diff --git a/windows/security/threat-protection/windows-firewall/TOC.md b/windows/security/threat-protection/windows-firewall/TOC.md
index e3271818c1..791aa26a20 100644
--- a/windows/security/threat-protection/windows-firewall/TOC.md
+++ b/windows/security/threat-protection/windows-firewall/TOC.md
@@ -1,44 +1,54 @@
 # [Windows Firewall with Advanced Security](windows-firewall-with-advanced-security.md)
-## [Isolating Microsoft Store Apps on Your Network](isolating-apps-on-your-network.md)
-## [Securing IPsec](securing-end-to-end-ipsec-connections-by-using-ikev2.md)
-## [PowerShell](windows-firewall-with-advanced-security-administration-with-windows-powershell.md)
-## [Design Guide](windows-firewall-with-advanced-security-design-guide.md)
+
+## [Plan/Design]()
+
+### [Design Guide](windows-firewall-with-advanced-security-design-guide.md)
+
 ### [Design Process](understanding-the-windows-firewall-with-advanced-security-design-process.md)
 ### [Deployment Goals](identifying-your-windows-firewall-with-advanced-security-deployment-goals.md)
 #### [Protect Devices from Unwanted Network Traffic](protect-devices-from-unwanted-network-traffic.md)
 #### [Restrict Access to Only Trusted Devices](restrict-access-to-only-trusted-devices.md)
 #### [Require Encryption](require-encryption-when-accessing-sensitive-network-resources.md)
 #### [Restrict Access](restrict-access-to-only-specified-users-or-devices.md)
+
 ### [Mapping Goals to a Design](mapping-your-deployment-goals-to-a-windows-firewall-with-advanced-security-design.md)
 #### [Basic Design](basic-firewall-policy-design.md)
 #### [Domain Isolation Design](domain-isolation-policy-design.md)
 #### [Server Isolation Design](server-isolation-policy-design.md)
 #### [Certificate-based Isolation Design](certificate-based-isolation-policy-design.md)
+
 ### [Evaluating Design Examples](evaluating-windows-firewall-with-advanced-security-design-examples.md)
 #### [Basic Design Example](firewall-policy-design-example.md)
 #### [Domain Isolation Design Example](domain-isolation-policy-design-example.md)
 #### [Server Isolation Design Example](server-isolation-policy-design-example.md)
 #### [Certificate-based Isolation Design Example](certificate-based-isolation-policy-design-example.md)
+
 ### [Designing a Strategy](designing-a-windows-firewall-with-advanced-security-strategy.md)
+
 #### [Gathering the Info You Need](gathering-the-information-you-need.md)
 ##### [Network](gathering-information-about-your-current-network-infrastructure.md)
 ##### [Active Directory](gathering-information-about-your-active-directory-deployment.md)
 ##### [Computers](gathering-information-about-your-devices.md)
 ##### [Other Relevant Information](gathering-other-relevant-information.md)
 #### [Determining the Trusted State of Your Computers](determining-the-trusted-state-of-your-devices.md)
+
 ### [Planning Your Design](planning-your-windows-firewall-with-advanced-security-design.md)
 #### [Planning Settings for a Basic Firewall Policy](planning-settings-for-a-basic-firewall-policy.md)
+
 #### [Planning Domain Isolation Zones](planning-domain-isolation-zones.md)
 ##### [Exemption List](exemption-list.md)
 ##### [Isolated Domain](isolated-domain.md)
 ##### [Boundary Zone](boundary-zone.md)
 ##### [Encryption Zone](encryption-zone.md)
 #### [Planning Server Isolation Zones](planning-server-isolation-zones.md)
+
 #### [Planning Certificate-based Authentication](planning-certificate-based-authentication.md)
 ##### [Documenting the Zones](documenting-the-zones.md)
+
 ##### [Planning Group Policy Deployment for Your Isolation Zones](planning-group-policy-deployment-for-your-isolation-zones.md)
 ###### [Planning Isolation Groups for the Zones](planning-isolation-groups-for-the-zones.md)
 ###### [Planning Network Access Groups](planning-network-access-groups.md)
+
 ###### [Planning the GPOs](planning-the-gpos.md)
 ####### [Firewall GPOs](firewall-gpos.md)
 ######## [GPO_DOMISO_Firewall](gpo-domiso-firewall.md)
@@ -50,25 +60,29 @@
 ####### [Encryption Zone GPOs](encryption-zone-gpos.md)
 ######## [GPO_DOMISO_Encryption](gpo-domiso-encryption.md)
 ####### [Server Isolation GPOs](server-isolation-gpos.md)
+
 ###### [Planning GPO Deployment](planning-gpo-deployment.md)
-### [Appendix A: Sample GPO Template Files for Settings Used in this Guide](appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md)
-## [Deployment Guide](windows-firewall-with-advanced-security-deployment-guide.md)
-### [Planning to Deploy](planning-to-deploy-windows-firewall-with-advanced-security.md)
-### [Implementing Your Plan](implementing-your-windows-firewall-with-advanced-security-design-plan.md)
-### [Checklist: Creating Group Policy Objects](checklist-creating-group-policy-objects.md)
