Multi-Vendor Automation · No Scripting
Serious network automation. No scripting project required.
Standardize configurations, upgrade software, and push routing, SD-WAN, QoS, and firewall changes across routers, switches, and firewalls from guided Netcode workflows.
Review every command. Test the first device. Stop on failure. Roll back safely. Audit everything. If verification fails, Rez starts read-only troubleshooting and returns the recommended fix for approval.
One inventory · one Digital Twin · one change record
See the real network
An included site-aware Digital Twin for automation and troubleshooting.
Review exact commands
See every device command, check, and rollback before production.
Test one device first
Continue only after live post-change checks pass.
Troubleshoot failures
Rez investigates read-only and returns the recommended fix.
Built For Network Engineers
Pick the job. Review the commands. Run it safely.
Get Python-powered automation without building Ansible playbooks, scripts, inventory plumbing, approval logic, audit records, and rollback from scratch.
Netcode Automation
Choose a workflow, select devices by site, role, or vendor, review exact commands and rollback, test one device, then continue in controlled groups.
- Python-powered multi-vendor execution
- Upgrades, standards, routing, QoS, SD-WAN, and firewall policy
- Per-device verification, audit record, and rollback
Rez Diagnostics
When a change fails or an alert arrives, Rez resolves the affected site and path, gathers live read-only evidence, and explains the actual root cause.
- Failed Netcode checks, SolarWinds, monitoring webhooks, and Ops Dashboard
- Live multi-vendor SSH/API checks with Digital Twin context
- Recommended fix returns to Netcode for human approval
Netcode Shell
Need the CLI? Open a full multi-vendor SSH session through the local runner, keep the transcript, and turn repeated work into a reusable workflow.
- Interactive SSH with local credentials
- Searchable, auditable session history
- Convert proven CLI work into automation
Watch Netcode + Rez In Action
The firewall push succeeded. Did the application?
Watch Netcode coordinate routing, SD-WAN, firewall policy and NAT, use the customer's existing firewall manager, then independently test the exact application flow. When the service still fails, Rez isolates the real dependency read-only and hands a scoped fix back for human approval.
Meet Rez · Read-Only Network Troubleshooting
Dashboards detect problems. Engineers fix them. Rez starts the work.
Rez is the troubleshooting engine inside Netcode. It starts when Netcode verification fails, when SolarWinds or another monitoring system sends an alert, or when an engineer asks from Ops Dashboard or Slack. Rez resolves the site and service path, runs fresh SSH/API checks, validates the root cause, and prepares a reviewed Netcode remediation draft. Rez never pushes configuration.
Business Outcomes The Pilot Must Prove
Measure whether the service works, not whether one controller finished.
Design-partner pilots measure these outcomes directly. Published results and quotations are attributed only with customer approval.
Reduce failed change windows
Verify the complete application path before the rollout continues beyond the first approved target group.
Shorten cross-team triage
Investigate routing, SD-WAN, firewall policy, NAT, and return path from one exact flow instead of opening five consoles.
Protect healthy devices
Stop on failed service verification, preserve untouched targets, and remediate only the dependency that failed.
Keep one accountable record
Link manager jobs, device actions, approvals, Rez findings, verification, and rollback to one Rezonance change ID.
Digital Twin Included
Your live network map, built automatically.
Discovery creates a site-aware model of devices, interfaces, links, BGP and OSPF neighbors, and service paths. Netcode uses it to scope changes; Rez uses it to troubleshoot failures. It is included with Rezonance, not sold as a separate topology add-on.
Discover and organize automatically
Group devices by site, role, vendor, and shared network identity.
See protocol and service dependencies
Overlay physical, L2/LLDP, BGP, OSPF, and monitored application paths.
Use the map to do real work
Launch SSH, scope a change, trace a flow, or start RCA from the same model.
Four High-Value Programs
Standardize, modernize, and transform thousands of network devices.
Use one operating model for exact plans, first-device proof, verified rollout, rollback and read-only exception handling.
Golden configuration and drift control
Bring NTP, DNS, SNMP, logging, AAA, routing policy and security standards into one approved multi-vendor baseline.
Business value: consistent operations across thousands of devices.Network software lifecycle
Assess readiness, stage images, prove the first devices, verify routing and services after reboot, then continue in controlled groups.
Business value: complete more upgrades with less manual coordination.WAN, routing, QoS and firewall policy
Standardize BGP, OSPF, SD-WAN, QoS, firewall objects, NAT and egress policy while validating application reachability.
Business value: move complex policy without losing service context.Site, cloud and data-center migration
Model dependencies, generate exact deltas and move sites or applications in verified groups with rollback ready.
Business value: reduce migration time and isolate exceptions early.Under the Hood / How Network Automation Works
The automation logic is simple: compare intended state to live state, then apply only what is proven safe.
Netcode does not blindly push templates. It follows a deterministic automation loop: read live state, model intended state, calculate the delta, validate policy, dry-run or canary, apply through gates, verify actual state, and keep rollback tied to Git.
Interfaces, VLANs, BGP neighbors, routes, ACLs, NTP, SNMP, firmware, interface state.
Approved NTP servers, VLAN standards, interface roles, routing peers, ACL rules.
