Skip to content

Autonomous LAN diagnostics

Find every fault.
Fix it in one tap.

NetMender watches your Meraki and UniFi networks, detects faults on its own, explains the root cause with a confidence score, and proposes a fix you approve with one tap. Built with a kill switch, a confidence gate, and an append-only audit trail.

Request early accessRequest demo access
View the live demo
MerakiUniFiHost probe

See it work

A signal comes in, a one-tap fix comes out.

1
2
3
4
Detectautonomous

Meraki uplink degraded, HQ Floor 2

12% packet loss, gateway unreachable for 18 minutes. Correlated from live telemetry with no human in the detection loop.

Request early accessRequest demo access

How it works

Detection to fix, with a human in the one tap that matters.

01

Detect autonomously

Telemetry streams in from Meraki, UniFi, and an on-LAN host probe. NetMender correlates events into faults with no human in the detection loop, and auto-resolves conditions that clear on their own.

02

Score the root cause

Each fault gets a root-cause analysis with a confidence score, from Claude or a built-in heuristic. Above the threshold a fix is pre-formed; below it the fault goes to triage with no fix attached, so a low-confidence guess never reaches an operator as an action.

03

Approve in one tap

Approve the proposed playbook and NetMender executes it server-side against the vendor API. A global kill switch can hard-block execution, and every step lands in an append-only audit trail.

Built for the security review

Autonomous detection, never autonomous damage.

Append-only audit and evidence

Every detection, RCA, approval, and execution is recorded in an append-only log, alongside the signals that justified each diagnosis. The trail cannot be edited or deleted, even by an admin.

Kill switch and confidence gate

One switch hard-blocks all remediation regardless of UI state, while detection keeps running. The confidence gate guarantees a low-confidence root cause is never pre-formed into an approvable fix.

Vault-backed secrets

Vendor control-plane credentials live in an encrypted vault, isolated per org, decrypted only server-side at execution time. They are never returned to the browser.

FAQ

Frequently asked

Do we need a dedicated hardware probe?
No. The on-LAN host probe runs as a small service on any always-on host already on your network. There is no proprietary appliance to rack or provision.
What vendor permissions does the executor need?
For Meraki: an org API token with admin scope on the target networks. For UniFi: a controller user with restricted privileges on the target site. Both are stored in the per-org vault and never returned to the browser.
Can we run NetMender in detection-only mode?
Yes. The kill switch hard-blocks all execution at the orchestrator while detection and triage continue. You get the full diagnostic picture without any remediation running, for as long as you want.
What faults does the host probe catch that the controller does not?
Consumer-router and last-mile faults: uplink loss, DNS failures, and Wi-Fi signal degradation at the client layer. Meraki and UniFi controller APIs report on managed hardware; they cannot see what happens between the AP and the internet.
How are credentials stored?
Vault-backed, encrypted at rest, isolated per org. Credentials are decrypted only server-side at execution time and are never returned to the browser or logged.

We built NetMender because we run these networks ourselves.

The fault correlation, the confidence gating, the vendor playbooks, the kill switch that means a bad fix never ships unattended, all come from operating Meraki and UniFi fleets in production, not reading the docs. It is the same operator experience behind everything Auxon does.

Meraki + UniFi in productionLive LAN probe shippedConfidence-gated remediation
See what else we run

Want it watching your network?

Tell us what you run. We will get you into the demo.

Request early access