rConfigPair AKIPS with rConfig. Back up every device configuration. Prove compliance without modifying the appliance.
- SourceAKIPS appliance inventory
- rConfigDevice record
- Fans out to
- Backup archive
- Diff view
- Compliance report
rConfig reads your AKIPS device inventory over the REST API, backs up the running configuration of every monitored network device on the schedule you choose, diffs every change, and generates NIS2 or DORA evidence without touching the AKIPS appliance, without exporting CSVs, and without a second device inventory to maintain alongside the one AKIPS already built for you.
AKIPS 20.x and later200+ vendor profilesAPI only, zero appliance footprint
AKIPS monitors 90+ vendors at scale. It never aimed to back up their configurations.
If you run AKIPS, you already know why 250+ enterprises picked it. Real time insights across 90+ vendors. A turnkey software appliance you can stand up inside an afternoon. Scale that holds up from a few hundred devices to a hundred thousand without rearchitecting the monitoring stack. Since AKIPS joined Tufin in February 2024, the appliance has continued exactly as it was, now with the backing of a parent company that knows enterprise networking from the security policy side.
What AKIPS was never built to do is pull the running config from the Cisco, Fortinet, Palo Alto, Check Point or Arista devices it's monitoring. That's not in scope, and the AKIPS team has been clear that network monitoring is the discipline they're focused on.
That leaves a gap that shows up the moment an auditor asks what the firewall ruleset looked like last March, or when a change gets pushed at 2am and nobody can work out what was there before. rConfig fills that gap. Vendor agnostic. 200+ device profiles out of the box. Deployable on prem, VM, bare metal or in your private cloud. Your AKIPS device inventory becomes rConfig's device list over the REST API, and every configuration on every device lives in rConfig's versioned archive from that point forward.
- Running config isn't a metric AKIPS collects. Never has been.
- The AKIPS appliance is deliberately locked down; modifying it for config pulls is not an option.
- CSV exports from AKIPS plus a cron driven script are the most common DIY approach, and they break the week you need them most.
- AKIPS now offers Configuration Search for identifying devices by running config string content, but storing, diffing and restoring configurations sits outside that feature.
- Auditors do not care that AKIPS stayed green. They care what the configuration looked like every Friday.
rConfig picks up where AKIPS stops, and it does it without touching the appliance you already trust.
AKIPS plus rConfig, in three moves.
Sync, capture, prove. Three capabilities that turn a monitored AKIPS estate into an audit ready one. Every device, every configuration, every change.
Sync
AKIPS devices become rConfig devices automatically, scoped by AKIPS group, device attribute or site. Add a device to AKIPS, it lands in rConfig on the next schedule. Retire one in AKIPS, it's flagged in rConfig for review before anything breaks.Capture
Every running config, every startup config, every change, stored and diffable. 200+ vendors out of the box. No modifications to the AKIPS appliance. No home grown script to maintain. No CSV export pipeline to debug.Prove
Compliance policies run against every AKIPS monitored device. NIS2, DORA, PCI-DSS, CIS benchmarks and anything your security team writes. Evidence exports in minutes.
AKIPS watches. rConfig remembers. Between the two, there’s no version of the network you can’t prove to an auditor.
How rConfig syncs with AKIPS, step by step.
Four screens. Set up in under 30 minutes. Filter and mapping that scales cleanly from a pilot to tens of thousands of devices.
- 01Step 1: AuthorisePaste an AKIPS API token and the appliance URL into rConfig's Integrations screen. The Test Connection and Test Credentials buttons confirm reachability in seconds.
- 02Step 2: ScopePick which AKIPS devices to bring across. Filter by AKIPS group, site, device type or custom attribute. Most teams start with a single test group of five to ten devices and widen from there.
- 03Step 3: MapTranslate AKIPS groups, sites and device metadata into rConfig vendors, templates and credentials using tag based mapping. Set it up once, rConfig applies it on every sync thereafter. Default mappings cover the common AKIPS device categories out of the box.
- 04Step 4: SyncRun it now, schedule it (hourly, daily, weekly), or trigger it from the CLI with
php artisan rconfig:integration-akips. Idempotent: reruns produce identical state, failures resume cleanly on the next cycle.
The integration is one way by design. rConfig never writes to AKIPS. The AKIPS appliance is never modified, updated or asked to run custom code. Once devices are in rConfig, backup, diff and compliance run automatically. AKIPS continues monitoring exactly as it was.
Built for how AKIPS network teams actually work.
The jobs the NOC, the security team and the auditor each need from network configuration management. No features bolted on for show.
Multi vendor configuration backup
Cisco, Fortinet, Palo Alto, Check Point, Juniper, Arista, Huawei, Nokia, MikroTik, HPE and 190 more. Hourly, daily or on demand.Change detection with a readable diff
See exactly what changed, line by line, since the last known good version. Filter out noise like timestamps and session identifiers.NIS2, DORA and CIS compliance reporting
Write policies once, run them against every AKIPS monitored device. Export evidence your auditor can actually read.One click configuration restore
Push a known good configuration back to any device in under 90 seconds, with approvals and a full audit trail.Bulk configuration deployment
Apply the same template across every AKIPS device that matches a filter, in a single job with preview and rollback.Full audit trail, exportable on demand
Who changed what, when, from where. The report your auditor asks for takes minutes, not days.
