Map the real network
One site-aware Digital Twin for automation and diagnostics.
Netcode Automation + Rez Diagnostics
Netcode turns approved standards into exact multi-vendor changes, verifies each device group, and hands failures to read-only Rez Diagnostics.
The machine closes the loop of work. The engineer closes the loop of decision. Every production write remains human-approved.
One site-aware Digital Twin for automation and diagnostics.
Commands, affected devices, checks and rollback before production.
Expand only after live verification passes.
Rez investigates read-only and returns a reviewed remediation.
See The Closed Loop In Action
Netcode prepares and verifies the fleet change. Rez follows the shared Digital Twin to the failed BGP dependency. Healthy devices stay protected while an engineer reviews the scoped fix.
Book a closed-loop pilotAutomated Digital Twin
Discover devices once, organize them by site and role, and overlay physical, BGP and OSPF dependencies. Netcode scopes the change; Rez scopes the exception.
Map the network your engineers actually operate.
See physical, L2, BGP and OSPF dependencies.
Automation and diagnostics start from the same context.
Four High-Value Programs
Use one operating model for exact plans, first-device proof, verified rollout, rollback and read-only exception handling.
Bring NTP, DNS, SNMP, logging, AAA, routing policy and security standards into one approved multi-vendor baseline.
Business value: consistent operations across thousands of devices.Assess readiness, stage images, prove the first devices, verify routing and services after reboot, then continue in controlled groups.
Business value: complete more upgrades with less manual coordination.Standardize BGP, OSPF, SD-WAN, QoS, firewall objects, NAT and egress policy while validating application reachability.
Business value: move complex policy without losing service context.Model dependencies, generate exact deltas and move sites or applications in verified groups with rollback ready.
Business value: reduce migration time and isolate exceptions early.One Platform, Three Operational Surfaces
All three use the same discovered inventory, Digital Twin, device identity and customer-side access boundary.
Makes network-as-code accessible to operations teams: define the standard, preview every change, roll out safely and prove the outcome.
Receives failed checks, monitoring alerts or engineer questions, investigates live read-only and returns the recommended action.
A full network terminal through the local runner, with saved sessions and a path from one-off work into repeatable automation.
Under the Hood / How Network Automation Works
Netcode does not blindly push templates. It follows a deterministic automation loop: read live state, model intended state, calculate the delta, validate policy, dry-run or canary, apply through gates, verify actual state, and keep rollback tied to Git.
Interfaces, VLANs, BGP neighbors, routes, ACLs, NTP, SNMP, firmware, interface state.
Approved NTP servers, VLAN standards, interface roles, routing peers, ACL rules.
Devices affected, commands to add, commands to remove, rollback commands, risk summary.
Each change is isolated, reviewed, checked, and blocked before execution if unsafe.
Candidate config, device syntax check, first-batch canary, and no-commit validation where supported.
NTP peers active, VLAN present, BGP session established, route installed, ACL ordered correctly.
Rollback to previous approved intent, validate reverse plan, apply through the same gates, and monitor drift.
Product Modules
One guided workspace for intent, plan, validation, dry-run, apply, verify, rollback, and drift.
Select device groups by site, role, vendor, tag, or source-of-truth query. Plan one change across many devices.
Show exact generated commands and rollback commands before anything touches a device.
Create review branches, commit generated artifacts, review diffs, merge approved intent, and roll back by reverting Git state.
Block unsafe changes before apply using device groups, command patterns, maintenance windows, approvals, and rollback requirements.
Apply to a small canary first, verify, then promote in controlled batches with automatic stop conditions.
Continuously compare intended state to live state and create remediation plans when drift appears.
Open full live SSH sessions through the local runner with transcripts, before/after evidence, optional ticket attachment, and runner-side credentials.
Start with guided OS upgrade campaigns, then add golden baseline, VLAN rollout, interface standards, BGP neighbor updates, ACL cleanup, and drift checks.
Netcode Shell
Network engineers still need a full shell. Netcode Shell gives them one: live SSH through the customer-side runner, credentials kept local, every command recorded, and a clean path from an ad-hoc fix into governed automation when the work should be repeated.
Device credentials resolve on the customer-side runner, not in the browser and not in the control plane.
Engineers can troubleshoot and configure from the shell. The human at the keyboard is the approval for this interactive path.
Transcripts and before/after diffs can attach to a ticket, change, RCA, drift investigation, rollback, or approval record.
Session recording · optional ticket CHG-2048
Core-RTR-02# show bgp ipv4 unicast 10.204.210.0/24
BGP routing table entry for 10.204.210.0/24
Paths: 2 available, best #1
Community: region3-app-segment
Core-RTR-02# configure terminal
[live] config mode entered · transcript recording
Core-RTR-02(config)# route-map REGION3-EDGE permit 20
Core-RTR-02(config-route-map)# set local-preference 180
Core-RTR-02(config-route-map)# end
Core-RTR-02# show archive config differences
[diff] route-map REGION3-EDGE permit 20 added
NetDevOps Governance
Netcode uses Git as the system of record for network intent and generated artifacts. Engineers can review plans before apply, promote approved changes, and roll back by reverting to the last known good intent.
intent.yaml
plan.md
commands.txt
rollback.txt
validation.md
canary-result.md
verify.md
Git Rollback Panel
Rez · The Always-On Network Engineer
Rez receives failed Netcode checks, SolarWinds or ThousandEyes alerts, and questions from Slack. It resolves the affected site and dependencies, gathers fresh SSH/API evidence and performs scoped triage like an engineer on your team.
Multi-Vendor, Safe By Design
Keep vendor-specific SSH, APIs and Ansible content while credentials and production decisions remain inside the customer trust boundary.
Adapter depth and write support vary by workflow. Pilot scope is agreed before production use.
The Windows or Linux runner opens the connection to Rezonance and resolves device credentials inside your environment.
Rez has a separate read action family, approved command filters and no path to Netcode's write actions.
Exact preview, policy checks, first-device proof and optional two-person approval sit before bulk execution.
Commands, verification, approvals, transcripts, Rez findings and reverse actions remain linked to the governed change record.
Start Where You Are
Local examples, Netcode Shell and sample workflows for engineers evaluating the platform.
Request Community accessFive workflow packs, up to 50 devices, guided planning, verification and limited Rez Diagnostics.
Request Starter accessConnect a representative device group and one alert source. Prove planning, rollout, verification and Rez exception handling.
Book the pilotCommunity evaluates the operating model. Starter proves controlled workflows in a small environment. Production rollout begins with a scoped pilot.
Fleet Automation + Always-On RCA Pilot
Choose a golden configuration, software lifecycle or network policy workflow. We will scope it across a representative fleet, dry-run the exact changes, execute a controlled rollout and connect Rez to failed checks or one monitoring source.