Forrester names Google a Leader in The Forrester Wave™: Infrastructure as a Service (IaaS) Platform Native Security Q2 2023. Access the report.

Jump to
Cloud IDS

Cloud IDS

Cloud IDS (Cloud Intrusion Detection System) provides cloud-native network threat detection with industry-leading security.

  • Detect network-based threats such as malware, spyware, command-and-control attacks

  • Get east-west and north-south traffic visibility to monitor intra- and inter-VPC communication

  • Benefit from a cloud-native, managed experience with high performance and simple deployment

  • Generate high-quality network-based threat data for threat investigation and correlation

Benefits

Easy deployment and minimal upkeep

Simple yet effective, Cloud IDS delivers cloud-native, easy to deploy, managed network threat detection. It scales up and down to inspect all of your traffic based on your organization’s needs.

Backed by industry-leading threat research

Cloud IDS is built with Palo Alto Networks’ threat detection technologies, backed by their threat analysis engine and security research teams that identify new threat signatures and detection mechanisms.

Supporting customers’ compliance goals

Many compliance standards mandate the use of an IDS. As such, customers can leverage Cloud IDS to support their compliance goals.

Key features

Simple, cloud-native, and highly effective

Network-based threat detection

Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content.

Cloud-native and managed

Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats.

Industry-leading security breadth and efficacy

Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats. These capabilities have been recognized as industry-leading by analysts, compliance marks, and verification houses time and time again.

View all features
Dave.com logo
Cloud IDS was simple and straightforward to deploy and easy to manage. That's important to us; we want to spend our time on mitigation, not setup and management. It enables us to focus on the most critical alerts so we can respond to them quickly.

Paras Chitrakar, Co-Founder/Chief Technology Officer, Dave.com

Documentation

Resources and documentation for Cloud IDS

Tutorial

Cloud IDS overview

Get an overview of Cloud IDS and how it works. Learn about how advanced network-based threat detection is enabled with Cloud IDS.

Tutorial

Configuring Cloud IDS

Learn how to configure Cloud IDS with information on what to do before you begin, as well as step-by-step configuration guidance.

Tutorial

Logging and monitoring

Understand how Cloud IDS's logging and monitoring works.

Tutorial

Troubleshooting

Find information on troubleshooting Cloud IDS, including ensuring that your Cloud IDS endpoint is functional and decrypting your traffic for inspection.

Tutorial

Quotas

Learn more about Cloud IDS’s quotas, including endpoints per zone and API requests per minute.

Not seeing what you’re looking for?

Use cases

High-level reference architecture

Use case
Detect network-based threats

Below is the typical Cloud IDS workflow, at a high level.

A reference architecture demonstrating the Cloud IDS workflow.

All features

Learn more about Cloud IDS features

Network-based threat detection

Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content.

Cloud-native and managed

Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats.

Industry-leading security breadth and efficacy

Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats.

East-west and north-south traffic visibility

By leveraging Google Cloud’s Packet Mirroring, in addition to internet traffic, Cloud IDS customers can monitor both intra-VPC as well as inter-VPC communication in order to detect suspicious lateral movement that could indicate a bad actor within the network.

Support customers’ compliance goals

Many compliance standards have requirements mandating the use of an IDS to detect network-based threats. As such, customers can leverage Cloud IDS to support their compliance goals.

Prioritize the most important threats

Cloud IDS provides network threat detection warnings at varying threat severity levels: Critical, High, Medium, Low, and Informational to help you prioritize the most important threats.

Detect app masquerading

Identify malicious applications masquerading as legitimate ones through Cloud IDS's tight integration with Palo Alto Networks’ App-ID™ technology. App-ID™ uses multiple identification techniques to determine the exact identity of applications in your network, including those trying to evade detection by posing as legitimate traffic, hopping ports, or using encryption.

High performance

Managed scaling to inspect all of your traffic based on your organization’s specific needs.

Pricing

Cloud IDS pricing details

Cloud IDS billing is based on two metrics:

(1) A per-hour charge for each Cloud IDS endpoint created and running

(2) A per-GB charge based on the total amount of traffic inspected

Partners

Investigate, correlate, and respond to threats

Export Cloud IDS’s threat and traffic logs with ease to your SIEM or SOAR solution to perform threat analysis and response.

  • devo logo
  • exabeam logo
  • palo-alto-networks logo
  • splunk logo

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products.

Google Cloud
  • ‪English‬
  • ‪Deutsch‬
  • ‪Español‬
  • ‪Español (Latinoamérica)‬
  • ‪Français‬
  • ‪Indonesia‬
  • ‪Italiano‬
  • ‪Português (Brasil)‬
  • ‪简体中文‬
  • ‪繁體中文‬
  • ‪日本語‬
  • ‪한국어‬
Console
Google Cloud