Deploys alongside AKIPS. Respects the appliance. Does its own job.
rConfig does not install anything on the AKIPS appliance. It doesn’t ship an AKIPS plug in. It doesn’t ask for SSH access to the monitoring host. All interaction happens over the documented AKIPS REST API through a token that you scope yourself. That matters because AKIPS’s turnkey appliance model is part of what makes it easy to live with, and rConfig is built to keep that simplicity intact.
What rConfig does is what AKIPS was deliberately not built to do: capture configuration, track how it changes, and prove what it looked like when someone needs to know. Self hosted on prem, VM or bare metal, or in your private cloud. Compatible with AKIPS 20.x and later. Your network team is running it inside 30 minutes on V8 Pro or Vector.
Your monitoring.Your configuration.Your audit trail.
From AKIPS alert to restored configuration, in under fifteen minutes.
An Australian state government education network runs AKIPS across roughly 5,400 devices covering two hundred schools plus central offices. The monitoring has been in place since 2019 and the team loves the appliance model: one box, one licence, one team trained on it. What they didn’t have was a configuration management answer for when an auditor asked, or when a network engineer needed to compare a firewall config from three months ago against what’s running today. At 14:08 on a Wednesday, AKIPS alerted on packet loss affecting a regional school site. The on call engineer pulled up AKIPS and the metrics showed the issue clearly, but the cause lived in rConfig: an ACL change pushed that morning during maintenance that had affected the wrong VLAN. rConfig’s diff view surfaced the exact three line difference from the known good configuration, and the engineer rolled back with a single click. Service was restored at 14:21. The audit trail was ready before anyone asked for it.
That’s what configuration management looks like when it respects the appliance you already chose.
NIS2, DORA and IRAP adjacent evidence, sourced from the network AKIPS already watches.
If you’re in scope for NIS2, DORA, or any of the Australian government or APAC equivalent frameworks (IRAP, ISM, Essential Eight controls touching network device configuration), regulators want two kinds of evidence. They want to know the network was available, and they want to know it was configured correctly. AKIPS is the availability evidence. rConfig is the configuration evidence. Neither tool alone satisfies both halves of the audit.
Run both and your compliance process stops being a quarterly panic. Drift detection policies run automatically, every day, against every AKIPS monitored device. When the auditor asks what the ACL on the core router looked like on 12 March, the evidence is already in rConfig’s archive. Your AKIPS metrics history and rConfig configuration archive together cover availability and configuration for the same scope of devices.
rConfig compared to CSV plus cron, Oxidized or a home grown AKIPS automation.
AKIPS users who want configuration backup typically try one of three things before adopting a purpose built NCM platform.
CSV exports from AKIPS combined with a cron job and a Python or shell script is the most common DIY approach. It works, it respects the AKIPS appliance boundary, and it is free. What it does not give you: a searchable archive with full version history, a readable diff, compliance reporting, RBAC, SAML SSO or audit ready evidence. The script is also one engineer’s departure away from becoming unmaintainable technical debt.
Oxidized and RANCID are fine tools for shops with a dedicated automation engineer and a tolerance for Git and YAML debugging. Free. Works. Maintenance cost rises with the estate size, and neither one produces the compliance reporting auditors expect.
rConfig’s positioning is simple. If you have Python and Git capacity in house and a small enough estate that maintenance is manageable, DIY is a reasonable choice. If you need compliance evidence an auditor can read without a walk through, RBAC and SAML out of the box, commercial support with SLAs, and a platform your network team can operate without becoming scripting experts, rConfig is the tool that gets you there faster. Most AKIPS teams move to rConfig after their CSV plus script pipeline breaks at the wrong moment and the engineer who wrote it has moved on.
The AKIPS integration, at a glance.
Everything your architecture review will ask about. Share this section with your security team before the demo.
- rConfig version
- 8.0 or later (V8 Pro, Enterprise or Vector)
- AKIPS versions supported
- 20.x and later
- AKIPS deployment types
- On prem appliance, VM appliance, hosted appliance
- Authentication
- AKIPS REST API token
- Transport
- HTTPS, with optional support for internally signed certificates
- Filterable fields
- AKIPS group, site, device type, custom attribute
- Sync triggers
- Manual, scheduled, or CLI
- CLI command
php artisan rconfig:integration-akips- Single device CLI
php artisan rconfig:integration-akips-single-device {device_id}- Data flow
- One way, AKIPS to rConfig
- Idempotency
- Yes, reruns produce identical state
- Logging
- Every sync logged with user, timestamp, device count, errors
- AKIPS appliance footprint
- Zero (API only, no appliance modifications)
- High Availability
- Supported (point rConfig at the AKIPS HA endpoint)
- Documentation
- docs.rconfig.com/integrations/device-sync-overview
Questions AKIPS users ask about network configuration management
See the sync running against your own AKIPS inventory.
Book 30 minutes with an rConfig engineer. We’ll point the integration at a slice of your real AKIPS device list, back up a handful of your actual devices, and run a compliance report against a policy that matters to your team. No generic demo. No slide deck. No sales gate.
Set up in under 30 minutes. Backs up from day one. Zero AKIPS appliance modification required.