BackBox bolsters network automation platform with zero-trust tools

BackBox today announced it has incorporated zero-trust capabilities into its network automation platform that will enable network operators to automate security actions including privileged access and vulnerability management.

The vendor set out to simplify and tailor zero-trust technologies to network teams, calling its approach “zero trust network operations” (ZTNO). As part of the BackBox Network Automation Platform, ZTNO is designed to help network operators address complex security requirements with actionable insights. The new release includes upgrades to the platform’s privileged access management (PAM), network vulnerability management (NVM), and search capabilities.

ZTNO will enable network operations teams to automate specific security tasks at the network layer. It aligns “NetOps with Zero Trust principles in a user-friendly, efficient, and comprehensive manner,” said BackBox CEO Andrew Kahl in a statement.

ZTNO is designed to comply with the zero trust architecture (ZTA), which is a “trust but verify” approach to cybersecurity that government agencies and their contractors must follow by September 2024. ZTA “helps agencies build zero trust principles into industrial and enterprise infrastructure and workflows” by treating all “networks and traffic as potential threats,” according to the U.S. General Services Administration (GSA).

“ZTNO makes Zero Trust actionable; NetOps teams can follow the framework to create a Zero Trust NetOps environment to complement the organization’s Zero Trust Architecture,” said Josh Stephens, CTO of BackBox, in a statement. “It ensures the network remains secure without limiting a network engineer’s ability to get things done.”

BackBox says its ZTNO framework provides:

• Zero trust use cases, including privileged access management, continuous compliance on discovery, and vulnerability management and mitigation.
• Integration with a broad range of network and security devices.
• No-code automation.
• A common platform from which to manage configurations across network and security vendors and device types.
• An API-first approach to automation that can be integrated into a NetOps workflow. 

BackBox defined six pillars of ZTNO: access management, audit and control, device configuration onboarding, vulnerability management onboarding, continuous assessment, and reporting and visibility. For each pillar, BackBox provides intelligence around permissions as well as automated actions to ensure security is addressed across network management.

For instance, in terms of human operators and access management, secure access must be provided whether accessing network devices via API, WebURL, or CLI. BackBox does this by “integrating role-based access controls with credential vaults and providing a security, credentialed API.” Another example is when humans are accessing network devices, they must do so in an auditable manner. BackBox ZTNO enables this with controls to record all changes to an “immutable log,” and rollback capabilities are also possible through a centralized access point.

On the device side, BackBox provides “golden configurations” when new devices are brought onboard. ZTNO does this with policy enforcement to ensure the proper configurations, and automation reduces manual errors while speeding the process. Devices are also checked for known vulnerabilities when being onboarded. BackBox can remediate the known vulnerabilities with patches or updates. BackBox also performs continuous assessments to ensure configurations remain in compliance and to spot new vulnerabilities. And ZTNO also incorporates reporting for both network and security teams.

The growing convergence of network and security teams in itself marks an emerging best practice among businesses that recognize the benefits of increased collaboration, according to research from Enterprise Management Associates (EMA).

“We saw in the research that successful partnerships reduce security risk, drive operational efficiencies, and lead to fast resolution of problems on both the networking side and the security side,” said Shamus McGillicuddy, vice president of research at EMA.

The BackBox Network Automation Platform is a virtual appliance that can either be run on-premises or in a data center or delivered by BackBox via a software-as-a-service (SaaS) model. The software supports network and security devices from more than 180 vendors, using an API-first approach for integrating with other applications in the network operations center. The platform ships with 3,000 automations out of the box, which can be tailored to specific customer environments. The ZTNO capabilities are available now.