Jump to Content

Announcing the general availability of Next Gen Firewall Enterprise

April 11, 2024
Muninder Sambi

VP, Cloud Networking

Try Gemini 1.5 models

Google's most advanced multimodal models in Vertex AI

Try it

In today's ever-evolving threat landscape, organizations require robust network security solutions to protect their critical assets in the cloud. Google Cloud is committed to providing superior cloud-first security controls, and today at Google Cloud Next, we're thrilled to announce the general availability of Google Cloud NGFW Enterprise, our next-generation cloud firewall offering. 

Cloud NGFW Enterprise (formerly Cloud Firewall Plus) is an evolution of our fully-distributed cloud-first firewall service that delivers comprehensive Zero Trust network protection for your Google Cloud workloads. It can provide advanced Intrusion Prevention Service (IPS) capabilities, powered by Palo Alto Networks technology, to identify and block malicious traffic. Additionally, Cloud NGFW Enterprise offers enhanced security with high-performance, built-in TLS inspection capabilities, which you can use to decrypt and inspect encrypted traffic for hidden threats at scale. 

Cloud NGFW is offered in three tiers Essentials, Standard, and Enterprise. Cloud NGFW Enterprise is our top-tier offering, and is built on top of Cloud NGFW Standard that includes Fully Qualified Domain Name (FQDN) objects, geo-location objects, and threat-intelligence capabilities. 

Simple, scalable, and posture-aware security

  • Simple and scalable: Cloud NGFW Enterprise is built on a distributed architecture that allows granular security controls at the workload level. This architecture eliminates the need for complex routing updates, and can help ensure automatic scaling to meet your security and performance needs.

    “As our workloads increasingly move to the cloud, we wanted to implement comprehensive threat protection closer to our workloads. Google’s Cloud NGFW Enterprise simplified our network architecture, gave us granular access control and advanced policy enforcement, all of which improved our overall security posture and lowered operations costs” said Richard Persaud, network security architect, McKesson CoverMyMeds.

  • Built-in network security posture management: Cloud NGFW Enterprise offers comprehensive network security posture management with features including hierarchical policies, secure tags, and firewall insights. Hierarchical policies can allow you to create and enforce a consistent firewall policy across your organization, while secure tags can provide granular workload identification and segmentation. Firewall insights provides valuable metrics that help you continuously monitor and optimize your security posture.

    "To support secure cloud adoption, organizations need firewalls that are truly cloud-native and offer simplicity, scalability, and strong security," said John Grady, principal analyst at TechTarget's Enterprise Strategy Group. "Cloud NGFW Enterprise's high threat efficacy combined with a fully distributed architecture and built-in posture control helps security teams easily configure and enforce consistent security policies across their entire Google Cloud environment, saving them valuable time and resources."


Cloud NGFW Enterprise architecture overview

Advanced Threat Protection powered by Palo Alto Networks

Cloud NGFW Enterprise embeds industry-leading Threat Prevention technology from Palo Alto Networks into our fully distributed, cloud-first architecture. This advanced intrusion prevention system inspects traffic moving to and from your Google Cloud workloads to detect and block malicious activity, including exploits, malware, and command-and-control traffic. 

Cloud NGFW benefits from Palo Alto Networks’ in-depth threat intelligence capabilities with more than 8.6 billion attacks blocked inline per day across 65,000 global organizations. In a testing environment using third-party tools, Cloud NGFW Enterprise powered by Palo Alto Networks offered 20 times higher threat protection efficacy compared to other cloud providers’ firewall offerings. Threat protection efficacy is measured by the number of threats blocked by firewall offerings.  

“We’re excited that Google Cloud has chosen Palo Alto Networks’ Threat Prevention technology to power Cloud NGFW Enterprise,” said Anand Oswal, SVP & GM of Network Security, Palo Alto Networks. “The solution provides Google Cloud customers with powerful defenses against the most sophisticated cyberattacks.”

Get started with Google Cloud NGFW Enterprise

Google Cloud NGFW Enterprise can empower you to secure your cloud environment with confidence. You can get started with Cloud NGFW by enabling it in the console. With just a few clicks, you can activate intrusion prevention, TLS inspection, and advanced security features for your Google Cloud workloads. 

For more detailed information and hands-on guidance, visit the product webpage, watch our demo video and refer to the Cloud NGFW documentation.

Posted in