// 12 The Console

Three platforms enforce.
One console runs them. One does not appear here.

Technical reference for Shield, Intrusion's prevention-first network security platform. Shield blocks malicious traffic at the network layer using the Global Threat Engine and 8.5 billion IP and DNS combinations refined since 2001.

At a Glance

What it doesBlocks malicious network traffic at the network layer using reputation-based threat intelligence.
Who it's forSecurity teams needing prevention-first network defense.
How it deploysShield's five products cover cloud, Shield OnPremise, endpoint, monitoring, and management.
What you getPrevention of known-bad connections with full evidence of what was blocked.

Command Hub manages Shield Stratus, Shield OnPremise, and Shield Endpoint from one web interface. Event log, policy editor, role-based access, CSV and Excel export. Shield Sentinel is operated independently and is not surfaced here. The console is for engineers, not analysts.

For the architect tired of vendor consoles that conflate "platform management" with "alert triage queue."

Event log. Policy. Roles. Export.

Four functions, named. Investigate blocked events. Tune policy. Manage users and groups. Export evidence. Sentinel runs independently and is not surfaced. The console is built around the assumption that the architect investigates and tunes, not the analyst triages.

// Platform At A Glance

The numbers, named.

3
Roles: Observer, User, Administrator
3
Enforcement platforms managed
72h
On-platform evidence
CSV/XLS
Export formats
// What Command Hub Does

Three things, specific.

// Investigation

Event Log

Chronological event stream of every blocked connection across enforcement platforms. Filter by platform, time range, source, destination, threat category, or policy. Click any event for the full forensic record.

// Policy

Tuning Editor

Allowlist destinations, suppress threat categories, switch enforcement mode (Observe Mode to enforcement on Stratus and Shield OnPremise), adjust per-direction policy on Stratus.

// Access

Three Roles, Many Groups

Observer, User, Administrator roles. Each user gets a role per group. Default group per client; users can span multiple groups with different roles in each.

// Specifications

Technical spec sheet.

SpecificationDetail
DeploymentWeb console
Platforms managedShield Stratus, Shield OnPremise, Shield Endpoint
Sentinel integrationNone. Sentinel runs independently.
RolesObserver (read-only), User (operate), Administrator (govern)
Group structureDefault per-client groups; users can span multiple groups with role-per-group assignments
Event log retention72 hours on-platform
ExportCSV and Excel; filtered or full event sets
SIEM forwardingSyslog (Shield OnPremise platform); configured per deployment
SSONot currently offered. Local accounts with role-based access.
Public APINone currently exposed.
Native integrationsNone for ticketing, PSA, RMM, or SOAR. Forward via SIEM for downstream automation.
// Where Command Hub Earns Its Place

Day-to-day workflows, named.

"Why was that blocked?"

Event log + drill-down + forensic record. Answer in 30 seconds without opening a ticket. The most common Command Hub workflow.

Policy tuning

Allowlist legitimate destinations, suppress noisy threat categories for specific source ranges, validate Observe Mode results before flipping platforms to enforcement.

Audit and evidence export

Export filtered event sets to CSV or Excel for incident reports, audit trails, or downstream SIEM ingestion.

Multi-group operations

For partners managing multiple clients: each client a separate group, each user a role per group. Single console, scoped access.

BOUNDARY.

What Command Hub does not do.

The list of "is this in the console" answers, in plain English.

// The Shield Portfolio

Five platforms. Each its own page.

Switch between platforms without going back to the overview.

STRATUS
Cloud · Inline
ONPREMISE
Hardware · Inline
ENDPOINT
Agent · Host
SENTINEL
Hardware · Monitor
COMMAND HUB
Console

Walk through Command Hub with a sales engineer.

30 minute walkthrough. Real event log, policy tuning, role assignments.

See the Workflow

RECOMMENDED NEXT STEP

Ready to see what Shield finds in your environment?

Request a POV Book a Meeting Talk to an Engineer