feat(shields): Initial shields deployment

This patch provides an initial version of shields for the
cluster, deploying shields in a fairly locked down setup. This
includes blocking all ingress and egress traffic except of the
ingress controller, monitoring and outgoing web traffic to the
public internet.

As part of this some new shared network policies are created,
added and renamed. These aim to improve the namespace isolation
and provisioning of controlled network access.