You want a stable and secure network
You want your network to support your business. You want it to be stable, secure, agile, and easy to maintain. With fewer people. Quite a challenge! At the same time, networks get more complex every day and skilled staff is hard to find.
This is how to get there
You need more than just a tool to solve these challenges. You also need a proven method:
Gartner selected NetYCE as Cool Vendor:
“NETYCE IS COOL BECAUSE THEY DRAMATICALLY SIMPLIFY NETWORK AUTOMATION“
A network is only as good as how it is configured
Do you know the state of your network? And are you in control of your network changes? Only then you can unleash the true potential of network automation.
Let us help you get there
With a proven methodology and guaranteed results
Read Example Audit Report
What about your network?
- Do you check vulnerabilities once they are published?
- Have you implemented your vendor's hardening recommendations?
- Sure you have no rogue users in your network?
- Are all passwords encrypted and changed periodically?
- OS versions up to date?
- Backup paths configured correctly?
- Design rules correctly implemented?
- Compliance checks in place?
Can you easily perform these tasks?
- Run reports on all devices
- Cleanup messy/wrong port descriptions
- Upgrade to the latest OS versions
- Fix password issues
- Reconfigure ACLs, VLANs, ports, etc
- Rollout new devices and services
- Integrate with NMS/OSS/DDI systems
- Fix compliance issues and vulnerabilities
Start seeing results in weeks, not months
Lots of businesses around the world have finally seen the results they want from their network, and you will too. Stop wasting your resources and start improving your network with NetYCE and the Find, Fix & Prevent method.
Network Compliance as-a-service
All you need in a monthly fee at a fraction of your fte cost
You need more than a tool to succeed. The biggest challenge is the lack of skilled people, time, and support. With our subscriptions, you not only get our ‘best-in-class’ NetYCE platform, but also ongoing training and support from experienced engineers and access to our compliance libraries and best practice use-cases.
Our mission is to help you succeed. Simply see us as a flexible extension of your engineering team. We will train your staff on how to build and implement solutions or we can also do it for you.
A network that works for you
Sit back and enjoy a network that works for you. Prevent outages from happening instead of solving afterwards. It is our mission to get you back in control!
Deploying networks ‘as designed’
I cannot stress enough the importance of deploying networks ‘as designed’ and preventing network configurations drift. NetYCE has provided this networking functionality already for many years for all our L2 and L3 networks; long before the market started to talk about it. And in a fully vendor agnostic way. Especially in today’s world, to make network virtualisation a success, it’s a must that underlay networks are 100% stable and programmable.Olav Roes – Sr. Service Owner Network Security & Connectivity at Rabobank Group
Want to Know More?
Frequently Asked Questions
YCE stands for Your Configuration Engine. NetYCE, therefore, refers to our core competence which is the ability to manage all the essential aspects of your network configurations. In short, these are:
- Config backup and management to provide insight into all your network changes
- Config compliance and validation of policies and rules, against backup configs or live device status
- Automating config changes such as OS upgrades, port changes, network- & service provisioning, closed-loop automations and many more.
- Intent-based networking to standardize change processes and automate things like Config Creation, ZeroTouch Provisioning, Self-service and many more.
Most companies lack the people, tools, knowledge and time to get results from network automation. We solve this by bundling our netYCE platform, DevNet consultancy, support and training to deliver world-class network automation solutions with guaranteed outcomes. We either build & implement for you or we train your engineering staff on the job.
More specific we solve 3 things. 1) Find issues and misconfigurations with network compliance that impact the stability, security and agility of your network. 2) Fix them with network automation. And 3) Prevent misconfigurations from happening in the first place by implementing the netYCE platform with its intent-based change processes. This unlocks many other business benefits.
Your network is only as good as how it is configured and you can only know the state of your network by validating your running configs against best practice policies or your own (design) rules. Only then will you know if you are vulnerable or have potential outages waiting to happen. It’s also very useful for housekeeping to clean up old stuff and fix wrong naming conventions, port descriptions etc.
It is really easy. We already developed (digitized) most of the vendor’s best practice policies (CIS) that can be checked against your running configs. We either run an audit by importing your configs in a standalone netYCE appliance or we connect it to your network devices. This is the preferred way as we can also check life status settings and more advanced use-cases.
We normally start with a CIS compliance check (vendor hardening baseline). This can be done in a few days for most common vendors. If you want more specific design validations or tune one of our other policy libraries, this can take a few weeks (depending on your staff’s availability and # of policies/vendors). We can also digitise, test and implement your own security and design policies if you have documented them.
Basically, any configuration setting can be validated against a policy/rule by looking at the configuration file or output of a show command/API call. And even for a group of devices, to keep them in sync.
We have categorized them based on the 5 business drivers: 1) Vendor hardening (CIS). 2) Common Vulnerabilities and Exploits (CVE). 3) regulatory (eg ISO, HIPPA). 4) Customer-specific (security) design policies. And 5) Advanced monitoring rules for network operations.
