Local‑first, by architecture.
Filtering decisions happen on the device on your network. The dashboard runs on the device. There is no vendor cloud control plane sitting between you and your own protection.
Take your home network back.
Most home networks have quietly become someone else's territory. The router phones home to a vendor cloud. The “protection” is a subscription that watches the same traffic it claims to protect. The data drifts off the property.
WOMBATS Shield is a calm, sovereign appliance that runs on your network — not in someone else's cloud. Filtering, parental controls, ad and tracker blocking, and (if you want it) private storage, media, backups and travel Wi‑Fi. Buy it once. Own it. Keep it for years.
What we mean by “sovereign networking”.
Buy once. Own it.
Network protection should not be rented. Shield is a piece of hardware. You pay for it once. There is no monthly fee, no feature unlock, no “professional tier” behind a paywall.
Sovereign — your data stays on your side of the door.
We don't ship your traffic to a vendor cloud for inspection. We don't collect query logs, browsing history, or behavioural profiles back to us.
Long‑lived, by design.
If WOMBATS as a company disappears, your Shield keeps working. There is no required activation server, no cloud login that can lapse, no subscription that can stop. Filter lists are public.
Calm, not hacker.
No green-on-black dashboards. No fearmongering. No countdown timers. A calm appliance that takes care of the network and lets you forget it's there.
Honest about boundaries.
We'll tell you where Shield protects, where it deliberately stops, and what we're still working on. Hedging less, claiming less, meaning more.
Built on trusted open technology, then carefully hardened.
We'd rather tell you what's in Shield than pretend we wrote it all from scratch. Shield runs on Raspberry Pi 5 silicon (2 GB on Core and Edge, 4 GB on Vault) with a Debian 12 base. The DNS-layer filtering engine is AdGuard Home — but every default that conflicted with our privacy or security goals has been disabled, restricted or redesigned. nftables enforces network policy on the device. Software bundles are signed and verified before they're applied. The encrypted partitions are unlocked at boot through a hardware-assisted key path on a real ATECC secure element, bound to the device. On Shield Vault, the storage SSD adds a user passphrase and a recovery key alongside the auto-unlock — three independent ways in.
The full architectural story is on the security page.
Why people put a Shield on their network.
A quiet, calm appliance that takes care of the network.
Block ads, trackers and threats for every device in the house — without putting an app on each one. Pause the kids' iPad without touching the rest of the network. SafeSearch on Google, Bing and YouTube. No new subscription on top of the streaming bill.
See Shield CoreKeep client data on your side of the door.
If you handle client information from home — legal work, journalism, healthcare, executive correspondence — Shield is a calm way to keep your network's filtering and management on the property. No vendor cloud. No telemetry pipeline. No quarterly subscription that decides what you can and can't do.
Read the threat modelSovereign protection without an MSP contract.
Five to twenty devices, sensitive data, no IT person, and a business that doesn't want a US-based vendor cloud sitting in the middle of every DNS lookup. Shield is a small, professional appliance that you set up once and keep on the wall for years.
See Shield VaultA polished base you can build on without giving up control.
Real Raspberry Pi 5 hardware. Debian 12 base. Hardened AdGuard Home, signed update path, secure-element-backed unlock, and a local web UI that doesn't require an account anywhere. Shield is the appliance — open underneath, calm on top.
See How It WorksIf we disappear, your Shield keeps working.
Shield does not require an activation server, a cloud login, or a subscription to keep filtering. The filter lists it uses are public and continue updating without us. The dashboard is on the device, on your network. The hardware is real, repairable Raspberry Pi 5 silicon. The only thing you lose if WOMBATS as a company goes away is us — not your network.