What is the difference between ShieldID and the default firewall on all RI Cloud Tenants

By design all RapidIdentity cloud tenants are protected at the network layer against attacks utilizing firewall capabilities.   This firewall protection provides basic protection over the network traffic entering all tenants at the port or protocol level.  The network firewall protects cloud tenants from unauthorized access by defining which ports and protocols are allowed into the network. 

RapidIdentity ShieldID provides advanced firewall capabilities for RapidIdentity Cloud customers to monitor, filter and ultimately block malicious access attempts and brute force attacks based on a variety of conditions including geographic location.  ShieldID provides protection at the application layer.  This allows specific protection for application attacks by monitoring the login pages specifically to protect against credential stuffing, brute force login attempts, and other anomalous login activities.  ShieldID also allows for rate limiting traffic from different locations.  ShieldID is also configurable at each individual tenant level allowing customers control over where users can login from.

Both the network firewall and ShieldID application firewall work at different layers and protect from different types of traffic. So rather than competing, they complement each other. A network firewall typically protects a wider range of traffic types, whereas aShieldID deals with a specific threat that the traditional firewall cannot cover.