For years, network engineers have been the unsung heroes of IT operations — keeping infrastructure running with little more than skill, grit, and a handful of Python scripts.
Those scripts saved us more times than we’d like to admit. They automated backups, standardised configs, and stitched together the tools vendors forgot to build.

But somewhere along the way, those clever hacks became production dependencies.
And in 2025, that’s a problem.

The Script Era Was Brilliant — Until It Wasn’t

Let’s be honest: scripting got us this far. When vendors were slow to provide APIs or automation frameworks, the community stepped up.
Cron jobs and expect scripts filled the gaps. Frameworks like RANCID and Oxidized helped move the needle for open-source NCM.

But these tools were never designed for today’s networks — where uptime, accountability, and regulatory compliance are non-negotiable.

A few inconvenient truths:

• Most legacy NCM tools still lack authentication and access control.
  Anyone with network reach can often log in — no audit trail, no user identity.

• They rely on file-based storage without encryption or role segregation.

• There’s no governance, API observability, or compliance reporting.

• And when they break? It’s one engineer’s headache — and nobody else’s visibility.

What once represented agility now represents fragility.
You can’t build resilience on scripts that live in someone’s home directory.

Security and Sustainability Are Now the Real Challenges

Modern security expectations have evolved.
We now operate in a landscape of zero trust, supply chain integrity, and continuous compliance.
A Git repo full of ad-hoc scripts simply doesn’t meet that bar.

Even worse, when those scripts handle device credentials, configuration files, or SNMP communities without proper protection, they inadvertently become one of the highest-risk data sources in the enterprise.

And sustainability? Forget it.
When that key engineer leaves, retires, or gets reassigned, the “automation” collapses with them.
Knowledge silos aren’t strategy — they’re exposure.

Europe Took Notice — and So Did the Law

In the EU, this isn’t just theory anymore.
Regulation has caught up with reality.

NIS2 Directive (EU 2022/2555)

Coming into force across Member States by October 2024, NIS2 explicitly mandates that essential and important entities — including telecoms, ISPs, and cloud providers — implement technical and organisational measures for network and information security.
That includes maintaining up-to-date configuration management, access control, and incident traceability.

In ENISA’s own words:

“Security of network and information systems requires proper configuration, change management, and monitoring processes.”
— ENISA, NIS2 Compliance Guidelines, 2024.

DORA (EU 2022/2554)

For the financial and critical infrastructure sectors, the Digital Operational Resilience Act (DORA) reinforces the same message:
continuous monitoring, configuration integrity, and auditable recovery mechanisms are mandatory components of operational resilience.

Together, NIS2 and DORA make one thing clear:
Network configuration management is no longer a technical choice. It’s a legal obligation.

That’s why this conversation now belongs in the boardroom — not just the NOC.

From “Good Enough” to “Governed and Accountable”

C-level leaders are beginning to realise that network configuration touches every part of business continuity:

• It’s part of cyber-risk management.

• It affects regulatory compliance.

• It underpins service reliability.

Running unauthenticated, script-based systems in production today is equivalent to leaving the data centre door unlocked — because “nobody’s ever stolen a switch before.”

Regulators won’t buy that argument. Neither will auditors.

Open Source Can Be Secure — If Built Right

This isn’t an attack on open source.
It’s a challenge to do it better.

At rConfig, we believe open source deserves enterprise-grade engineering:

• Authentication & SSO baked in, not bolted on.

• Role-based access control that satisfies audit.

• High-speed search, real-time diffing, and compliance reports ready for inspection.

• A modern, API-first stack that integrates with observability, ticketing, and SIEM platforms.

That’s what we’re building into rConfig Core v8 — the next evolution of open-source NCM, designed for real-world production, and compliant by design.

Because “works most of the time” isn’t good enough anymore.

The Takeaway

The industry doesn’t need more scripts. It needs systems.
Not more hacks — more accountability.
Not more “open access” — but open source done right.

Network configuration management has quietly become a board-level topic.
And whether you’re an engineer, CISO, or CEO, the message is the same:

Automation without governance isn’t automation.
It’s exposure.

🔗 Follow the Journey

rConfig Core v8 — now in development on GitHub:
👉 github.com/rconfig/rconfig