Skip to main content
ConnectMyAssets
Comparison

ConnectMyAssets vs Oxidized

Oxidized modernized network configuration collection with a Ruby codebase, Git backend, and REST API hooks. This page gives an honest assessment of what Oxidized does well and where organizations running production networks with compliance obligations need to look further.

Request a DemoExplore ConnectMyAssets

What Oxidized Does Well

Oxidized represents a genuine step forward from RANCID. Its design choices, Ruby, Git backend, REST API, hooks, read-only web UI, are sensible for a community tool. Its strengths:

Git backend for version control
Oxidized stores configurations in a Git repository, making diffs, history browsing, and branching familiar to any team already using Git. It is a significant improvement over RANCID's CVS backend.
REST API for basic integrations
Oxidized exposes a REST API that allows querying device inventory, triggering manual backups, and retrieving configuration data. This enables basic integrations with monitoring systems and scripts.
Hook-based extensibility
Oxidized supports hooks that fire on backup events, HTTP requests, scripts, or Slack messages. Teams have built useful integrations on top of this mechanism for change notifications.
Active community & vendor support
The Oxidized community actively adds support for new device models and vendors. Its GitHub repository sees regular contributions, which means vendor support is broader and more current than RANCID.

Where Oxidized Falls Short

Oxidized excels at configuration collection. But production network management in 2025 requires capabilities that Oxidized was not designed to provide:

No RBAC or user management
Oxidized has no role-based access control. All users with access to the Oxidized web UI or API can see all device configurations. There is no concept of delegating access to specific devices or sites by user role.
No real-time alerting
Oxidized detects changes only when it polls devices on its configured schedule. A change made between polls is not detected until the next collection cycle. Hooks fire after the poll, not in real time.
No configuration rollback
While Oxidized stores history in Git, there is no built-in mechanism to roll back a device to a previous configuration. Rolling back requires manually retrieving a previous commit from the Git repository and pushing it to the device, a multi-step CLI operation with no approval workflow.
No compliance engine
Oxidized has no concept of compliance frameworks. It cannot check configurations against NIS2, DORA, ISO 27001, PCI-DSS, or IEC 62443 requirements. For regulated industries, Oxidized requires complementary tools and manual processes to satisfy audit obligations.
No audit trail with user attribution
Oxidized logs backup events but does not track who viewed a configuration, who triggered a manual backup, or who made changes through any external system. There is no tamper-evident audit trail for compliance or forensic purposes.
Ruby dependency management complexity
Oxidized is written in Ruby and requires managing Gems, Ruby versions, and sometimes native library dependencies. In environments where Ruby is not already in use, this creates an additional maintenance burden. Upgrades can break vendor drivers unexpectedly.

Feature Comparison

FeatureOxidizedConnectMyAssets
Web interface
Oxidized has a minimal read-only web UI
Real-time change alerting
Configuration rollback UI
Role-based access control (RBAC)
REST API
Oxidized has a basic REST API
NIS2 / DORA compliance reporting
Multi-vendor support (100+ vendors)
Git-backed config history
Webhook / hook-based integrations
Compliance engine (NIS2, ISO 27001, PCI-DSS)
Audit trail with user attribution
No cloud dependencies, all data on your infrastructure
CMDB / unified asset inventory
Zero-Touch Provisioning (ZTP)
Professional support & SLA
SSH bastion with session recording & command risk scoring
Firewall policy audit (shadow rules, permissive ACLs)
IPAM — IP address management & CIDR tree
Network topology map (LLDP/CDP-based, interactive)
Encrypted credential vault (RSA end-to-end, no plaintext exposure)
AI Insights — natural language queries, local inference
CVE tracking per device across all vendors
OT / ICS / SCADA device support
SHA-256 integrity checksums on every backup
Open source

Migration Path from Oxidized

01

Import Your Oxidized Git Repository

Run the ConnectMyAssets Oxidized import tool pointing at your Oxidized Git repository. The tool reads your router.db device list, maps each device to the correct ConnectMyAssets driver, and imports the full configuration history from Git commits, preserving timestamps and diff history.

02

Deploy ConnectMyAssets Collector

Install the ConnectMyAssets collector in your network, a lightweight service that replaces the Oxidized poller. Configure your device credentials in ConnectMyAssets (credentials can be imported from your Oxidized configuration file). The collector begins taking scheduled backups immediately across all your devices.

03

Replace Hooks with Native Integrations

Migrate your existing Oxidized hooks to ConnectMyAssets native integrations, Slack, Teams, email, PagerDuty, ServiceNow. Configure real-time alerting rules in the ConnectMyAssets UI to match or improve on your existing Oxidized hook behavior. Once validated, shut down the Oxidized service.

Frequently Asked Questions

Common questions about migrating from Oxidized

The Natural Next Step from Oxidized

Keep your full Git-backed configuration history. Gain RBAC, real-time alerting, compliance reporting, one-click rollback, and a full-featured REST API. Migration from Oxidized takes less than a day.

Request a DemoExplore ConnectMyAssets