-### [Checklist: Implementing a Basic Firewall Policy Design](checklist-implementing-a-basic-firewall-policy-design.md)
-### [Checklist: Configuring Basic Firewall Settings](checklist-configuring-basic-firewall-settings.md)
-### [Checklist: Creating Inbound Firewall Rules](checklist-creating-inbound-firewall-rules.md)
-### [Checklist: Creating Outbound Firewall Rules](checklist-creating-outbound-firewall-rules.md)
-### [Checklist: Implementing a Domain Isolation Policy Design](checklist-implementing-a-domain-isolation-policy-design.md)
-#### [Checklist: Configuring Rules for the Isolated Domain](checklist-configuring-rules-for-the-isolated-domain.md)
-#### [Checklist: Configuring Rules for the Boundary Zone](checklist-configuring-rules-for-the-boundary-zone.md)
-#### [Checklist: Configuring Rules for the Encryption Zone](checklist-configuring-rules-for-the-encryption-zone.md)
-#### [Checklist: Configuring Rules for an Isolated Server Zone](checklist-configuring-rules-for-an-isolated-server-zone.md)
-### [Checklist: Implementing a Standalone Server Isolation Policy Design](checklist-implementing-a-standalone-server-isolation-policy-design.md)
-#### [Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone](checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md)
-#### [Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone](checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md)
-### [Checklist: Implementing a Certificate-based Isolation Policy Design](checklist-implementing-a-certificate-based-isolation-policy-design.md)
+
+
+## [Deployment guide]()
+### [Deployment Guide](windows-firewall-with-advanced-security-deployment-guide.md)
+#### [Planning to Deploy](planning-to-deploy-windows-firewall-with-advanced-security.md)
+#### [Implementing Your Plan](implementing-your-windows-firewall-with-advanced-security-design-plan.md)
+
+
+
+
+## [Best practices]()
+### [Securing IPsec](securing-end-to-end-ipsec-connections-by-using-ikev2.md)
+### [PowerShell](windows-firewall-with-advanced-security-administration-with-windows-powershell.md)
+### [Isolating Microsoft Store Apps on Your Network](isolating-apps-on-your-network.md)
+
+
+
+
+
+
+## [How-to]()
 ### [Procedures Used in This Guide](procedures-used-in-this-guide.md)
 #### [Add Production Devices to the Membership Group for a Zone](add-production-devices-to-the-membership-group-for-a-zone.md)
 #### [Add Test Devices to the Membership Group for a Zone](add-test-devices-to-the-membership-group-for-a-zone.md)
@@ -108,3 +122,44 @@
 #### [Restrict Server Access](restrict-server-access-to-members-of-a-group-only.md)
 #### [Enable Windows Firewall](turn-on-windows-firewall-and-configure-default-behavior.md)
 #### [Verify Network Traffic](verify-that-network-traffic-is-authenticated.md)
+#### [Verify Network Traffic](verify-that-network-traffic-is-authenticated.md)
+
+
+
+
+## [References]()
+### [Checklist: Creating Group Policy Objects](checklist-creating-group-policy-objects.md)
+### [Checklist: Implementing a Basic Firewall Policy Design](checklist-implementing-a-basic-firewall-policy-design.md)
+### [Checklist: Configuring Basic Firewall Settings](checklist-configuring-basic-firewall-settings.md)
+### [Checklist: Creating Inbound Firewall Rules](checklist-creating-inbound-firewall-rules.md)
+### [Checklist: Creating Outbound Firewall Rules](checklist-creating-outbound-firewall-rules.md)
+### [Checklist: Implementing a Domain Isolation Policy Design](checklist-implementing-a-domain-isolation-policy-design.md)
+#### [Checklist: Configuring Rules for the Isolated Domain](checklist-configuring-rules-for-the-isolated-domain.md)
+#### [Checklist: Configuring Rules for the Boundary Zone](checklist-configuring-rules-for-the-boundary-zone.md)
+#### [Checklist: Configuring Rules for the Encryption Zone](checklist-configuring-rules-for-the-encryption-zone.md)
+#### [Checklist: Configuring Rules for an Isolated Server Zone](checklist-configuring-rules-for-an-isolated-server-zone.md)
+### [Checklist: Implementing a Standalone Server Isolation Policy Design](checklist-implementing-a-standalone-server-isolation-policy-design.md)
+#### [Checklist: Configuring Rules for Servers in a Standalone Isolated Server Zone](checklist-configuring-rules-for-servers-in-a-standalone-isolated-server-zone.md)
+#### [Checklist: Creating Rules for Clients of a Standalone Isolated Server Zone](checklist-creating-rules-for-clients-of-a-standalone-isolated-server-zone.md)
+
+### [Checklist: Implementing a Certificate-based Isolation Policy Design](checklist-implementing-a-certificate-based-isolation-policy-design.md)
+
+### [Appendix A: Sample GPO Template Files for Settings Used in this Guide](appendix-a-sample-gpo-template-files-for-settings-used-in-this-guide.md)
+
+
+
+## [Troubleshooting]()
+
+
+
+
+
+
+
+
+
+
+
+
+
+