SHIELD · Project

Plug-and-Play Cybersecurity for ISPs and Businesses Without Buying Hardware

digitalPilotedTRL 7

shield-h2020.eu

Imagine instead of buying expensive security equipment — firewalls, intrusion detectors, content filters — you could just pick them from an online store and have them running on your network in minutes, like apps on a phone. SHIELD built exactly that: a marketplace of virtual security tools that internet providers can offer their customers on demand. A smart analytics engine watches all the traffic data and predicts attacks before they happen. The best part? Businesses pay only for what they use, with zero upfront hardware costs.

By the numbers

EUR 3,607,245

EU funding for development and validation

consortium partners across the project

European countries represented

67%

industry partners in the consortium

SMEs involved in development

total deliverables produced

upfront hardware cost (zero-CAPEX model)

The business problem

What needed solving

Cybersecurity today forces businesses to buy expensive, dedicated hardware — firewalls, intrusion detection systems, content filters — that become outdated quickly and cannot easily scale with changing threats. Small and mid-size companies often cannot afford adequate protection, while ISPs lack a cost-effective way to offer security services to their customers. The result is a growing gap between evolving cyber threats and the defenses most organizations can actually deploy.

The solution

What was built

SHIELD built a complete virtual cybersecurity platform with four key components: a marketplace (vNSF Store) where users pick virtual security appliances like firewalls and content filters; an NFV-based deployment engine that runs these on existing network infrastructure; a big data analytics engine (DARE) that predicts attacks by analyzing network behavior; and a final integrated prototype validated through demonstration use cases across 15 deliverables.

Audience

Who needs this

Internet Service Providers wanting to offer managed security servicesManaged Security Service Providers (MSSPs) looking for scalable deploymentTelecom operators modernizing network security with NFVSMEs needing enterprise-grade cybersecurity without hardware investmentCorporate IT departments managing distributed network security

Business applications

Who can put this to work

Telecommunications

enterprise

Target: Internet Service Providers offering managed security services

If you are an ISP looking to add cybersecurity to your service portfolio without massive infrastructure investment — this project developed a virtual security functions store (vNSF Store) that lets you offer firewalls, deep packet inspection, and content filters as-a-service to your customers. The platform was validated with a final prototype across a 12-partner consortium from 6 countries. Your customers pick the security tools they need, you deploy them instantly on your existing network.

Financial Services

enterprise

Target: Banks and fintech companies managing distributed networks

If you are a financial institution dealing with evolving cyber threats across multiple branches and digital channels — this project built a Data Analysis and Remediation Engine (DARE) that uses big data analytics to predict vulnerabilities and attacks by analyzing network behavior and adversary intent. The system monitors and filters traffic in a distributed manner, giving you centralized threat intelligence. Security can be scaled up or down based on your actual risk exposure without replacing hardware.

IT Services

any

Target: Managed Security Service Providers (MSSPs) and cybersecurity vendors

If you are a security vendor struggling with hardware lock-in and slow deployment cycles — this project created an open, interoperable platform for virtualizing security appliances using ETSI NFV standards. The vNSF ecosystem was delivered as working software with 15 deliverables including integrated prototypes. You can package your own security functions as virtual appliances and distribute them through the marketplace model to reach ISP customers directly.

Frequently asked

Quick answers

What would it cost to adopt this virtual security platform?

SHIELD was designed as a zero-CAPEX solution — businesses avoid buying dedicated security hardware. Instead, security functions run as virtual appliances on existing network infrastructure. Actual licensing or subscription costs would depend on the provider deploying the platform, but the model eliminates upfront equipment investment.

Can this scale to protect large enterprise networks?

Yes. The platform is built on ETSI NFV standards, which are designed for carrier-grade telecom networks. Security services can be scaled up or down, configured, and upgraded according to customer needs. The distributed monitoring approach means traffic filtering happens across the network rather than at a single bottleneck.

Who owns the intellectual property and can I license this technology?

The project was coordinated by Space Hellas (Greece) with 12 partners across 6 countries. As a Horizon 2020 Innovation Action, IP typically stays with the partners who generated it. Licensing arrangements would need to be discussed with the relevant consortium members who developed specific components.

How mature is this technology — is it ready for deployment?

The consortium delivered a final prototype with integrated HW/SW modules, validated through demonstration use cases. The vNSF environment and DARE analytics engine were delivered as working software ready for experiments. This puts the technology at pilot stage, validated in a near-operational environment.

Does this work with my existing network infrastructure?

SHIELD was built on ETSI NFV standards specifically for interoperability with existing ISP and corporate network infrastructure. The virtual security functions replace dedicated hardware appliances, meaning they deploy on standard virtualization platforms already present in modern networks. The open marketplace model also promotes vendor-neutral security function sourcing.

What types of security functions are available?

The vNSF Store includes virtual firewalls, deep packet inspection (DPI), and content filters. ISP customers can select the functions that best match their needs and deploy them to protect their infrastructure. Additional security functions can be added to the store by third-party vendors.

Is there regulatory alignment with EU cybersecurity requirements?

The project addressed the EU DS-04-2015 topic on cybersecurity, aligning with European policy priorities on network and information security. The NFV approach based on ETSI standards positions the technology well for compliance with evolving EU cybersecurity regulations, though specific certification would depend on deployment context.

Consortium

Who built it

The SHIELD consortium is strongly industry-oriented with 8 out of 12 partners (67%) coming from the private sector, including 6 SMEs — a clear signal that this project was built for commercial application, not just academic research. Coordinated by Space Hellas, a Greek IT security company, the 12-partner team spans 6 countries (Greece, Spain, Italy, Luxembourg, Portugal, UK), giving it a solid European footprint. With only 1 university and 2 research organizations, the balance tilts heavily toward market-driven development. The EUR 3,607,245 EU investment was channeled through an Innovation Action funding scheme, which specifically targets technologies closer to market deployment rather than basic research.

SPACE HELLAS ANONYMI ETAIREIA SYSTIMATA KAI YPIRESIES TILEPIKOINONIONPLIROFORIKIS ASFALEIAS - IDIOTIKI EPICHEIRISI PAROCHIS YPERISION ASFACoordinator · EL
INFILI TECHNOLOGIES SOCIETE ANONYMEparticipant · EL
INCITES CONSULTING SAparticipant · LU
AGENZIA PER L'ITALIA DIGITALEparticipant · IT
AUVIK NETWORKS ES SLparticipant · ES
TELEFONICA INVESTIGACION Y DESARROLLO SAparticipant · ES
HEWLETT-PACKARD LIMITEDparticipant · UK
NATIONAL CENTER FOR SCIENTIFIC RESEARCH "DEMOKRITOS"participant · EL
POLITECNICO DI TORINOparticipant · IT
FUNDACIO PRIVADA I2CAT, INTERNET I INNOVACIO DIGITAL A CATALUNYAparticipant · ES
UBIWHERE LDAparticipant · PT
ORION INNOVATIONS PRIVATE COMPANYparticipant · EL

How to reach the team

Space Hellas (Greece) — contact via SciTransfer for introduction to the project coordinator and relevant technical partners

Order a report on this consortium See SPACE HELLAS ANONYMI ETAIREIA SYSTIMATA KAI YPIRESIES TILEPIKOINONIONPLIROFORIKIS ASFALEIAS - IDIOTIKI EPICHEIRISI PAROCHIS YPERISION ASFA profile →

Next steps

Talk to the team behind this work.

Want to explore how SHIELD's virtual security platform could fit your network? SciTransfer can arrange a direct introduction to the right consortium partner for your use case.

Order a report on this topic More in Digital & ICT