A blog series that shines a spotlight on real-world moments where network engineers use BackBox security-centric automation to save their organizations from costly downtime and surprises.


A Managed Service Provider (MSP) customer urgently needed to activate licenses across 92 Palo Alto firewalls. Compounding the challenge, this had to be done within two days, but it was during the end-of-year holiday season when they had limited staff available for this kind of activity.

Using the BackBox Network Automation Platform, they accomplished this project in a fraction of the time it would have taken to do manually.


The SecOps team needed to run a single command on 92 firewalls:

request license fetch


Not exactly…


The MSP told us that to do this manually would have taken about 10 hours. That’s 6.5 minutes per firewall! Executing this kind of work in a hurry, with just one or two people typing repetitively, introduces significant risk of unplanned outage through human error.

The alternative would have been to find someone with the right Python or Ansible programming skills to write a script to do this, but those people are hard to find at the best of times. Even if you were able to locate someone and they had time to spare, writing and testing a robust script that will catch errors and avoid creating problems takes time. This is why a lot of teams end up reverting to manual effort.

Finally, the impact of not completing the license activations in the time required would be a missed project deadline with financial implications to the business.


Given the urgency, the MSP reached out to the BackBox Automation Team for assistance in writing the automation task. Fortunately, the MSP already had BackBox installed which they use to manage backups and compliance for the 92 firewalls. This meant that we had all relevant inventory information at hand to ID/confirm in-scope devices and already had access to these devices, thus avoiding the need for infrastructure change requests.

The value proposition of BackBox includes support to create automations; there’s no additional professional services retainer or project-based fee required. So, we were able to tackle the task immediately.

Working in partnership with the MSP, it took the team 20 minutes to create the automation required to execute this command safely and consistently. It then took the NetSecOps team a further 10 minutes to import the task, set up a job, and run it. Once the task completed, it generated a report to confirm successful execution on all 92 devices.


  1. Fetching new licenses went from 10 hours to 30 minutes.
  2. BackBox demonstrated additional ROI, saving the customer thousands of dollars in professional services fees typically charged by other vendors.
  3. Holiday plans were preserved.


Normally, customers rely on BackBox for key functions like backup and restore, automated upgrades, audit and compliance, and vulnerability management.

However, what sometimes gets overlooked is the platform’s sheer power and simplicity that allow an MSP or internal NetSecOps team to execute the simplest of tasks on the fly across a vast installed base, including:

  • Fetch new licenses
  • Change passwords
  • Update configurations (e.g., NTP servers)

The list is endless, and the best thing about the BackBox Network Automation Platform is the team empowerment. The no-/low-code approach means network engineers can create these automations themselves, or they can reach out to the BackBox Automation Team for immediate help and to close the talent gap when team members are out of the office.

See for yourself how consistent and reliable your device backups and upgrades can be