Technical reference for Shield, Intrusion's prevention-first network security platform. Shield blocks malicious traffic at the network layer using the Global Threat Engine and 8.5 billion IP and DNS combinations refined since 2001.
| What it does | Blocks malicious network traffic at the network layer using reputation-based threat intelligence. |
|---|---|
| Who it's for | Security teams needing prevention-first network defense. |
| How it deploys | Shield's five products cover cloud, Shield OnPremise, endpoint, monitoring, and management. |
| What you get | Prevention of known-bad connections with full evidence of what was blocked. |
Architecture diagrams. Per-platform technical one-pagers. POV templates. Coexistence guides for SIEM, EDR, and firewall. The honest compliance posture. Everything you need to defend the recommendation without us in the room.
Built for the architect writing the recommendation memo. Every asset is downloadable, no form gate.
Most evaluators want the entire library at once. The Evaluator Bundle is the consolidated set: architecture overview, five product one-pagers, Command Hub workflow guide, POV success criteria template, deployment requirements checklist, coexistence guides. One download.
Suitable for sharing with your network team, security committee, or procurement. Updated quarterly.
Component-level diagrams, deployment topology references, and platform specification sheets.
Component-level architecture across all five Shield platforms with data flow diagrams, decision points, and integration patterns.
Canonical placements for cloud, datacenter, and hybrid environments. Print-ready for whiteboard sessions and architecture reviews.
Connection-by-connection walkthrough of how Shield decides what to block and what to pass. Single-page summary of the mechanism.
How the 8.5 billion IP and DNS records are built and refreshed. Provenance, categorization, the 20+ year heritage since 2001.
What you need from your network and your team for each platform. Pre-deployment checklist for engineers and procurement.
Single-page technical specifications per Shield platform. Distribute to engineering, network, and procurement teams.
Cloud platform for AWS and Azure. 1 Gbps and up. Per-direction inbound and outbound policy. Inline enforcement with Observe Mode.
Hardware appliance, 10 Gbps line rate. Datacenter and campus inline enforcement. Syslog forwarding for SIEM ingestion.
Software agent for Windows and Android. Reputation filtering, browser isolation. ZTNA on Android. Inside and outside the perimeter.
Hardware appliance, up to 100 Gbps passive monitoring. SPAN or TAP only. Independent of Command Hub. Does not block.
Web console for enforcement platforms. Event log, policy editor, role-based access. CSV and Excel export.
Templates and frameworks for running a structured proof of value with documented success criteria.
Editable template for documenting POV success criteria before kickoff. Suitable for security committee review.
Side-by-side comparison framework for evaluating Shield against your other shortlisted controls.
Phase-by-phase walkthrough of a 7, 10, or 14 day POV. Kickoff, validation, enforcement transition, and readout.
How Observe Mode works on Stratus and Shield OnPremise. What gets logged. What does not change. The transition path to enforcement.
How Shield runs alongside the controls you already have. Shield is a complementary network-layer reputation control. Not a replacement for these categories.
Event forwarding patterns for long-term retention and correlation. Shield handles reputation; SIEM handles correlation and storage.
EDR sees the endpoint. Shield sees the wire. Together they cover assumed-breach lateral and outbound paths.
Coexistence patterns for inline placement alongside next-gen firewalls. Shield handles reputation, firewall handles policy and L7.
How Shield reduces the volume reaching your SOC queue. Detection-only vs prevention-first impact on alert load.
Honest documentation of where Shield fits in your compliance picture. We do not overclaim. We tell you what is in scope and what is excluded.
Where Shield sits relative to GDPR, HIPAA, FedRAMP, GSA Schedule, SOC 2, and ISO 27001. What is in scope, what is excluded, and why.
What Shield processes, what it stores, retention windows, and where evidence lives. Suitable for privacy and data governance review.
Specific architecture review, custom one-pager, or a document for your committee. Sales engineering builds it.
RECOMMENDED NEXT STEP