Zero-trust isn’t just for cloud-native companies. Here’s how we implement zero-trust principles at the branch office level using SD-WAN, L7 firewalling, IPS, and DNS-based filtering.
OpenWrt moved to nftables. So did we — across 900+ devices. Here’s the migration path, the gotchas, and why nftables is genuinely better for enterprise firewall rules.
DNSSEC is one of those technologies that sounds straightforward in theory but gets complicated fast in production. Here are the lessons we learned deploying it.
SSL inspection is a minefield of certificate errors, broken apps, and frustrated users. Here’s how we built Charcoal to do it right — with transparent proxying, smart exemptions, and zero client-side agents.