diff --git a/debian/control b/debian/control
index 5d2dedde..426c34d6 100644
--- a/debian/control
+++ b/debian/control
@@ -49,6 +49,7 @@ Depends: etckeeper,
          libyaml-tiny-perl,
          netcat | netcat-traditional,
          ngcp-system-tools,
+         pkwalify,
          ${misc:Depends},
          ${perl:Depends}
 Description: central and templated based Configuration Management System for NGCP platforms
diff --git a/docs/ngcpcfg.txt b/docs/ngcpcfg.txt
index 6ee7706b..7641e9a4 100644
--- a/docs/ngcpcfg.txt
+++ b/docs/ngcpcfg.txt
@@ -181,6 +181,10 @@ Run actions (see next section) in verbose mode, useful for debugging.
 
 Display usage information and exit.
 
+  **--no-validate**::
+
+Ignore schema validation results for YAML files (syntax check is still performed).
+
   **--version**::
 
 Display ngcpcfg version and exit.
@@ -196,7 +200,7 @@ the most commonly executed commands.
 
   **check** [<config_files_or_directories>|<pattern>]::
 
-Validate YAML files before performing any further actions.
+Check syntax of YAML files and validate schema before performing any further actions.
 
   **build** [--modified-only] [<files_or_directories>|<pattern>]::
 
diff --git a/etc/ngcp-config/ngcpcfg.cfg b/etc/ngcp-config/ngcpcfg.cfg
index 4f4ebebe..15abe48b 100644
--- a/etc/ngcp-config/ngcpcfg.cfg
+++ b/etc/ngcp-config/ngcpcfg.cfg
@@ -28,4 +28,7 @@ SERVICES_POOL="${SERVICES_POOL_BASE}/etc"
 
 # timestamp format for console output
 TIME_FORMAT="+%F %T"
+
+# validate configs using kwalify schema
+VALIDATE_SCHEMA="false"
 ## END OF FILE #################################################################
diff --git a/sbin/ngcpcfg b/sbin/ngcpcfg
index a1405cdb..329ec438 100755
--- a/sbin/ngcpcfg
+++ b/sbin/ngcpcfg
@@ -153,6 +153,7 @@ case ${1:-} in
   values)     shift ; values "$*" ;;
   --debug)         export DEBUG=1 ;      shift ; $0 $* ;;
   --no-db-sync)    export NO_DB_SYNC=1 ; shift ; $0 $* ;;
+  --no-validate)   export NO_VALIDATE=1; shift ; $0 $* ;;
   -h|--help|help)       usage   ; exit 0;;
   -v|--version|version) version ; exit 0;;
   *)          usage 1; exit 1;;
diff --git a/scripts/check b/scripts/check
index 33319551..bf71d13b 100755
--- a/scripts/check
+++ b/scripts/check
@@ -53,6 +53,34 @@ check_configs() {
   check_config_syntax
 }
 
+validate_config() {
+  local rc=0
+  log_debug "Validating schema for main YAML files"
+
+  for f in $config_files ; do
+    local schema="/usr/share/ngcp-cfg-schema/validate/$(basename "${f}")"
+
+    if ! [ -f "${schema}" ] ; then
+      continue
+    fi
+
+    if ! pkwalify -s -f "${schema}" "${f}" >/dev/null 2>&1 ; then
+      log_error "Invalid schema detected for ${f}"
+      pkwalify -f "${schema}" "${f}" >&2 || true
+      rc=1
+    fi
+  done
+
+  if [ "$rc" != "0" ] ; then
+    if [ -n "${NO_VALIDATE:-}" ] ; then
+      log_info "DANGEROUS ZONE: invalid configs detected, continue anyway due to option '--no-validate'"
+    else
+      log_error "Aborted, please fix issue(s) above and repeat."
+      exit 1
+    fi
+  fi
+}
+
 if [ "$*" = "" ] ; then
   config_files="${NGCPCTL_CONFIG:-} ${HOST_CONFIG:-} ${LOCAL_CONFIG:-} ${NETWORK_CONFIG:-} ${EXTRA_CONFIG_FILES:-} ${CONSTANTS_CONFIG:-}"
 else
@@ -60,6 +88,9 @@ else
 fi
 
 check_configs
+if "${VALIDATE_SCHEMA:-false}" ; then
+  validate_config
+fi
 
 exit 0