CIS Compliance with BackBox

During the presentation at Networking Field Day 31, Josh Stephens and Perry Greenwood from BackBox highlighted the importance of automating compliance workflows to simplify network management for various compliance standards such as PCI, HIPAA, and STIG. They emphasized that many organizations currently depend on Excel sheets for compliance management, which is not the most efficient method. Therefore, BackBox has invested in developing CIS compliance automation features for several major platforms including FortiGate, Checkpoint, Cisco, F5, and Juniper. This automation aims to cover as much of the compliance process as possible, particularly focusing on CIS level 1 and partially on level 2, which tends to require more manual processes.

The demo showcased BackBox’s IntelliChecks functionality, designed to run compliance checks across various devices. For instance, Checkpoint has a 90% coverage for CIS level 1 compliance with BackBox, while FortiGate achieves 100% coverage for level 1 and 60% for level 2 due to its robust CLI capabilities. These compliance checks are based on industry-standard benchmarks that are frequently utilized in various regulatory frameworks. BackBox’s IntelliChecks allow users to define network-specific variables, ensuring that each network’s unique requirements are met. The results from these checks can be generated into detailed reports which can be exported into formats such as Excel or HTML, facilitating easier communication of compliance status within organizations.

Furthermore, BackBox offers additional functionalities like access management, targeting junior IT personnel who might require oversight during network changes. This feature logs and records all commands and session activities, providing a robust audit trail. It supports both CLI and web sessions, enhancing the auditability and security of network operations. This is particularly useful for managed service providers (MSPs) and large network operations teams, enabling them to track changes efficiently and pinpoint the source of network modifications. This end-to-end capability from compliance automation to detailed recording and auditing creates a comprehensive toolset for maintaining network security and operational integrity.