Top 5 questions about NetYCE
Network Automation Intent-Based Networking Network Compliance 5 min read

The 5 most Frequently Asked Questions about NetYCE

Picture of Wim Gerrits

Wim Gerrits on December 7, 2020

Every day we get questions from our customers.

Here is the top 5 of the questions we get asked most often.

1. How does NetYCE compare to Ansible?

Both Ansible Tower and NetYCE are platforms for automation. The key difference is that Ansible Tower originated from server automation and therefore lacks many of the network capabilities. Needless to say, a network is so much more than (individual) devices and therefore requires additional ways to incorporate and manage parameters, dependencies, relations, and design specific logic.

With Ansible, engineers are either forced to add all this logic in individual playbooks or become a software developer to integrate 3rd party tools, like inventory databases, ipam systems, workflow, jinja templates etc. In addition, Ansible playbooks do not support native CLI syntax automation. All this makes network automation challenging. As formulated in a tweet by a network engineer using Ansible: the engineer becomes the ‘control logic’ instead of the application”.

tweet-ansibleThe NetYCE platform was built from the ground up for automating networks. You can use Ansible playbooks and integrate with the Ansible engine while NetYCE takes care of the complexity. This means you can (re-)use Ansible playbooks with version-controlled templates. But it also allows the automatic generation of standardized playbooks with inventory data and design logic that is easily managed elsewhere in the NetYCE platform. All with the added value of NetYCE's GUI, integrated inventory, flexible workflows, approvals, role-based access, logging, easy API orchestration and many more.

In summary, Ansible and NetYCE complement each other whereby NetYCE solves the challenge of managing complexity. It’s not the engineer anymore but the application that stores your ‘control logic’, in a structured and transparent way. This allows you to automate many more use cases that can be managed easily. For more information, check this blog: Why Ansible and Python are not enough for enterprise network automation.

More about the Ansible plugin: and

2. What network vendors does NetYCE support?

NetYCE supports all major network vendors such as Cisco, Juniper, HPE, Avaya, Ciena, Huawei, Checkpoint, Fortinet, Palo Alto, Brocade and more, with each vendor module supporting all devices within that OS 'family'. New vendors are added as we go along based on customer requests. The typical lead time for a new vendor module is 5-10 days.

The vendor modules allow for SSH/Telnet/Netconf/API connectivity in a standardized and fully automated way. NetYCE takes care of committing changes, deals with error handling, backup and restore functionality etc.

In addition, NetYCE supports any vendor, API or cloud module developed by the Ansible Open Source community using the NetYCE Ansible plugin. Or by using any Python code with the NetYCE script_exec plugin. This allows for unlimited automation capabilities within a robust and secure enterprise platform.

What makes NetYCE unique is that engineers are not restricted to any preconfigured settings. All engineering logic and device-specific OS capabilities are stored separately in NetYCE templates that can be easily managed by engineers including conditions, exceptions, logic, functions, multi-vendor support, etc. With this approach you are not dependent on the networking vendor and/or NetYCE to change the automation logic.

For more detailed information, please check out the NetYCE Wiki:

3. Can you explain NetYCE functionality in short?

Think of NetYCE as your ultimate platform to support network staff with all their tasks related to network configuration, compliance & automation. Instead of logging into production devices, jobs can now be scheduled via the NetYCE platform. Engineers can choose to keep on doing what they do today (device-based syntax changes) or use the enhanced NetYCE features to perform more 'smarter' and 'intended' jobs and scenarios and deal with automatic rollback scenarios. One of our customers described NetYCE as the ultimate scripting engine that does not require any software development. We have made it easy for engineers to use in their day to day work.

Also included are a logical inventory database and a rich GUI and templating system. This means you can make planned changes, prepare migrations, perform reconciliations, keep track of your network administration, and store all of your staff's engineering logic. Basically, all your network information and support processes in one place to prepare 'intended' changes before you deploy them. All this works seamlessly to keep your 'deployed' production network in sync with your intended changes.

You can use the platform to standardize and enforce design rules, design options, design logic and design changes down to the network. Here your design and automation logic can be modeled. NetYCE will automatically hand out all variables and parameters as per your design and keep a full administration of it. So no need for excel files and separate databases.
Finally, all this can be done via the GUI, but also via the NetYCE API. This will further streamline automation and orchestration with 3rd party systems such for IPAM, DHCP, DNS, OSS or other NMS systems.

4. How can NetYCE work with Python?

Perhaps you already have developed scripts yourself. These days most probably those are written in Python. It would be a shame not to reuse those. This is easy in NetYCE.

You can use NetYCE scenarios to create your own scripts with a simplified scripting language. Simply combine the order and logic of any process you want to automate, all again fully integrated with the NetYCE database, templates, engine, and process control.

These NetYCE scenarios contain rich programming capabilities with extensive options and plugins without being a programmer. For more advanced users and Python developers, any script can be called upon with the “script_exec” command. This supports command-line arguments to pass on your variables and have NetYCE engine orchestrate the execution of your scripts in a data-driven way. The same applies to scripts in other programming languages.

Once you put your logic and code in NetYCE, everything is now fully API enabled. Simply call upon the NetYCE API to orchestrate any changes in a controllable way.

5. What is your approach to Network Automation?

Many companies struggle where to get started. Unless customers have a specific use case in mind, we take them on a network automation journey. A journey that aligns with some of the key challenges most companies face. These are:

1. How to get control over configuration changes happening in my network?
In less than an hour, we set-up NetYCE to back-up your production configurations automatically when changes happen. This allows you to keep track of any change and go back in time to see exactly when something was changed.

2. Is my network configured correctly?
This can be easily validated with automated network compliance tooling. We use our library of market standard rules (e.g. CIS compliance and vendor hardening reccomendations) to benchmark your network. Or we create specific policies and rules to validate your design rules against the running configs. The outcome is either a report or an automated process that runs in the background to notify you of any non-compliance issue that needs mitigation.

3. What network changes can be automated?
Of course, any non-compliance issues resulting from step 2 can be easily fixed by using automated jobs. But many more tasks can be automated. Basically, any task that engineers perform manually can be translated into easy configurable jobs, templates and workflows, all with smart logic so you can re-use as much as possible. We organize workshops to get you started.

4. How to achieve an enterprise solution for network automation?
Once you start automating more and more tasks, it becomes important to organize all your data, logic, and rules in a transparent and easily manageable way. We help to structure your data in the NetYCE database, organize all your logic in smart templates and implement design rules for standardization. The end result is a system that is fully transparent for engineers to use and scalable to implement any use case you want.

Do you have other questions?

Check the complete FAQ here, or schedule a meeting with me! I love to hear about your questions. Book a meeting here.



Picture of Wim Gerrits

Wim Gerrits

Founder & Chief Network Automation Advocate Wim drives NetYCE's strategic vision while overseeing all aspects of the company's operations. Since 1995 Wim is helping customers with business-critical networks to lower their TCO and mitigate risks. His passion is to translate complex things into simple business terms.