Standardize at fleet scale
Turn one approved golden standard into controlled work across hundreds or thousands of devices.
Network Automation + Always-On RCA
Netcode turns your golden standards into exact plans, dry-runs changes before production, rolls them out across multi-vendor fleets, verifies every device and keeps rollback ready.
When automation or monitoring finds a problem, Rez investigates like an engineer on your team. It works read-only, recommends the fix and returns it to Netcode for human approval.
Turn one approved golden standard into controlled work across hundreds or thousands of devices.
Preview the exact commands, affected devices, validation checks and rollback before production.
Start with a small device group, verify it live and expand only when the network proves healthy.
Automatically investigate failed checks and monitoring alerts without allowing RCA to write config.
Automation Without The Software Project
Netcode gives network teams a simple path from live discovery to golden standards, exact change plans, dry-run, bulk rollout, verification and rollback. Use guided workflows, existing Ansible content, SSH or APIs without building the control plane yourself.
Simple, Safe Fleet Automation
Netcode handles the expected work at scale. Rez handles the exceptions. Your engineers keep control of every production decision.
Choose the approved configuration, software or policy outcome.
See scope, exact commands, checks and rollback. Dry-run where supported.
Prove the first devices and expand through controlled groups.
Failed verification opens a read-only, scoped investigation automatically.
Review the fix, apply through Netcode and verify the fleet again.
What Teams Automate
Start with one high-value standard, then reuse the same safety, rollout, verification and RCA model across the rest of the network.
Bring NTP, DNS, SNMP, logging, AAA, banners, routing policy and security standards into one approved baseline across vendors.
Business value: consistent operations across thousands of devices.Assess readiness, stage images, prove the first devices, verify routing and services after reboot, then continue in controlled groups.
Business value: complete more upgrades with less manual coordination.Standardize BGP, OSPF, SD-WAN, QoS, firewall objects, NAT and egress policy while validating application reachability.
Business value: move complex policy without losing service context.Model dependencies, generate exact deltas and move sites or applications in verified groups with rollback ready.
Business value: reduce migration time and isolate exceptions early.Compare approved standards to live state, identify meaningful drift and create targeted remediation plans.
Business value: keep the network standardized after the project ends.Let Rez investigate automation failures or monitoring alerts, recommend a scoped fix and return it to Netcode for approval.
Business value: turn ticket queues into engineer-ready actions.See Netcode + Rez In Action
See Netcode plan and roll out a fleet change, Rez investigate the failed check read-only, and an engineer approve the scoped remediation before the rollout resumes.
Run this workflow on your networkOne Platform, Two Clear Jobs
Both use the same discovered inventory, topology, device identity and local access boundary, so engineers never rebuild context between automation and troubleshooting.
Makes network-as-code accessible to operations teams: define the standard, preview every change, roll out safely and prove the outcome.
Receives failed checks, monitoring alerts or engineer questions, investigates live read-only and returns the recommended action.
A full network terminal through the local runner, with saved sessions and a path from one-off work into repeatable automation.
Under the Hood / How Network Automation Works
Netcode does not blindly push templates. It follows a deterministic automation loop: read live state, model intended state, calculate the delta, validate policy, dry-run or canary, apply through gates, verify actual state, and keep rollback tied to Git.
Interfaces, VLANs, BGP neighbors, routes, ACLs, NTP, SNMP, firmware, interface state.
Approved NTP servers, VLAN standards, interface roles, routing peers, ACL rules.
Devices affected, commands to add, commands to remove, rollback commands, risk summary.
Each change is isolated, reviewed, checked, and blocked before execution if unsafe.
Candidate config, device syntax check, first-batch canary, and no-commit validation where supported.
NTP peers active, VLAN present, BGP session established, route installed, ACL ordered correctly.
Rollback to previous approved intent, validate reverse plan, apply through the same gates, and monitor drift.
