BackBox introduces Zero Trust Network Operations

In a significant stride towards enhancing network security, BackBox introduces Zero Trust Network Operations (ZTNO).

  • 8 months ago Posted in

This groundbreaking offering is a best practice framework with six actionable pillars to automate cybersecurity considerations at the network layer for NetOps teams. To simplify ZTNO for network teams, BackBox has enhanced its Network Automation Platform with improved Privileged Access Manager, Network Vulnerability Management, and Search.

With federal agencies and their contractors facing a September 2024 mandate for Zero Trust Architecture (ZTA) implementation, ZTNO by BackBox offers a timely, efficient, and comprehensive solution. ZTNO is a testament to BackBox’s ability to transform complex security requirements into simple, actionable solutions. This new offering aligns with the Zero Trust Architecture (ZTA), as defined in NIST document 800-207, and addresses key NetOps challenges.

ZTNO has six pillars, the first two are for network administrators, and the final four are for network devices:

1. Whether accessing via API, WebURL, or CLI secure access needs to be provided. BackBox does this by integrating with different credential vaults, and by providing a secure API.

2. When changes are made we should know where they’re done from, in an immutable log, and administrators should only have the permissions they need to get their jobs done. BackBox does this in a way that all logins are audited and recorded with privilege centrally controlled at the BackBox server.

3. Device configurations must be remediated before device onboarding via policy enforcement that configures the appropriate configuration compliance.

4. Devices must be evaluated for security risk before being onboarded and patched if the device is susceptible to known vulnerabilities.

5. Over time, continuous configuration grooming and remediation must be used to ensure configuration compliance and OS versions in an ongoing manner.

6. Rich reporting and visibility, including actionable data about the current vulnerability level of network devices.

“ZTNO makes zero trust actionable; NetOps teams can follow the framework to create a Zero Trust NetOps environment to complement the organization’s Zero Trust Architecture,” said Josh Stephens, CTO of BackBox. “It ensures the network remains secure without limiting a network engineer's ability to get things done.”

BackBox’s ZTNO framework is uniquely positioned due to:

• Rapid time-to-value ZTNO use cases, including privileged access management, continuous compliance on discovery, and vulnerability management and mitigation.

• Integration with a broad range of network and security devices.

• No-code automation means there’s no need for a developer skillset to implement zero trust.

• Built for network and security devices so the same platform can be used to manage configurations across vendors and device types.

• API-first approach to automation means that any automation can be integrated into a NetOps workflow.

“BackBox's introduction of Zero Trust Network Operations (ZTNO) marks a significant advancement in network security, aligning NetOps with Zero Trust principles in a user-friendly, efficient, and comprehensive manner,” said BackBox CEO Andrew Kahl. “It stands as a testament to BackBox’s leadership and innovation in network automation.”

Acquisition of leading DSPM company will bolster Proofpoint’s human-centric security platform...
NTT DATA’s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM...
SPG is enhancing its cybersecurity capabilities in a new partnership with Saviynt, a leading...
Graylog has unveiled significant security advancements to drive smarter, faster, and more...
Datadog has published its new report, the State of Cloud Security 2024. The report found that...
ISACA research shows automating threat detection/response and endpoint security are the most...
Strategic partnership unifies AI-native endpoint security and next-generation firewall protection...
Advanced forms of social engineering are on the rise, though obvious gaps like weak passwords are...