Network automation is one of those funny things… it can be anything, and so often is nothing (out-of-the box).
People want to solve problems. At BackBox we take the approach of building the best possible network automation platform while also delivering easy-to-deploy solutions to very specific problems like ensuring reliable backups or OS updates. Once individual well-bounded problems are solved thenthe general purpose solution come into play with its diverse use cases (and as you’ll see below, its massive cost savings).
“Great Network Automation Tool Which Will Make Your Life Much Easier” — January 4, 2023
It’s with that in mind that I came across this wonderful review of BackBox on Gartner Peer-to-Peer reviews.
It’s dense, and I want to write something to help people not familiar with BackBox or network automation tools understand what we do.
First, however, it’s important to understand these reviews.
Notice that the review source is “self-directed (Gartner.com, search, ad/promo)”. It’s not a review for which the reviewer is compensated.
This person is a security architect. This is important, because it’s useful to know that automation is both about “automating device management” and securing them better.
Of course, and they mention this in the review too, they automate a multivendor environment firewalls from both Cisco and Palo Alto.
They’re a manufacturing company of some size and deployed in three countries. This speaks to the scale of the solution and the complexity of the problems they need to solve as a business.
“Definitely one of the best network automation tools on the market which can be used at the same time by security and network operation teams.”
Let’s jump in. It’s dense and well written. It covers a lot of ground, which is why I wanted to break some things out for those unfamiliar.
Right in the first paragraph — “can be used by security and network operations teams”. This is true. We tend to hear “network automation” and think routers, switches, hubs. What we actually automate are network devices, so that includes firewalls, IPSs, and similar security devices (along with the network devices I just mentioned).
Later on, the reviewer will mention two vendor firewalls (Cisco and Palo Alto). I’m bringing this up because it relates to the network and security device comment.
When you automate solutions, it’s truly powerful to abstract away the device or the vendor. Take this customer, they can have a single backup process for both Cisco and Palo Alto.
Rather than using two tools and two processes for backup and restore, they can use one. This means backups (and more importantly, restores) are consistent across vendors without adding complexity. Complexity is a silent killer.
“It’s perfect for enterprise environments as it is pretty scalable and it has option to be deployed with regional remote agents.”
I have to admit, it’s also pretty good for MSP environments too.
It’s the scalability and (optional) agent architecture that makes it perform so well. It also delivers a lot of flexibility on data movement within the product, which helps in data-sensitive regions, like the EU with GDPR.
“It can easily be used as centralized backup location (encrypted backups) for all network devices and at the same time it offers “one click” restore feature.”
Centralized, yes. Also, not centralized if that’s what suits your requirements. The key thing is that one platform understands your backup process, and it’s automated. Instead of working with what each vendor product offers, and figuring out how to work it into your environment (auditing, compliance, backup storage, etc), we do it once for whatever device you need and do it in a way that makes it easy to make the process your own.
This one-click restore capability is important too. Because no one really wants a backup. They want to be able to restore, quickly and easily, from backup during a crisis. We grab the backup, validate it, and then with one-click, restore it.
We’re helping this customer (and many others) balance the complexity of backups with simplicity of execution. And, that’s what we do throughout the product with backups, OS updates, continuous compliance and remediation, and more, even when there are vendor tools involved.
And, here’s where the review starts to shift from “solution to a pain” (globally consistent backups across the world for network and security devices from multiple vendors) to the general network automation value:
“It already saved my team hundreds of working hours as we automated a lot of configuration tasks like password changes, device upgrades, patches installation… It also offers option to perform scheduled IntelliChecks which makes sure that all devices are compliant with required configuration templates (radius, DNS, NTP… ) and also perform device health checks like CPU , memory and disk usage, interface health…”
Hundreds of hours! That’s a lot of savings. Let me just explain some of the BackBox lingo in this part of the review.
IntelliChecks are part of the advanced rules built into the BackBox Automation Library. They’re easily customizable (by customers or our support team on behalf of the customer). These rules include advanced automations like multi-step upgrades, or pre-build CIS, PCI, or HIPAA compliance automation libraries.
Automation schedules are “abstracted out” of the rules themselves, so any set of rules can have any schedule you’d like.
The health checks are not meant to replace SNMP or other monitoring tools, rather are used to inform automations. For example, our OS Update Intellichecks are High-Availability aware. Before updating we’ll check the health of both to make sure each can take the full load, update the secondary, validate the update, initiate a failover, then update the former-primary machine.
By the way, with integrated backups, a backup will be taken prior-to and following any update, to make sure if something doesn’t go as planned, restore is one-click away.
“Easy to implement … perfect solution for centralized backup”
Love to hear it.
“Predefined configuration tasks for Cisco ASA devices and Palo Alto firewalls need to be little bit modified/customized before they are used in enterprise environments.”
I’ll just use this as an opportunity to point out “key factors that drove decision” included:
“Strong services expertise … Strong customer focus”
I don’t know this example specifically, but I’m sure this customer worked with our support team to get those automations exactly the way they wanted them as part of their support agreement.
You can read “Great Network Automation Tool Which Will Make Your Life Much Easier,” a review written on January 4th, 2023 along with many others over on Gartner’s Peer-to-Peer site.