Overview of reCAPTCHA Enterprise for WAF and Google Cloud Armor integration

Google Cloud Armor is the built-in web application firewall (WAF) and distributed denial-of-service (DDoS) mitigation service offered by Google Cloud. Google Cloud Armor helps you protect your Google Cloud websites and services from multiple types of threats, including DDoS attacks and application attacks, such as cross-site scripting (XSS) and SQL injection (SQLi). reCAPTCHA Enterprise for WAF is a solution that is deployed as a service to enable WAFs to help you protect your site from spam and abuse. reCAPTCHA Enterprise for WAF uses advanced risk analysis techniques to distinguish between legitimate and fraudulent requests.

The reCAPTCHA Enterprise for WAF and Google Cloud Armor integration provides bot detection at the WAF layer to detect, stop, or manage automated activity accessing your websites or services.

Integration workflow

In this integration, reCAPTCHA Enterprise for WAF and Google Cloud Armor interact as follows:

  1. reCAPTCHA Enterprise for WAF issues an encrypted token that contains the reCAPTCHA Enterprise's assessment and associated attributes about the risk associated with the request.

  2. Google Cloud Armor deciphers this token without an additional request/response to the reCAPTCHA Enterprise server. Based on the token attributes, Google Cloud Armor lets you allow, block, or redirect the incoming requests.

The following diagram shows the simplified graphical representation of reCAPTCHA Enterprise for WAF and Google Cloud Armor integration:

When to use reCAPTCHA Enterprise for WAF and Google Cloud Armor integration

Use this integration when you need to deploy effective strategies that detect, stop, or manage automated malicious activity that is attempting to access your websites or services.

Benefits

The reCAPTCHA Enterprise for WAF and Google Cloud Armor integration provides the following benefits:

  • Reduces the integration complexity with reCAPTCHA Enterprise for WAF because you don't need to modify your protected applications or application servers to enforce reCAPTCHA Enterprise's assessments.
  • Mitigates bot traffic at the edge of Google's network, before the traffic reaches the protected application.

What's next

  • Learn about the various features offered by the reCAPTCHA Enterprise for WAF and Google Cloud Armor integration.