Introduction

Invariant is a system that validates your network according to user-provided rules in a highly scalable digital twin environment.

Invariant does not require access to your network of routers and switches but relies on their configuration files. This approach allows Invariant to catch subtle failures in a secure, ephemeral environment long before you deploy them.

The Invariant rule language is very powerful and easy to use. Invariant critical flow rules assert that no cases exist where critical traffic could be dropped. Invariant deny rules restrict what traffic should be permitted for sensitive subnets or define traffic flows that should never be allowed in the network.