Skip to content
NetDefense Docs

Getting Started

This section walks you through NetDefense’s core concepts in a progressive order. Each page explains what a feature does, why it matters, and shows practical examples using both NDCLI and NDWeb.

How the pieces fit together

Section titled “How the pieces fit together”

NetDefense centers on a policy chain. Snippets are the smallest unit of firewall configuration. Templates bundle snippets into reusable policy sets. Organizational units (OUs) are the device groups that get assigned templates. Devices belong to one or more OUs and inherit whatever policy lands on them. Each link is many-to-many — a snippet can live in many templates, a template can attach to many OUs, and a device can belong to multiple OUs.

Cutting across the chain: variables parameterize snippets and can be set at the org, OU, template, or device scope; VPN networks assemble WireGuard overlays from selected devices; backups archive device configuration to S3-compatible storage; accounts govern who can see and change any of the above.

Edit a snippet and every template, OU, and device that references it picks up the change at the next sync — see Policy Chain for how the final per-device configuration is assembled.

Topics

Section titled “Topics”

Accounts & Organizations

Authentication, org management, roles, and invitations.

Read more

Devices

Device lifecycle, key fields, and approval workflow.

Read more

Organizational Units

Logical device groupings that share the same policy.

Read more

Snippets

The smallest unit of configuration — rules, aliases, DNS, and more.

Read more

Templates

Reusable policy sets that group snippets together.

Read more

Policy Chain

How the final device configuration is assembled from templates.

Read more

Sync & Delivery

How configuration changes propagate to devices.

Read more

Backups

Encrypted device backups to S3-compatible storage.

Read more

VPN Networks

WireGuard-based overlays with hub, spoke, and mesh topologies.

Read more

Variables

Parameterize snippets with scope-based variable resolution.

Read more

Remote Access

Secure terminal and web admin access through PathFinder.

Read more

Automation

JSON output and scripting with jq for CI/CD workflows.

Read more

Prerequisites

Section titled “Prerequisites”

Before diving in, make sure you have: