Guides

Security & configuration guides

Citation-backed best practices across firewall, wireless, routing, and SD-WAN — and each one links to a free analyzer you can run on your own config in seconds. No sign-up.

Firewall

Firewall rule hardening

Spot overly permissive rules, shadowed and unused rules, and drift from NIST SP 800-41 / CISA guidance — across Palo Alto, Cisco, Fortinet, and SonicWall.

Run the analyzer →
Wireless

Wi-Fi security audit

Catch open SSIDs, legacy WEP/WPA1/TKIP, weak PSKs, missing WPA3/802.1X, and guest networks without isolation.

Run the analyzer →
Routing & switching

Switch & router posture

Telnet/VTY without ACLs, SNMP default communities, unauthenticated BGP/OSPF, missing DHCP snooping and BPDU guard.

Run the analyzer →
SD-WAN

SD-WAN policy review

any/any policies that defeat branch isolation, missing SLA classes, single underlay, and missing tunnel encryption — multi-vendor.

Run the analyzer →
Reporting

Firewall as-built report

Generate a polished as-built deliverable from any config — executive summary, prioritized action plan, and best-practice results.

Open the generator →
Templates

Config templates library

Curated, citation-backed config snippets across vendors — copy the snippet, optionally run it through the matching analyzer.

Browse templates →

Want your external exposure checked?

These guides cover your config. A Shield scan covers what attackers see from outside — for free.

Request free scan