Secure, Powerful, Scalable Network Automation
BackBox is the most trusted network automation platform, with over 100,000 networks relying on BackBox to automate firewall and network device administration. BackBox supports thousands of devices from over 180 vendors, complements vendor tooling, and has an API-first approach for integrating with other applications in the Network Operations Center.Get Started
The Capabilities You Need
Out of the box, BackBox contains over 3,000 automations pre-built by the BackBox Automation Team. Many of these automate tasks that solve specific problems, while others enable well-defined use cases such as Backup, OS Upgrades, Compliance, and Vulnerability Management. These out of the box automations help administrators realize value rapidly.
Any of the automations in the Automation Library can be easily customized to suit your needs, all without scripting, with the BackBox Automation Builder.
Additional automations are added to the Automation Library weekly. Unlike some other network automation tools, an upgrade is not required to take advantage of updates to the Automation Library. New automations can be manually added to the library without taking the system down or pausing automation work.
Onboarding and Device Discovery
Onboarding is often a time consuming, manual process. Especially for large enterprises and service providers who must onboard new customers while ensuring there are no conflicts across network sites.
BackBox supports both greenfield and brownfield provisioning with devices able to be added using an IP Address range, a CIDR block, or by importing a CSV of IP addresses. Once added, devices are automatically backed up and an inventory taken.
Discovery is also just “another” automation job. With the discovery automation, new devices are discovered as they’re added for automatic inclusion into BackBox.
Backup & 1-Click Restore
When it comes to disaster recovery, if you can’t trust the validity of your backup, it’s not worth much. That’s why BackBox ensures success by validating every single one of your backups with an intensive verification process – first when it’s created, and then again before restoring. Specifically, we check for the most common indications of a corrupted backup:
- File corruption
- Zero-byte backup
- File integrity
- File size deviation
With just a single click, device configurations and OS’s can be restored, even restoring to bare metal to configure a replacement device. No backup solution has a faster, more reliable restore process than BackBox.
A suite of other valuable protection benefits:
By collecting license keys and other metadata, rapid restores can happen straight from BackBox to bare metal as long as the new device can be reached by an IP address.
Dynamic Metadata Collection
Without any extra overhead, our Dynamic Inventory feature actively empowers CMDBs and other inventory systems.
Your devices’ backups histories can be used as a powerful tool for troubleshooting, allowing you to compare changes over time, or — better yet — to prevent configuration drift by notifying administrators of changes before they become a risk to the organization.
Automated OS and Firmware Upgrades
BackBox's robust Automation Library contains rich upgrade automations, including multi-step upgrades and upgrades that are high-availability aware.
Backup automations can be chained together with update automations to backup your devices before and after any changes, ensuring that your devices can be restored with just a single click should a roll-back be necessary. Similarly, pre- and post-check automations can be chained together to automate upgrade testing as part of the overall upgrade process.
BackBox provides a closed-loop network vulnerability assessment using dynamic inventory, a proprietary feed of threat and vulnerability information, evidence-based risk scoring, and automated remediation.
Using information from the NIST National Vulnerability Database, CISA, and elsewhere, we leverage the configuration information we know about your network devices to analyze your network for vulnerabilities, score the vulnerabilities, and then prioritize them by severity. Where other vulnerability management tools present information, only BackBox automates vulnerability remediation whether it means patching configurations temporarily or updating a device OS to implement a permanent fix.
When unexpected problems in your networks arise, the first question is: What has changed? With BackBox, this question is always easy to answer because changes in your configurations have auditable histories that are easy to access, read and compare.
BackBox's built-in Compare Tool allows network admins to easily and clearly compare configuration baseline parameters, compliance expectations, or any other files.
Our automations can query your network's devices to make sure they are running according to best practices and organizational policy, and can even remediate discrepancies, ensuring compliance.
Remediation can be auto-triggered or user-resolved, notifications being served through a variety of methods, such as email, ServiceNow or any other ITSM, integrating with and enabling your management flow.
BackBox's Dynamic Inventory™ feature automates the collection of your network devices' details, gathering and organizing useful information such as device models, hostnames, specific OS versions, CPU type, total RAM, and many more–even MAC addresses and serial numbers. Customizable and flexible, BackBox makes it easy to add custom detail types and queries to include in your inventory.
Power complex automations
The inventory is able to be tied to regularly scheduled tasks, such as backups, and/or on its own schedule, ensuring you have a detailed picture of your network as you want, when you want it.
Inform the rest of your stack
You can use this inventory to populate any system that can be reached via an API, allowing for powerful external integrations. Likewise, any information accessible from the device via either CLI or API can be included in an inventory.
Simplify lifecycle management
Device inventory is also helpful for device lifecycle management. BackBox provides end-of-life information so that administrators can more easily plan for hardware replacements and upgrades.
The Features You Want
BackBox doesn’t require any scripting, YAML, or proprietary language in order to create automations. Simply put the CLI or API commands you wish to automate into the BackBox UI and under-the-covers the BackBox Automation Builder will create the automations you need.
BackBox is built with an API-first philosophy. Our REST API enables powerful custom bi-directional integrations. Using the API, any information that can be gathered from a device via CLI or API can be used by external applications. At the same time, external applications can interact with BackBox automations through the API. The REST API is accessible to all customers with a standard OpenAPI (Swagger) definition.
Using the API, BackBox integrates with ServiceNow, PRTG, LogicMonitor, ConnectWise, and many other enterprise systems that comprise the NetOps software stack.
IntelliChecks, BackBox contextual automations, make available a large set of functionality with 1500+ advanced automations built into the product with advanced features including compliance auditing, remediation, technical survey, and reporting.
BackBox has standalone capabilities for flexible mapping of roles to privileges, while also providing integration with both password vaults and SSO solutions to simplify security. This streamlines administration across Sites while providing restricted roles-based access for runbook automation, allowing for flexible, secure, and auditable delegation of network tasks.
BackBox allows administrators to access terminal sessions and commands that connect to many devices simultaneously, saving time, tedious work, and preventing fat-finger mistakes common to the manual entering of repetitive commands.
Access Management can also record terminal sessions, allowing administrators to easily audit and review access history (and utilize them for compliance and training purposes), ensuring commands are successfully completed while providing status notifications.
BackBox also allows the automation of a run-book with permission boundaries for first-line team members. Combined with the granularity of roles that BackBox provides, Access is an innovative, flexible, and powerful way to automate large scale network administration.
Inform decision making by running automations that generate customized reports specific to your environment and processes. For example, a proactive network health report showing all devices whose licenses expire within a given timeframe, or whose version is not up to the corporate standard.
With an NPS score of 90, our support organization is the best of the best. The BackBox support team also includes BackBox Automation Labs, the network automations as a service team behind the Automation Library. BackBox Automation Labs works closely with customers to create automations specific to their needs.
BackBox can be leveraged on-premises, in the cloud, or as a SaaS application giving customers and service providers the maximum deployment flexibility.
BackBox has a distributed architecture purpose-built for scale and performance using an agent-based deployment model to reach sites with limited bandwidth, or where local control of automations and files is useful. BackBox servers and agents can run in high-availability configurations with a secondary server running as a hot backup for fault-tolerance. BackBox has also been designed from the ground up to automate both security and network devices.
We're here for you
BackBox's award-winning support team is your partner on the journey to automate administration of your network and security devices. As part of our support agreement, BackBox will create automations on demand and works with you to meet your organization's own specific needs.
The BackBox services team has over a decade of experience creating complex network device automations in the platform, and is always ready to help.
Whatever you need, we'll get it done.