-
OSPF Route Flapping: Why Your Core Network Keeps Reconverging
OSPF route flapping caused by interface instability triggers full SPF recalculation across all routers — a single unstable link can destabilize an entire OSPF domain.
-
GCP Service Account Key Sprawl: Managing the Credentials You Forgot Existed
GCP service account keys that are never rotated are effectively permanent credentials — every key that exists is an attack surface that should ideally not exist.
-
Building an MCP Server That Connects Claude to Your Firewall Management System
An MCP server scoped to read-only operations lets Claude analyze your firewall state without any risk of unintended changes — and that is the right starting point.
-
FortiGate IPv6 Dual-Stack: Configuration Mistakes That Break IPv6 Connectivity
FortiGate IPv6 policies are completely separate from IPv4 policies — enabling IPv6 on an interface without matching IPv6 policies creates an unfiltered IPv6 path even when IPv4 is correctly restricted
-
Cursor AI for Network Config: What It Does Well and Where It Gets You in Trouble
Cursor writes Netmiko and Paramiko boilerplate faster than any engineer I know — but it confidently writes device-specific commands for the wrong OS version without warning.
-
FortiGate HA Failover That Wasn’t: Debugging an Active-Passive Cluster That Never Failed Over
An HA cluster that has never failed over in production is not a tested HA cluster — it is a false confidence risk.
-
FortiGate Firmware Upgrade: What Nobody Tells You About the Upgrade Path
Skipping intermediate versions in a FortiGate firmware upgrade path causes silent configuration corruption — the unit boots but behavior is undefined.
-
Prompt Engineering for IT Operations: The Patterns That Actually Work
The single most effective prompt engineering technique for ops tasks is giving Claude a concrete example of the output format before asking it to generate anything.
-
MCP (Model Context Protocol): The Missing Layer Between AI and Your Infrastructure
MCP solves the context problem — instead of copy-pasting logs into a chat window, your AI tool reads them directly from the source.
-
Why Our FortiGate SSL VPN Kept Dropping After 4 Hours — And the Fix
Default SSL VPN idle timeout is 300 seconds — most engineers never check it until users start complaining.
-
Power and Cooling Calculations: The Math Behind a Right-Sized Data Center
Data center cooling capacity is almost always the binding constraint — not power, not network ports — and it is the one constraint that cannot be quickly expanded under load.
-
Network Access Control for IoT: When 802.1X Is Not an Option
IoT devices cannot run 802.1X supplicants — but leaving them on the corporate network without access control creates a permanent backdoor to your internal network.