We keep track of CIS- and CVE changes ourselves, update them and make them available for all our customers. Others that are specific to customers, we update periodically as part of the subscription service.
Yes, that is what our ’find’ service is all about. We bundled our platform, people and support to give you a system and process that continuously monitors the compliance of your network. You don’t need to worry about buying software or setting up the system. We can implement new policies and rules for you or train your staff on how to do it.
Of course, you can do a compliance audit periodically, but why not have a process running to alert you in case of network changes cause your business to be at risk. We set up the NetYCE system for you to monitor any change that happens in your network by automatically backing up all your device configs and running compliance checks in the background. We can either create tickets and alerts or automatically fix issues.
Compliance prevents outages from happening instead of giving alarms when the problem occurs. And it validates how your network is configured compared to your own design rules. As such it's fully complementary to other NMS tools.
You might have outsourced your network, but you are still responsible for your business. You can either do an audit yourself (as we only need read access or config files) or ask your outsourcer to do it for you. It can also be used to monitor your outsourcer or determine clear expectations of what you expect from them.
Network compliance helps you show your customer that you are doing your work well or it will give a clear insight into the work that needs to be done in order to get it compliant.
We have developed our own vendor modules for all the major network vendors ranging from Cisco, Juniper, HP, Cienna, Huawei, Alcatel, F5, Palo Alto, Fortigate and many more (see wiki). Creating a new vendor module normally takes 1-2 weeks and is part of the yearly subscription. All vendor modules support our platform functionalities for backup, compliance, parsing, config changes, etc. We also support Python and Ansible plugins, that can be used with all their vendor modules, but only limited functionality can be guaranteed such as config changes/commits.
First, let me assure you that nothing happens without your consent or approval. We basically offer a more structured and centralized way to deploy jobs in your network in the same way you normally would. For example, if you are used to working on the CLI, you would prepare the same commands in NetYCE with the difference that you get pre-and-post checks, automated rollback, transparency on who did what, approvals etc. This allows you to do things more automated. We start small and train you on the job so you gain confidence with the capabilities of network automation.
The sky's the limit here. Within the NetYCE platform, any manual job can be standardized, parametrized, parsed, validated, and turned into a workflow or API call. Ranging from performing OS upgrades to changes in passwords, ports, bandwidth, ACLs, descriptions, Vlan’s, provisioning of services, new devices (ZTP) and many more. Ask for a demo and see for yourself.
Please check out these 2 blogs
Yes, you can. We offer version-controlled templates and workflows for all your playbooks and code and with our plugins you can orchestrate and execute them from one single place. And you can make them even smarter with our built-in support logic, functions, conditionals, parametrization and many more.
In production, we find and fix unwanted config settings with compliance and automation. And we prevent new deployments from deviating from your design standards through design modeling and our intent-based functionality.
There are many different interpretations by networking vendors in the market on this topic, but for us, it simply means having a centralized Automation platform with integrated Source of Truth, IPAM, and design modeling capabilities that prevents configuration changes from deviating from what you intended by design.
Read our views here: https://blog.netyce.com/intent-based-networking-is-here
Yes, NetYCE is fully open and API based so we have been integrated with many different NMS/OSS/BSS and IPAM applications. (See also our TMforum catalysts participations: Unleash the power of Hybrid Network Orchestration, Proactive Service Assurance via Closed Loop Predictive AI/ML, Automated optimization of customer QoE)
We offer the following 3 services: Find, Fix and Prevent.
- Find is our Network Compliance service whereby we continuously monitor your network to find issues and misconfigurations
- Fix is our Network Automation service, whereby we fix non-compliance issues, train your staff and help them automate day-to-day network changes
- Prevent is our Intent-Based service offering whereby we help companies to mature and standardize their change processes and prevent networks from getting misconfigured in the first place. This is done by setting up the netYCE platform with functionalities such as design modeling, build-in source of truth, RBAC, API integrations with NMS and IPAM systems etc.
We also offer a ‘getting started package’ so you can experience all we offer in a period of 2-3 months in your own lab or production network. You can use it for evaluation, run a CIS audit or even fix things in your network.
We like to keep things simple. Based on the size of your network, you simply pay us a monthly fee. This includes the NetYCE licenses, software maintenance, best practice use-cases, libraries, 3rd line software and DevNet support and training of your staff. In case you want us to participate in projects and implement for you, we uplift the monthly subscription fee with the amount of DevNet hours you need for a certain period (see also our pricing page). In the end, we want you to pay only a fraction of the cost compared to hiring DevNet consultants and building point solutions yourselves. But then without the risks and worries of developing and maintaining it.
We can give you free access to our NetYCE cloud system (limited functionality) and we offer a free (offline) compliance report against some of your device configurations. If you want to run NetYCE with full functionality in your lab or production network, we offer a special ‘getting started’ package. This includes running a CIS audit and fixing any issues we find.
We offer an .ova file with the full NetYCE appliance that can run in the hypervisor of your choice including Azure and AWS. So you can decide whether to go on-prem or cloud.