• mgmt protocols are blocked by default
• firewalls have sentinel tables and rules preconfigured
• fallback local login during reduced connectivity mode
• ssh public key auth
• TOTP google authentication support
• pf table changes are only kept during active connection.
• add to whitelist on login
• remove from whitelist on logout/timeout
• temporary whitelist url
• fauxAPI will be used to manipulate pf tables

Network Map