BackBox is a network automation platform focused on automating network security and operations at scale for enterprises and Technology Services Partners. We sat down with Josh Stephens, Chief Technology Officer at BackBox, to discuss the company, its differentiators, strategic plans for the new year, and the recently announced general availability of new and enhanced features to their network and security device automation platform.
What is the mission of BackBox?
Our mission is to empower our customers to continuously improve their network security and operations through trusted network automation.
What challenges are you aiming to solve?
Network and Security Administrators trust BackBox to keep their multivendor networks secure and well-run with an easy-to-use automation platform that can scale from small network to large enterprise and MSPs/MSSPs. We do this by making sure that:
Networking Devices (like routers, switches, and hubs) and Security Devices (like firewalls) always have a validated backup, with lots of metadata to ensure that any device changes are noticed before they become a problem. We also ensure 1-click restores because we collect everything needed for a backup, not just “current state device configurations.” This prevents companies who are running multiple versions of a device OS from having to scramble to figure out what was running on the device that needs a restore and enables bare metal restores more easily when device replacement is required.
The flexibility and openness of our automation platform ensures that OS Upgrades can be performed quickly yet safely, and that we can integrate what’s happened with all the systems an Administrator might need to manually update -- help desk, change management, dynamic inventory, compliance, etc. This is important because OS Updates often include vulnerability patches and when those are outstanding, there’s a gap between a vulnerability being publicly exposed and a network being protected from the vulnerability.
Any changes in network device configuration or device health will trigger a notification that can be automatically or manually resolved. Similarly, as compliance preferences or configurations are updated, an administrator can “update the network” knowing that under-the-covers BackBox will reach every impacted device and make sure that whatever needs to be done, completes successfully (regardless of the vendor).
What makes your solution differentiated in the market?
In some ways you have to look at where we came from to understand this. The company started in Israel about 15 years ago as a managed service provider focused on firewall backup and recovery. After a few years of developing software to solve problems for the MSP business, we pivoted into software. Specifically, as an MSP there were many unique challenges - scale, multivendor, and customer demand for outcome-driven value. Then, in 2016, having learned the space as an MSP for three years, and a software company for four more, the product was rebuilt from the ground up and laid the foundation for today’s differentiation.
We have the right product architecture, specifically the correct abstration layers built into the product to accomplish what today’s enterprise and MSP networks require:
Multivendor, multi-device (network or security devices), multi-deployment model (on-prem or in-cloud).
Device communications - SSH or CURL, APIs, even SNMP... it’s all under the covers. Whatever the device requires and a customer’s implementation “requires” we can do without adding complexity for the administrator. For example, want to run a compliance report against all firewalls to see how long their passwords are? We can do it, and we know how to reach each vendor, each device type, what commands to run, collect the information and can then put it somewhere useful. In fact, we can automate that report, and then trigger notifications on changes.
Ecosystem integration. You see in this release we’ve integrated with Okta. In the past, we’ve integrated with ServiceNow. We have an API (and an upcoming webinar to discuss) bespoke integration with custom systems. Again, this is relevant to the product architecture.
Our support team is focused on automation problems, and we have thousands of prebuilt automations bundled with the product, including specialized intellichecks used for auto-remediation in three areas: Compliance (like CIS), Dynamic Inventory, and Device Health.
Focused Outcomes. Customers don’t start from scratch. We start with Backup/Validate/1-Click Restore and Automated OS Upgrades and Vulnerability Patches. These are power pain points for MSPs and Enterprises alike. We have pre-built CIS Compliance Validation and auto-remediation, and will be creating more (big-C) Compliance packages. Customers gain these focused outcomes, built on a platform they end up using every day for simplifying the complexity that’s device management - new data center build-outs, device RMAs, device administration, and troubleshooting.
Don’t forget the company too. It’s the solution plus the company:
MSPs and Enterprises TRUST BackBox. Almost 100% of our customers use our backup, validate, and 1-click restore capabilities because they know that if they need to restore from a backup, everything they need is there with one click.
BackBox scales. Back to our product architecture, our results show this. Over 500 hundred enterprise customers, more than 50 MSPs. Over 100,000 networks, the largest of which has over 5,000 devices managed with BackBox. If you compare with automation platforms (or the automation pieces of other platforms) this is tremendous scale.
Powerful automation. You get focused outcomes, but also a great amount of power and flexibility to get your processes to work just how you like them. Want to update a change management system after an upgrade? It becomes part of the process. If that part fails, we can open a ticket in an ITSM tool. Want to delegate authority based on roles, we’ve got that abstraction. We’re designed to be simple to use, without sacrificing features, in a complex networking and security environment.
Talk to us about your latest release that's aimed at making the jobs of MSPs and MSSPs easier. What makes this an important release?
This is an important release because:
MSPs and Enterprises have a simplified onboarding flow, enabling them to get value faster than ever before. The speed of adding devices and getting value has always been one of our strengths, so this is one of those areas where we’re extending our lead.
We have integrated with Okta, but even more importantly, we have created the right product architecture to accelerate integration with other solutions. This makes sure that BackBox is thought of as a ‘friendly neighbor’ in complex environments, working with other tools to make administrators’ lives easier.
We’ve improved the way our products work at-scale for our MSP and large enterprise customers. In both cases, there can be conflicts in device names or with IP addresses as new networks are onboarded. Using our advanced multi-tenancy capabilities, we’ve eliminated the potential for conflict and sped up time-to-revenue for MSPs/MSSPs, and time-to-value for enterprises.
How do you see the company evolving in 2023?
We’ll continue to solve our customers' top pain points by delivering focused outcomes, with extensibility only available because of the scalability and powerful features of the BackBox automation platform. We’ll also improve our ability to deliver trusted network automation by delivering more products as cloud-hosted services and by adding new product capabilities around threat and vulnerability intelligence and continuous network security validation and remediation.