups. We can backup devices from over 180 different vendors, and we do it all using the same "process" so everyone knows, for example, where the backups are stored. We also run five separate checks on each backup as it's taken so that we know the backup file has integrity and can actually be restored. Any issues are surfaced when the backup is taken... so there are no surprises when trying to restore. Since BackBox enables users to restore with a single click, it's fast and easy - even under pressure.

VMblog:  Compliance is something companies have to do today, how does BackBox improve network compliance?

Ramakrishnan:  We have a customer who had a 92-step compliance checklist that they'd have to manually run through each month This meant that, aside from the potential for manual errors, they'd only be certain they were compliant once a month (when the checks finished).

Using BackBox, this customer automated each of those 92 checks and put in automated remediation... meaning they can put the check back into compliance should it fail. They run these compliance checks every single evening instead of once a month. They have rich reporting on the state of compliance, which can be shared with other teams, and they know they're compliant daily. All this is done with less work from the network team, allowing them to focus on less repetitive work that adds more value to the organization.

VMblog:  CVE remediation... that's interesting because a lot of solutions report on vulnerabilities, but what I hear you telling me is that you can take automated remediation action. Is that right? How do you do that?

Ramakrishnan:  This is really important. What's better? A tool that tells you what's wrong or one that tells you what's wrong and fixes it for you? The latter, obviously. That's BackBox. We use what we learn about your inventory and map it to an enriched feed of CVE and vulnerability metadata so that network security engineers can clearly see where they have exposure to vulnerabilities. Then, using the automation capabilities of the BackBox Network Automation Platform, they can choose to mitigate a vulnerability - meaning, make configuration changes that limit susceptibility - or remediate the vulnerability - which in the network world means updating the device software.

##

Published Tuesday, September 03, 2024 7:30 AM by David Marshall
Filed under: ,
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<September 2024>
SuMoTuWeThFrSa
25262728293031
1234567
891011121314
15161718192021
22232425262728
293012345