Edafio Technology Partners Scales Services Across Growing Client Base with BackBox Automation Solution
Leading managed service provider standardizes on BackBox to drive efficiencies and growth, automating firewall administration for 200+ clients across a multi-vendor environment.
Challenge
Edafio is a leading managed services provider (MSP) to mid-sized and enterprise clients across sectors including healthcare, financial services, manufacturing, transportation, government, and non-profit. As the company continued its fast-paced growth and expansion, automation became central to their strategy to scale and provide a consistent level of security and performance across clients.
While Edafio had Solarwinds in place for heartbeat monitoring and alerts, firewall backups and vulnerability patching were done manually. One specific activity that Edafio was hoping to improve was firewall software updates.
Whenever a CVE was announced and a patch was issued, it would take a lot of effort to complete an update. A team of seven network engineers worked at least five hours overnight or on weekends to patch the hundreds of firewalls under management.
Edafio needed a more efficient and reliable way to manage backups and patching and charged Ryan Demay, Sr. Network Engineer, with finding an automation solution that was up to the task.
Solution
BackBox was the only solution that met Edafio’s key requirements for their MSP environment, including:
Multitenancy, to allow each customer environment to be isolated from the others.
Flexibility in how they access customer networks so they could connect over the internet while ensuring secure communications between BackBox and each site.
Multivendor support to ensure they could automate whatever network devices customers chose to use for their network. While 80% of the firewalls installed are Fortinet, clients also have Check Point, Cisco ASA, NETGEAR, Palo Alto, SonicWall, and WatchGuard.
After a brief competitive trial, Edafio selected BackBox as their automation platform.
Edafio was able to quickly deploy BackBox into their monitoring service, which virtually all their clients rely on. Edafio prioritized three key use cases: automated OS updates, backups, and asset inventory.
BackBox helps our network engineers save a lot of time. For example, bi-weekly patching takes only one hour of my time compared to at least 35 hours for the team to do manually, eliminating a huge pain point for the team and ensuring we can always keep up.
–Ryan Demay, Sr. Network Engineer, Edafio
Automated Vulnerability Patching and OS Updates
Before BackBox, OS updates would require the team of seven to come in on nights or weekends and spend hours manually updating devices. It was a time consuming, error-prone activity, not to mention disruptive to the team’s personal lives.
With BackBox, Ryan is able to collect the files needed, validate the automations, and test them in the lab in about an hour during regular business hours. He creates an announcement so people know an update is happening, and the update happens automatically overnight. The following morning, Ryan checks a report to confirm that the patching completed successfully.
Edafio also uses BackBox to automate updates which happen during regularly scheduled maintenance windows on the first and third Saturday of every month between 1:00 a.m. and 4:00 am. However, on occasion critical updates are installed as soon as they become available, and BackBox’s automations ensure this happens smoothly. Edafio is confident that they’re protected from the latest vulnerabilities and able to keep their clients’ networks safe.
Backups
Edafio has also automated firewall backups. A manual process that used to take an administrator’s time every night, now happens automatically. When the backup is complete Ryan receives an email which also serves as an audit log. For extra redundancy, Edafio has created a custom automation to export backups for every device to a shared drive in the data center so that everyone knows where backups are kept and has access should it be necessary to restore from backup.
Asset Inventory
With every backup or update, BackBox automatically documents the types of firewalls each client has along with serial numbers, licenses, versions, and more. Tightly coupling automated asset discovery and inventory with backup and upgrade processes greatly simplifies firewall administration in Edafio’s multivendor environment and ensures an accurate inventory can be reported to clients for billing purposes.
Looking to the future, Edafio is considering expanding automation to include network devices. Using BackBox for both network device and firewall automation would streamline management, maintenance, and troubleshooting and create a centralized, detailed audit log for tracking and reporting. And as they complete their transition to ServiceNow, they are looking to integrate with BackBox for proactive monitoring, automated ticketing, and trouble-ticket enrichment.
BackBox met all our initial key criteria, and the ease of implementation and out-of-the-box automation tasks have been a pleasant surprise. When we need to make a change, say for 80 different clients, I check BackBox and often the option is already there, so I can select the task and it’s done. And whenever I have a question, the support team is great.
–Ryan Demay, Sr. Network Engineer, Edafio
Simplified Multitenant Firewall Administration
With BackBox, Edafio can segment, organize, and provide services by client, device, and site through a single-pane-of-glass view. Real-time asset inventory information and custom automations enable delivery of contextually-aware services to clients.
Timely and Reliable OS Updates, Patching, and Backups at Scale
Edafio trusts BackBox to handle tasks they used to do manually with reliable automations that are flexible and scalable. From firewall updates and vulnerability patches to daily backups, Edafio has confidence in BackBox automations to consistently perform and secure their clients.
Significant ROI From Multivendor Support and Efficiencies
BackBox’s ability to integrate with and automate processes for multiple different firewalls and drive efficiencies for the network engineering team have resulted in a significant ROI. For example, Edafio has slashed the time spent on updates from 70 hours per month, working nights and weekends, to only one hour during regular business hours. And nightly backups now happen automatically without any manual intervention.