Guides
Security & configuration guides
Citation-backed best practices across firewall, wireless, routing, and SD-WAN — and each one links to a free analyzer you can run on your own config in seconds. No sign-up.
Firewall rule hardening
Spot overly permissive rules, shadowed and unused rules, and drift from NIST SP 800-41 / CISA guidance — across Palo Alto, Cisco, Fortinet, and SonicWall.
Run the analyzer →Wi-Fi security audit
Catch open SSIDs, legacy WEP/WPA1/TKIP, weak PSKs, missing WPA3/802.1X, and guest networks without isolation.
Run the analyzer →Switch & router posture
Telnet/VTY without ACLs, SNMP default communities, unauthenticated BGP/OSPF, missing DHCP snooping and BPDU guard.
Run the analyzer →SD-WAN policy review
any/any policies that defeat branch isolation, missing SLA classes, single underlay, and missing tunnel encryption — multi-vendor.
Run the analyzer →Firewall as-built report
Generate a polished as-built deliverable from any config — executive summary, prioritized action plan, and best-practice results.
Open the generator →Config templates library
Curated, citation-backed config snippets across vendors — copy the snippet, optionally run it through the matching analyzer.
Browse templates →Want your external exposure checked?
These guides cover your config. A Shield scan covers what attackers see from outside — for free.