In an era where cyber threats are constantly evolving, maintaining a resilient network infrastructure has become paramount for businesses of all sizes. VMblog recently sat down with Amar Ramakrishnan, VP of Product Management at BackBox, to discuss the critical role of network automation in achieving cyber resilience. BackBox, an extensible security-centric network device automation platform, is reshaping how enterprises and service providers approach network security and management.
Within this Q&A, Ramakrishnan dives into the core components of a robust cyber resilience strategy and explains how BackBox's innovative platform addresses these needs. From ensuring reliable backups and streamlining compliance checks to automating vulnerability management, BackBox offers a comprehensive solution that simplifies complex network operations. Join us as we explore how this cutting-edge technology is transforming the landscape of network security and automation, providing organizations with the tools they need to stay secure and operational in an increasingly challenging digital environment.
VMblog: What
is BackBox? Tell me a little about the product and what you do that's special?
Amar Ramakrishnan: BackBox
is an extensible security-centric network device automation platform for cyber
resiliency trusted by enterprise and service providers.
Our
product architecture gives us a security focus and simplicity in network
automation. As such, we have advantages in terms of ease of use, time to value,
and scalability of the solution.
VMblog: What
is cyber resilience and why is it important?
Amar Ramakrishnan: Cyber
resilience is the ability to rapidly adapt to changes in the environment to
protect or recover from issues that impact a functioning IT infrastructure.
Here at BackBox, we focus on cyber resilience at the network layer to ensure
that networks stay secure and available.
VMblog: What
are components of a cyber resilience strategy and how does the BackBox Network
Automation Platform fulfill the needs of a cyber resilience strategy?
Ramakrishnan: There
are three components to a cyber resilience strategy for your network:
- Have reliable
backups. Reliable backups are backups that you have tested to ensure they
can be restored easily and quickly in the event of a service disruption.
- Compliance and
configuration grooming. Whether you follow a formal compliance regime or
just want your devices configured "a certain way," it's important that you
check for compliance regularly and automatically. Manual compliance
doesn't scale and is error-prone. Once compliance is checked, any
configuration drift should have the potential to be automatically groomed
into compliance.
- Vulnerability
management and remediation. Dynamically matching inventory to known
vulnerabilities helps identify where organizations are vulnerable. Using
automation, vulnerabilities can then be remediated either with an
automated configuration change or by updating device software.
VMblog: Backups
are often a good place to start, but one would imagine that backups are a
solved problem? Why isn't that the case?
Ramakrishnan: There
are a few reasons why backups remain a complex problem. To start, companies
often have different backup solutions for each device vendor they have in
place. This adds complexity, and complexity is the enemy when trying to restore
quickly in the event of a failure.
Companies
try to address this by crafting their own backup scripts using code like
Python. However, when they do that, they tend to stay focused on the happy
path-they assume everything goes well only to find that a backup isn't there or
isn't recoverable when needed.
At
BackBox, we talk about reliable backups. We can backup devices from over 180
different vendors, and we do it all using the same "process" so everyone knows,
for example, where the backups are stored. We also run five separate checks on
each backup as it's taken so that we know the backup file has integrity and can
actually be restored. Any issues are surfaced when the backup is taken... so
there are no surprises when trying to restore. Since BackBox enables users to
restore with a single click, it's fast and easy - even under pressure.
VMblog: Compliance
is something companies have to do today, how does BackBox improve network
compliance?
Ramakrishnan: We
have a customer who had a 92-step compliance checklist that they'd have to
manually run through each month This meant that, aside from the potential for
manual errors, they'd only be certain they were compliant once a month (when
the checks finished).
Using
BackBox, this customer automated each of those 92 checks and put in automated
remediation... meaning they can put the check back into compliance should it
fail. They run these compliance checks every single evening instead of once a
month. They have rich reporting on the state of compliance, which can be shared
with other teams, and they know they're compliant daily. All this is done with
less work from the network team, allowing them to focus on less repetitive work
that adds more value to the organization.
VMblog: CVE
remediation... that's interesting because a lot of solutions report on
vulnerabilities, but what I hear you telling me is that you can take automated
remediation action. Is that right? How do you do that?
Ramakrishnan: This is really important. What's better? A tool
that tells you what's wrong or one that tells you what's wrong and fixes it for
you? The latter, obviously. That's BackBox. We use what we learn about your
inventory and map it to an enriched feed of CVE and vulnerability metadata so
that network security engineers can clearly see where they have exposure to
vulnerabilities. Then, using the automation capabilities of the BackBox Network
Automation Platform, they can choose to mitigate a vulnerability - meaning,
make configuration changes that limit susceptibility - or remediate the
vulnerability - which in the network world means updating the device software.
##