Jump to

Cloud IDS Preview

Cloud IDS (Cloud Intrusion Detection System) provides cloud-native network threat detection with industry-leading security.

  • action/check_circle_24px Created with Sketch.

    Detect network-based threats such as malware, spyware, command-and-control attacks

  • action/check_circle_24px Created with Sketch.

    Get east-west and north-south traffic visibility to monitor intra- and inter-VPC communication

  • action/check_circle_24px Created with Sketch.

    Benefit from a cloud-native, managed experience with high performance and simple deployment

  • action/check_circle_24px Created with Sketch.

    Generate high-quality network-based threat data for threat investigation and correlation

Benefits

Easy deployment and minimal upkeep

Simple yet effective, Cloud IDS delivers cloud-native, easy to deploy, managed network threat detection. It scales up and down to inspect all of your traffic based on your organization’s needs.

Backed by industry-leading threat research

Cloud IDS is built with Palo Alto Networks’ threat detection technologies, backed by their threat analysis engine and security research teams that identify new threat signatures and detection mechanisms.

Supporting customers’ compliance goals

Many compliance standards mandate the use of an IDS. As such, customers can leverage Cloud IDS to support their compliance goals.

Key features

Simple, cloud-native, and highly effective

Network-based threat detection

Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content.

Cloud-native and managed

Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats.

Industry-leading security breadth and efficacy

Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats. These capabilities have been recognized as industry-leading by analysts, compliance marks, and verification houses time and time again.

View all features
Dave.com L

“Cloud IDS was simple and straightforward to deploy and easy to manage. That's important to us; we want to spend our time on mitigation, not setup and management. It enables us to focus on the most critical alerts so we can respond to them quickly.”

Paras Chitrakar, Co-Founder/Chief Technology Officer, Dave.com

What’s new

What’s new

Sign up for Google Cloud newsletters to receive product updates, event information, special offers, and more.

Documentation

Resources and documentation for Cloud IDS

Tutorial
Cloud IDS overview

Get an overview of Cloud IDS and how it works. Learn about how advanced network-based threat detection is enabled with Cloud IDS.

Tutorial
Configuring Cloud IDS

Learn how to configure Cloud IDS with information on what to do before you begin, as well as step-by-step configuration guidance.

Tutorial
Logging and monitoring

Understand how Cloud IDS's logging and monitoring works.

Tutorial
Troubleshooting

Find information on troubleshooting Cloud IDS, including ensuring that your Cloud IDS endpoint is functional and decrypting your traffic for inspection.

Tutorial
Quotas

Learn more about Cloud IDS’s quotas, including endpoints per zone and API requests per minute.

Use cases

High-level reference architecture

Use case
Detect network-based threats

Below is the typical Cloud IDS workflow, at a high level.

A reference architecture demonstrating the Cloud IDS workflow.

All features

Learn more about Cloud IDS features

Network-based threat detection Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content.
Cloud-native and managed Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats.
Industry-leading security breadth and efficacy Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats.
East-west and north-south traffic visibility By leveraging Google Cloud’s Packet Mirroring, in addition to internet traffic, Cloud IDS customers can monitor both intra-VPC as well as inter-VPC communication in order to detect suspicious lateral movement that could indicate a bad actor within the network.
Support customers’ compliance goals Many compliance standards have requirements mandating the use of an IDS to detect network-based threats. As such, customers can leverage Cloud IDS to support their compliance goals.
Prioritize the most important threats Cloud IDS provides network threat detection warnings at varying threat severity levels: Critical, High, Medium, Low, and Informational to help you prioritize the most important threats.
Detect app masquerading Identify malicious applications masquerading as legitimate ones through Cloud IDS's tight integration with Palo Alto Networks’ App-ID™ technology. App-ID™ uses multiple identification techniques to determine the exact identity of applications in your network, including those trying to evade detection by posing as legitimate traffic, hopping ports, or using encryption.
High performance Managed scaling to inspect all of your traffic based on your organization’s specific needs.

Pricing

Cloud IDS pricing details

Cloud IDS billing will be based on two metrics:

(1) A per-hour charge for each Cloud IDS endpoint created and running

(2) A per-GB charge based on the total amount of traffic inspected

Preview will be offered without charge.

Partners

Investigate, correlate, and respond to threats

Export Cloud IDS’s threat and traffic logs with ease to your SIEM or SOAR solution to perform threat analysis and response.