Devices affected, commands to add, commands to remove, rollback commands, risk summary.
Each change is isolated, reviewed, checked, and blocked before execution if unsafe.
Candidate config, device syntax check, first-batch canary, and no-commit validation where supported.
NTP peers active, VLAN present, BGP session established, route installed, ACL ordered correctly.
Rollback to previous approved intent, validate reverse plan, apply through the same gates, and monitor drift.
Product Modules
Everything needed to move from scripts to governed NetDevOps.
Change Workspace
One guided workspace for intent, plan, validation, dry-run, apply, verify, rollback, and drift.
Bulk Change Planner
Select device groups by site, role, vendor, tag, or source-of-truth query. Plan one change across many devices.
Command Preview
Show exact generated commands and rollback commands before anything touches a device.
Git Workflow
Create review branches, commit generated artifacts, review diffs, merge approved intent, and roll back by reverting Git state.
Policy Gates
Block unsafe changes before apply using device groups, command patterns, maintenance windows, approvals, and rollback requirements.
Canary and Batch Apply
Apply to a small canary first, verify, then promote in controlled batches with automatic stop conditions.
Drift Watch
Continuously compare intended state to live state and create remediation plans when drift appears.
Netcode Shell
Open full live SSH sessions through the local runner with transcripts, before/after evidence, optional ticket attachment, and runner-side credentials.
Workflow Packs
Start with guided OS upgrade campaigns, then add golden baseline, VLAN rollout, interface standards, BGP neighbor updates, ACL cleanup, and drift checks.
Netcode Shell
A real network CLI, connected to the automation loop.
Network engineers still need a full shell. Netcode Shell gives them one: live SSH through the customer-side runner, credentials kept local, every command recorded, and a clean path from an ad-hoc fix into governed automation when the work should be repeated.
Credentials stay local
Device credentials resolve on the customer-side runner, not in the browser and not in the control plane.
Full live CLI
Engineers can troubleshoot and configure from the shell. The human at the keyboard is the approval for this interactive path.
Every session is useful later
Transcripts and before/after diffs can attach to a ticket, change, RCA, drift investigation, rollback, or approval record.
Session recording · optional ticket CHG-2048
Core-RTR-02 · Region 3
Core-RTR-02# show bgp ipv4 unicast 10.204.210.0/24
BGP routing table entry for 10.204.210.0/24
Paths: 2 available, best #1
Community: region3-app-segment
Core-RTR-02# configure terminal
[live] config mode entered · transcript recording
Core-RTR-02(config)# route-map REGION3-EDGE permit 20
Core-RTR-02(config-route-map)# set local-preference 180
Core-RTR-02(config-route-map)# end
Core-RTR-02# show archive config differences
[diff] route-map REGION3-EDGE permit 20 added
NetDevOps Governance
Every change has a branch. Every rollback has a known previous state.
Netcode uses Git as the system of record for network intent and generated artifacts. Engineers can review plans before apply, promote approved changes, and roll back by reverting to the last known good intent.
- A change branch isolates every network change.
- The plan shows exact intended delta.
- Policy checks run before apply.
- Canary result is committed back to the branch.
- Merge means approved intent.
- Drift watch compares live state to approved intent.
intent.yaml
plan.md
commands.txt
rollback.txt
validation.md
canary-result.md
verify.md
Git Rollback Panel
Rollback CHG-2048
- Previous approved state
- main@8f31a2
- Current branch
- change/region3-app-segmentation-2048
- Rollback action
- revert app segment, route policy, and firewall object references
- Rollback commands
- 384 generated
- Validation
- Passed
- Status
- ready for rollback canary
Multi-Vendor, Safe By Design
Automate the network you own without surrendering control.
Keep vendor-specific SSH, APIs and Ansible content while credentials and production decisions remain inside the customer trust boundary.
Adapter depth and write support vary by workflow. Pilot scope is agreed before production use.
Outbound-only customer runner
The Windows or Linux runner opens the connection to Rezonance and resolves device credentials inside your environment.
RCA cannot apply configuration
Rez has a separate read action family, approved command filters and no path to Netcode's write actions.
No unattended production write
Exact preview, policy checks, first-device proof and optional two-person approval sit before bulk execution.
Rollback and evidence stay attached
Commands, verification, approvals, transcripts, Rez findings and reverse actions remain linked to the governed change record.
Start Where You Are
Start locally, automate one network workflow, then expand.
Evaluate locally
Local examples, Netcode Shell and sample workflows for engineers evaluating the platform.
Request Community accessProve repeatable workflows
Five workflow packs, up to 50 devices, guided planning, verification and limited Rez Diagnostics.
Request Starter accessValidate production deployment
Connect a representative device group and one alert source. Prove planning, rollout, verification and Rez exception handling.
Book the pilotCommunity evaluates the operating model. Starter proves controlled workflows in a small environment. Production rollout begins with a scoped pilot.
Network Automation + Read-Only RCA Pilot
Automate one network standard. Let Rez handle every exception.
Choose a configuration standard, software lifecycle, or network policy workflow. We will scope it across representative device groups, dry-run the exact changes, execute a controlled rollout, and connect Rez to failed checks or one monitoring source.