BackBox adds network vulnerability management to automation platform

BackBox this week announced its Network Vulnerability Manager (NVM), a software add-on to its existing Network Automation Platform, that will enable network managers to automate operating system upgrades, network configuration updates, and various remediations across firewalls and other network and security devices.

“Common vulnerability management tools focus on endpoints and are designed for security teams rather than network teams,” says Josh Stephens, CTO of BackBox. “BackBox’s vulnerability management capabilities have been specifically engineered for network operations teams in the way that they operate and to accelerate their path toward network automation.”

Available now, NVM works with the BackBox Network Automation Platform, a virtual appliance that can either be run on-premises or in a data center or delivered by BackBox via a software-as-a-service (SaaS) model. NVM uses machine learning to collect and collate vulnerability data from the National Vulnerability Database (NVD) from the National Institute of Standards and Technology (NIST) as well as several other sources, including vendor web sites.

As part of its automation platform, NVM queries the network, dynamically discovers the devices, identifies what OS they are on, what configuration is relevant to the common vulnerabilities and exposures (CVE), and then it compares all that data with known vulnerability information. NVM can recommend if a configuration change is needed or disable a service because of a known vulnerability, for example. It can also automatically apply operating system updates or patches to resolve identified vulnerabilities if customers approve the automated actions.

With the addition of NVM, the BackBox platform now offers network teams a vulnerability management process that can identify vulnerabilities and classify them by threat level as they surface. The software can be customized to prioritize vulnerabilities according to the needs of each customer’s unique network environment. NVM can be enabled to automate remediation of issues, for instance by making configuration changes or applying patches. Network managers can also simplify OS and firmware updates with the built-in backups, single-click rollbacks, and integrated pre- and post-update validations provided in NVM. The software can also help network teams with device lifecycle management and automates hardware upgrades around vendor-driven EOL (End of Life) data.

“What we have done is combined this vulnerability management information with our automation capabilities so that network engineers can really start to get their arms around the threat landscape and begin to prioritize these upgrades and manage the ongoing part of lifecycle maintenance of the network,” Stephens says.

Automation could help network teams stay ahead of vulnerabilities. In a recent BackBox survey conducted by Wakefield Research, 92% of 250 network and security operations professionals said there are more network updates needed than they can keep up with, and 61% of companies reported that they only upgrade network and security devices quarterly or less frequently. And nearly half (48%) of survey respondents said their company has not implemented or invested deeply in network automation, opening them up to security breaches and other serious issues.

“Organizations are looking to evolve from one-to-many changes they might have done with traditional configuration management tools. Now they are looking for true automation to make that generational leap with something that is more API-driven,” Stephens says.

The BackBox Network Automation Platform is software that supports network and security devices from more than 180 vendors, using an API-first approach for integrating with other applications in the network operations center. The platform ships with 3,000 automations out of the box, which can be tailored to specific customer environments.

BackBox’s Network Automation Platform targets enterprise customers and managed service providers (MSP) and can scale to support tens to multiple thousands of devices. BackBox also provides native formats for all three major public clouds: Google, Amazon, and Microsoft.