Cloud IDS (Cloud Intrusion Detection System) provides cloud-native network threat detection with industry-leading security.
Easy deployment and minimal upkeep
Simple yet effective, Cloud IDS delivers cloud-native, easy to deploy, managed network threat detection. It scales up and down to inspect all of your traffic based on your organization’s needs.
Backed by industry-leading threat research
Cloud IDS is built with Palo Alto Networks’ threat detection technologies, backed by their threat analysis engine and security research teams that identify new threat signatures and detection mechanisms.
Supporting customers’ compliance goals
Many compliance standards mandate the use of an IDS. As such, customers can leverage Cloud IDS to support their compliance goals.
"Cloud IDS was simple and straightforward to deploy and easy to manage. That's important to us; we want to spend our time on mitigation, not setup and management. It enables us to focus on the most critical alerts so we can respond to them quickly."
Paras Chitrakar, Co-Founder/Chief Technology Officer, Dave.com
Cloud IDS overview
Get an overview of Cloud IDS and how it works. Learn about how advanced network-based threat detection is enabled with Cloud IDS.
Configuring Cloud IDS
Learn how to configure Cloud IDS with information on what to do before you begin, as well as step-by-step configuration guidance.
Logging and monitoring
Understand how Cloud IDS's logging and monitoring works.
Find information on troubleshooting Cloud IDS, including ensuring that your Cloud IDS endpoint is functional and decrypting your traffic for inspection.
Learn more about Cloud IDS’s quotas, including endpoints per zone and API requests per minute.
High-level reference architecture
Below is the typical Cloud IDS workflow, at a high level.
Learn more about Cloud IDS features
|Network-based threat detection||Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content.|
|Cloud-native and managed||Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats.|
|Industry-leading security breadth and efficacy||Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats.|
|East-west and north-south traffic visibility||By leveraging Google Cloud’s Packet Mirroring, in addition to internet traffic, Cloud IDS customers can monitor both intra-VPC as well as inter-VPC communication in order to detect suspicious lateral movement that could indicate a bad actor within the network.|
|Support customers’ compliance goals||Many compliance standards have requirements mandating the use of an IDS to detect network-based threats. As such, customers can leverage Cloud IDS to support their compliance goals.|
|Prioritize the most important threats||Cloud IDS provides network threat detection warnings at varying threat severity levels: Critical, High, Medium, Low, and Informational to help you prioritize the most important threats.|
|Detect app masquerading||Identify malicious applications masquerading as legitimate ones through Cloud IDS's tight integration with Palo Alto Networks’ App-ID™ technology. App-ID™ uses multiple identification techniques to determine the exact identity of applications in your network, including those trying to evade detection by posing as legitimate traffic, hopping ports, or using encryption.|
|High performance||Managed scaling to inspect all of your traffic based on your organization’s specific needs.|