BackBox Introduces Zero Trust Network Operations (ZTNO)
January 2024 by Marc Jacob
BackBox introduces Zero Trust Network Operations (ZTNO). This groundbreaking offering is a best practice framework with six actionable pillars to automate cybersecurity considerations at the network layer for NetOps teams. To simplify ZTNO for network teams, BackBox has enhanced its Network Automation Platform with improved Privileged Access Manager, Network Vulnerability Management, and Search.
With federal agencies and their contractors facing a September 2024 mandate for Zero Trust Architecture (ZTA) implementation, ZTNO by BackBox offers a timely, efficient, and comprehensive solution. ZTNO is a testament to BackBox’s ability to transform complex security requirements into simple, actionable solutions. This new offering aligns with the Zero Trust Architecture (ZTA), as defined in NIST document 800-207, and addresses key NetOps challenges.
ZTNO has six pillars, the first two are for network administrators, and the final four are for network devices:
1. Whether accessing via API, WebURL, or CLI secure access needs to be provided. BackBox does this by integrating with different credential vaults, and by providing a secure API.
2. When changes are made we should know where they’re done from, in an immutable log, and administrators should only have the permissions they need to get their jobs done. BackBox does this in a way that all logins are audited and recorded with privilege centrally controlled at the BackBox server.
3. Device configurations must be remediated before device onboarding via policy enforcement that configures the appropriate configuration compliance.
4. Devices must be evaluated for security risk before being onboarded and patched if the device is susceptible to known vulnerabilities.
5. Over time, continuous configuration grooming and remediation must be used to ensure configuration compliance and OS versions in an ongoing manner.
6. Rich reporting and visibility, including actionable data about the current vulnerability level of network devices.
BackBox’s ZTNO framework is uniquely positioned due to:
• Rapid time-to-value ZTNO use cases, including privileged access management, continuous compliance on discovery, and vulnerability management and mitigation.
• Integration with a broad range of network and security devices.
• No-code automation means there’s no need for a developer skillset to implement zero trust.
• Built for network and security devices so the same platform can be used to manage configurations across vendors and device types.
• API-first approach to automation means that any automation can be integrated into a NetOps workflow.