NEWv4.0 — Multi-site NDO grouping & ACI policy diffs

Every device.One pane of glass.

SAMURAI unifies Cisco APIC, FMC, NDO, Palo Alto, routers, and switches into a single command surface. Discover every endpoint. Trace every path. Detect every change — across every vendor.

Request a demoSee it in action
5-min self-hostMulti-vendor190+ tests
APICapic-01APICapic-02APICapic-03SWspine-01SWspine-02SWleaf-01SWleaf-02SWleaf-03SWleaf-04FWpan-fw-01FWftd-fw-02ESXiesxi-01ESXiesxi-02
live topology·13 nodes·26 links
APIC
FW
RTR
SW
ESXi
p50 0.4sp99 1.2sendpoints 13,484
7
vendor families
native integrations
<400ms
p50 query latency
cache-first architecture
5 min
to first dashboard
docker compose up
190+
automated tests
CI on every commit
Native integrations across
APIC · FMC · ASA · FTD
Next-generation firewalls
FortiGate firewalls
Cisco ISE · Identity & access
Routers · IOS · NX-OS · IOS-XR
Switches · Catalyst · Nexus · Arista
Cisco NDO · Multi-site orchestrator
Virtualization platform
APIC · FMC · ASA · FTD
Next-generation firewalls
FortiGate firewalls
Cisco ISE · Identity & access
Routers · IOS · NX-OS · IOS-XR
Switches · Catalyst · Nexus · Arista
Cisco NDO · Multi-site orchestrator
Virtualization platform
APIC · FMC · ASA · FTD
Next-generation firewalls
FortiGate firewalls
Cisco ISE · Identity & access
Routers · IOS · NX-OS · IOS-XR
Switches · Catalyst · Nexus · Arista
Cisco NDO · Multi-site orchestrator
Virtualization platform

One platform. Every primitive you need.

Built by security engineers who got tired of switching between twelve dashboards to answer one question.

Discovery

Find every endpoint, automatically

Correlates MAC, IP, ARP, DHCP, CDP/LLDP, 802.1X, and APIC data across every switch, router, and fabric controller — into one unified table.

MACIPVendorSwitch
00:1a:2b:3c:4d:5e10.10.3.42Ciscon9k-leaf-04
48:f8:b3:11:22:3310.10.3.87Dellcat-9300-15
a4:bf:01:aa:bb:cc10.20.1.12HPn9k-spine-01
b8:27:eb:5f:a1:9d10.10.51.18Raspberrycat-9300-15
f4:5c:89:01:7e:3a10.10.52.04Applen9k-leaf-04
dc:a6:32:ff:ee:dd10.10.3.91Raspberryn9k-leaf-04
00:50:56:9c:14:b210.20.5.42VMwaren9k-leaf-02
3c:fd:fe:a1:b2:c310.20.5.43Inteln9k-leaf-02
fc:ec:da:88:99:aa10.10.4.21Ubiquiticat-9300-15
00:0c:29:5e:f1:8a10.20.5.51VMwaren9k-leaf-03
Analysis

Hop-by-hop trace

5-tuple packet path across routers, switches, and firewalls — with ACL evaluation.

Monitoring

Smart change detection

Compares real device data, not audit logs. Noise filtered automatically. Only meaningful diffs stored.

- access-list 101 deny tcp any host 10.0.1.5
+ access-list 101 permit tcp any host 10.0.1.5
  access-list 101 permit icmp any any
Performance

Sub-second queries

Cache-first architecture. Background sync. Instant updates as the network changes.

0.4s
Reliability

APIC clustering & failover

Cluster controllers with automatic primary election. Configurable thresholds.

Primary
apic-1
Standby
apic-2
Compatibility

Auto-detect every platform

IOS, NX-OS, IOS-XR, PAN-OS, FMC, ASA — automatically identified, profiled, queried.

IOSNX-OSIOS-XRPAN-OSFMCASA
Explore the platform
For network engineers

Stop juggling six browser tabs

  • Query 13k+ endpoints with field-scoped search
  • Hop-by-hop path trace with ACL evaluation
  • Diff configs across any two snapshots
For IT directors

Visibility that scales with your fleet

  • Every device · 7 vendors · 1 dashboard
  • Compliance-grade audit trail with full history
  • 5-minute self-host. No SaaS lock-in.
For security teams

Catch unauthorized changes in real time

  • Real-data change detection (no false positives)
  • Telegram alerts on state drift
  • LDAP/SSO with role-based scoping
Deploy

From zero to full network visibility in five minutes

Run one command. Your entire network appears on screen. No cloud, no agents, no consultants — just answers.

  • Your data never leaves your perimeter — ever
  • Runs on a single VM. No infrastructure team needed.
  • See every change the moment it happens
  • Built to be production-grade from day one
terminal — deploy
From the blog

Field notes on network security

Practical writeups from the engineers building SAMURAI — multi-vendor pitfalls, fabric design, change-detection algorithms.

All posts
Engineering
2026-05-208 min read

How we detect changes without relying on audit logs

How stripping volatile fields and hashing the rest eliminates false-positive diffs — and why timestamp-based comparisons fail at scale.

Deep Dive
2026-05-0612 min read

Multi-vendor path tracing: the hard parts

Tracing a packet across IOS, NX-OS, and PAN-OS means reconciling three different ACL syntaxes, two route table formats, and zero shared conventions.

Architecture
2026-04-2210 min read

Correlating 13,000 endpoints without a CMDB

MAC tables, ARP, DHCP snooping, CDP/LLDP, 802.1X, and APIC hosts — stitched together in the right order, they replace a stale spreadsheet.

Your network deserves discipline.

See SAMURAI run against your real environment. Most demos are scheduled within 24 hours.