Closed Beta Now supporting OPNsense

Orchestrate.
Automate.
Defend.

The CLI-first management platform for decentralized firewalls. Control fleets of OPNsense and multi-vendor devices from a unified command line.

Join the Waitlist Learn More
250+
On Waitlist
10x
Faster Operations
CLI
First Approach

Built for Security Teams

Everything you need to manage decentralized firewall fleets efficiently. From MSPs to enterprise security teams.

Workflow Automation

Automate repetitive tasks. Push rules to hundreds of devices in one command. Build pipelines that scale with your infrastructure.

Policy Templating

Define once, apply everywhere. Ensure policy consistency across all devices with powerful templating and inheritance.

MCP Ready

Supercharge your security ops with AI. Connect your favorite AI agents via MCP to audit configurations, detect anomalies, and execute fleet-wide tasks — all through natural language. The future of firewall management is here.

Lightning-Fast CLI

Execute commands in seconds, not clicks. Your terminal becomes your command center.

Vendor Agnostic

Works with OPNsense today, more platforms coming soon. No vendor lock-in.

API-First Design

Full REST API for integration with your existing tools and pipelines.

What is NetDefense?

NetDefense is an augmented management platform purpose-built for tech teams overseeing decentralized firewalls. It bridges the gap between ad-hoc CLI hacks and slow web administration interfaces, delivering fast, flexible, and vendor-agnostic control.

With configuration sync, automated workflows, and agent-based templating, NetDefense lets you operate fleets of devices from different vendors — all from a unified CLI or API.

Whether you're automating rule pushes, syncing policies across devices, or extracting metrics, NetDefense accelerates your operations without locking you into any vendor or platform.

Perfect for:

Security Teams SOC Operators MSP Providers DevOps Engineers Network Admins
.github/workflows/firewall-sync.yml 
name: Sync Firewall Rules
on:
  push:
    paths: ['policies/**']

jobs:
  deploy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Install NetDefense CLI
        run: curl -sL get.netdefense.io | bash

      - name: Sync to Production
        env:
          ND_API_KEY: ${{ secrets.ND_API_KEY }}
        run: ndcli sync apply --ou production

CI/CD Integration

Automate with GitHub Actions, GitLab CI, or any pipeline

Push policy changes to git, trigger automated deployments, and maintain full audit trails across your entire firewall fleet.

How NetDefense Works

A unified control plane for your entire firewall infrastructure

NetDefense System Architecture Diagram

Granular Access Control

Fine-grained RBAC lets you define exactly who can manage what. Scope permissions by teams, regions, or device groups — ensuring the right people have the right access.

Zero Inbound Ports

Agents on your firewalls pull configs and tasks outbound — no need to expose management ports. Your security perimeter stays intact while you gain full control.

Organizational Units

Group devices into logical units — by location, function, or client. Assign config templates at any level and let inheritance do the heavy lifting.

Config to Template

Extract a working config from any device and turn it into a reusable template. Clone proven setups across your fleet in seconds.

Closed Beta

Be the first to take control

NetDefense is currently in closed beta. Join the waitlist to get early access and be notified when we launch.

Join 250+ security professionals on the waitlist

Read the Docs Star on GitHub

NetDefense is an independent project and is not affiliated with, endorsed by, or connected to OPNsense or Deciso B.V. OPNsense is a registered trademark of Deciso B.V.