Announcing NetBox Discovery: Bridge Infrastructure Design With Operational Reality

You’ve invested in NetBox as your authoritative system of record for infrastructure design. NetBox drives your automation, powers your integrations, and serves as the foundation for how you understand and manage infrastructure.

But there’s a gap between what you’ve designed and what’s actually running. Configurations drift from standards. Unauthorized changes slip through. Inherited networks from acquisitions need rapid modeling. And when auditors ask you to prove your network segmentation is working as documented, you’re left manually validating infrastructure state against your design intent.

Managing infrastructure at scale requires continuous discovery across complex, segmented networks and validating that operational reality matches your design intent.

Today we’re excited to announce a new commercial offering: NetBox Discovery, an automated enterprise-grade infrastructure discovery capability that bridges your design intent with operational reality.

Late last year, we released the NetBox Discovery agent, a lightweight, open source agent for network and device discovery. Earlier this year, we released NetBox Assurance a commercial drift detection and validation product. Today we’re announcing the complete NetBox Discovery solution that combines the agent with centralized orchestration and deep integration with NetBox Assurance, delivering continuous validation that your infrastructure operates according to design. We expect it to be generally available early next year for NetBox Enterprise and NetBox Cloud customers.

With this new commercial NetBox Discovery offering, the NetBox Labs platform enables continuous validation that your infrastructure operates according to design. Created as an open network source of truth tool in 2016, NetBox has evolved with support from NetBox Labs, its commercial stewards, into the most popular network and infrastructure platform globally. With tens of thousands of users and over 19 thousand GitHub stars, the NetBox platform is the central nervous system that makes networks and infrastructure easier than ever to operate, observe, automate, and secure.

The Challenge: When Design and Reality Diverge

Validating design against reality is manual and time-consuming. Network segmentation is documented, but verifying it is enforced operationally requires manual checking. Device configuration standards exist, but validating compliance across hundreds of devices means spot-checking at best. Without automated validation, the gap between documented design and operational state remains invisible until it causes problems.

Continuous discovery at scale is operationally challenging. Complex, segmented networks require distributed discovery infrastructure. Managing agent fleets, coordinating policies, and consolidating findings across locations creates operational overhead that prevents teams from achieving continuous discovery in production environments.

Configuration drift accumulates silently. Devices deviate from documented standards. Unauthorized changes get made during troubleshooting. Configurations that matched design at deployment slowly drift over time. Without continuous monitoring against design baselines, drift accumulates until it causes outages or security gaps.

New infrastructure takes too long to model. Acquisitions, mergers, and inherited networks mean weeks of manual discovery and data entry before you can confidently manage them. You’re reverse-engineering infrastructure that should be in NetBox from day one.

The fundamental issue: authoritative design models and operational reality exist in separate worlds. NetBox describes intended infrastructure. NetBox Discovery shows what’s actually deployed. Without a bridge between them, systematic validation is impossible.

The Solution: Bridge Design and Reality

NetBox Discovery makes continuous infrastructure discovery easy at scale, even in complex, segmented networks. Deploy and manage distributed agent fleets that continuously capture operational state, then validate that reality against your design intent through NetBox Assurance.

NetBox Discovery solves the operational challenge of continuous data collection across complex environments. Orchestrate agent fleets, distribute policies, and consolidate findings from any network topology. NetBox Assurance solves the validation challenge. It compares NetBox Discovery’s operational data against your NetBox design, detecting drift and providing remediation workflows.

Together, they enable continuous validation at scale. NetBox Discovery provides the operational visibility. Assurance provides the validation intelligence.

How It Works

Orchestrated agent fleets for complex networks. Deploy lightweight, open source agents across segmented networks, datacenters, and remote sites. Centralized orchestration makes it easy to manage distributed agent fleets at scale, distribute discovery policies, and consolidate findings, solving the challenge of continuous discovery in production-grade, complex network environments.

Multi-protocol discovery. Discover your infrastructure through network scanning to identify active hosts and services, and device discovery to capture detailed configurations, interfaces, and operational state. Support for NETCONF, RESTCONF, gNMI, SSH, HTTP APIs, and SNMP enables broad vendor compatibility and deployment flexibility.

Intelligent validation via Assurance. NetBox Assurance builds a real-time operational model of your infrastructure based on NetBox Discovery feeds of operational data. It continuously compares this model against your design intent in NetBox, detects drift, and provides workflows to either accept changes or remediate drift. NetBox Discovery captures operational reality. Assurance validates it against design.

What You Can Do With NetBox Discovery

Build authoritative network models rapidly. Point NetBox Discovery at unfamiliar infrastructure from acquisitions or inherited networks. What took weeks of manual data entry now completes in hours: you get a complete NetBox model ready to serve as your authoritative source of truth.

Back up and validate device configurations continuously. NetBox Discovery captures and tracks device configurations over time, providing config backup, change history, and compliance validation against your documented standards. Identify configuration drift, enforce security baselines, and maintain audit trails for compliance frameworks like SOX and PCI.

Prove compliance and detect unauthorized changes. NetBox documents your network segmentation and security policies, and NetBox Discovery continuously validates that they are operationally enforced. Detect unauthorized devices appearing on your network, prove to auditors that segmentation boundaries are respected, and identify when configurations deviate from documented security baselines. One platform serves as both the compliance documentation and the operational proof.

Looking Ahead

As NetBox Discovery evolves, closed-loop remediation workflows will trigger corrective actions when operational state diverges from design intent. Historical intelligence will track how your infrastructure evolved relative to your design over time, enabling capacity planning and trend analysis.

The vision: one platform that documents your infrastructure design, discovers operational state, validates they align, and triggers corrective actions when they don’t.

Who This Is For

If you’re using NetBox as your network source of truth, transform your authoritative design database into an operational source of truth that stays synchronized with reality.

If you need to prove compliance, demonstrate that infrastructure and security policies are operationally enforced, not just documented.

If you’re responsible for infrastructure onboarding, get automated discovery that rapidly builds complete NetBox models instead of weeks of manual data entry.

If you’re building automation that depends on NetBox, ensure your source of truth accurately represents operational reality, enabling automation you can trust.

What’s Next

The NetBox Discovery agent is available now. You can start using it today: it’s fully open source and ready to deploy. Get started with the agent.

The complete NetBox Discovery solution (with centralized orchestration, Assurance integration, and drift remediation workflows) launches early next year for NetBox Enterprise and NetBox Cloud.

We want to hear from you. What’s your process for discovering and modeling inherited networks from acquisitions? What discovery methods would be most valuable for your infrastructure? What takes the most time in building and maintaining your NetBox models today? Which compliance frameworks drive your need for continuous infrastructure validation?

The future of network infrastructure management isn’t more diligent manual updates. It’s an authoritative source of truth that continuously validates itself against operational reality through automated discovery.

NetBox Discovery brings that vision to every NetBox deployment.