Product Modules
One guided workspace for intent, plan, validation, dry-run, apply, verify, rollback, and drift.
Select device groups by site, role, vendor, tag, or source-of-truth query. Plan one change across many devices.
Show exact generated commands and rollback commands before anything touches a device.
Create review branches, commit generated artifacts, review diffs, merge approved intent, and roll back by reverting Git state.
Block unsafe changes before apply using device groups, command patterns, maintenance windows, approvals, and rollback requirements.
Apply to a small canary first, verify, then promote in controlled batches with automatic stop conditions.
Continuously compare intended state to live state and create remediation plans when drift appears.
Open full live SSH sessions through the local runner with transcripts, before/after evidence, optional ticket attachment, and runner-side credentials.
Start with guided OS upgrade campaigns, then add golden baseline, VLAN rollout, interface standards, BGP neighbor updates, ACL cleanup, and drift checks.
Netcode Shell
Network engineers still need a full shell. Netcode Shell gives them one: live SSH through the customer-side runner, credentials kept local, every command recorded, and a clean path from an ad-hoc fix into governed automation when the work should be repeated.
Device credentials resolve on the customer-side runner, not in the browser and not in the control plane.
Engineers can troubleshoot and configure from the shell. The human at the keyboard is the approval for this interactive path.
Transcripts and before/after diffs can attach to a ticket, change, RCA, drift investigation, rollback, or approval record.
Session recording · optional ticket CHG-2048
Core-RTR-02# show bgp ipv4 unicast 10.204.210.0/24
BGP routing table entry for 10.204.210.0/24
Paths: 2 available, best #1
Community: region3-app-segment
Core-RTR-02# configure terminal
[live] config mode entered · transcript recording
Core-RTR-02(config)# route-map REGION3-EDGE permit 20
Core-RTR-02(config-route-map)# set local-preference 180
Core-RTR-02(config-route-map)# end
Core-RTR-02# show archive config differences
[diff] route-map REGION3-EDGE permit 20 added
NetDevOps Governance
Netcode uses Git as the system of record for network intent and generated artifacts. Engineers can review plans before apply, promote approved changes, and roll back by reverting to the last known good intent.
intent.yaml
plan.md
commands.txt
rollback.txt
validation.md
canary-result.md
verify.md
Git Rollback Panel
Rez · The Always-On Network Engineer
Rez receives failed Netcode checks, SolarWinds or ThousandEyes alerts, and questions from Slack. It resolves the affected site and dependencies, gathers fresh SSH/API evidence and performs scoped triage like an engineer on your team.
Multi-Vendor By Design
Rezonance normalizes multi-vendor inventory and live state while preserving vendor-specific commands, APIs and evidence. Keep using existing Ansible playbooks, scripts, SSH and APIs inside a safer fleet workflow.
Adapter depth and write support vary by platform and workflow. Pilot scope is agreed and validated before production use.
Safety And Security
The Windows or Linux runner opens the connection to Rezonance and resolves device credentials inside your environment.
Rez has a separate read action family, approved command filters and no path to Netcode's write actions.
Exact preview, policy checks, first-device proof and optional two-person approval sit before bulk execution.
Commands, verification, approvals, transcripts and reverse actions remain attached to the governed change record.
Device commands, live results, approvals, automation stages and Rez findings are retained for review.
Cryptographic anonymization can protect addresses and identifiers before analysis while preserving network relationships.
Start Where You Are
Local examples, Netcode Shell and sample workflows for engineers evaluating the platform.
Request Community accessFive workflow packs, up to 50 devices, guided planning, verification and limited Rez Diagnostics.
Request Starter accessConnect a representative device group and one alert source. Prove planning, rollout, verification and Rez exception handling.
Book the pilotFleet Automation + Always-On RCA Pilot
Choose a golden configuration, software lifecycle or network policy workflow. We will scope it across a representative fleet, dry-run the exact changes, execute a controlled rollout and connect Rez to failed checks or one monitoring source.