Forrester names Google a Leader in The Forrester Wave™: Infrastructure as a Service (IaaS) Platform Native Security Q2 2023. Access the report.
Cloud IDS (Cloud Intrusion Detection System) provides cloud-native network threat detection with industry-leading security.
Detect network-based threats such as malware, spyware, command-and-control attacks
Get east-west and north-south traffic visibility to monitor intra- and inter-VPC communication
Benefit from a cloud-native, managed experience with high performance and simple deployment
Generate high-quality network-based threat data for threat investigation and correlation
Benefits
Easy deployment and minimal upkeep
Simple yet effective, Cloud IDS delivers cloud-native, easy to deploy, managed network threat detection. It scales up and down to inspect all of your traffic based on your organization’s needs.
Backed by industry-leading threat research
Cloud IDS is built with Palo Alto Networks’ threat detection technologies, backed by their threat analysis engine and security research teams that identify new threat signatures and detection mechanisms.
Supporting customers’ compliance goals
Many compliance standards mandate the use of an IDS. As such, customers can leverage Cloud IDS to support their compliance goals.
Key features
Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content.
Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats.
Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats. These capabilities have been recognized as industry-leading by analysts, compliance marks, and verification houses time and time again.
Customers
Cloud IDS customers
What's new
Sign up for Google Cloud newsletters to receive product updates, event information, special offers, and more.
Documentation
Get an overview of Cloud IDS and how it works. Learn about how advanced network-based threat detection is enabled with Cloud IDS.
Learn how to configure Cloud IDS with information on what to do before you begin, as well as step-by-step configuration guidance.
Find information on troubleshooting Cloud IDS, including ensuring that your Cloud IDS endpoint is functional and decrypting your traffic for inspection.
Learn more about Cloud IDS’s quotas, including endpoints per zone and API requests per minute.
Use cases
Below is the typical Cloud IDS workflow, at a high level.
All features
Network-based threat detection | Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content. |
Cloud-native and managed | Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats. |
Industry-leading security breadth and efficacy | Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats. |
East-west and north-south traffic visibility | By leveraging Google Cloud’s Packet Mirroring, in addition to internet traffic, Cloud IDS customers can monitor both intra-VPC as well as inter-VPC communication in order to detect suspicious lateral movement that could indicate a bad actor within the network. |
Support customers’ compliance goals | Many compliance standards have requirements mandating the use of an IDS to detect network-based threats. As such, customers can leverage Cloud IDS to support their compliance goals. |
Prioritize the most important threats | Cloud IDS provides network threat detection warnings at varying threat severity levels: Critical, High, Medium, Low, and Informational to help you prioritize the most important threats. |
Detect app masquerading | Identify malicious applications masquerading as legitimate ones through Cloud IDS's tight integration with Palo Alto Networks’ App-ID™ technology. App-ID™ uses multiple identification techniques to determine the exact identity of applications in your network, including those trying to evade detection by posing as legitimate traffic, hopping ports, or using encryption. |
High performance | Managed scaling to inspect all of your traffic based on your organization’s specific needs. |
Pricing
Cloud IDS billing is based on two metrics:
(1) A per-hour charge for each Cloud IDS endpoint created and running
(2) A per-GB charge based on the total amount of traffic inspected
Start building on Google Cloud with $300 in free credits and 20+ always free products.