Cloud IDS
Cloud IDS (Cloud Intrusion Detection System) provides cloud-native network threat detection with industry-leading security.
-
Detect network-based threats such as malware, spyware, command-and-control attacks
-
Get east-west and north-south traffic visibility to monitor intra- and inter-VPC communication
-
Benefit from a cloud-native, managed experience with high performance and simple deployment
-
Generate high-quality network-based threat data for threat investigation and correlation
Benefits
Easy deployment and minimal upkeep
Simple yet effective, Cloud IDS delivers cloud-native, easy to deploy, managed network threat detection. It scales up and down to inspect all of your traffic based on your organization’s needs.
Backed by industry-leading threat research
Cloud IDS is built with Palo Alto Networks’ threat detection technologies, backed by their threat analysis engine and security research teams that identify new threat signatures and detection mechanisms.
Supporting customers’ compliance goals
Many compliance standards mandate the use of an IDS. As such, customers can leverage Cloud IDS to support their compliance goals.
Key features
Simple, cloud-native, and highly effective
Network-based threat detection
Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content.
Cloud-native and managed
Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats.
Industry-leading security breadth and efficacy
Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats. These capabilities have been recognized as industry-leading by analysts, compliance marks, and verification houses time and time again.
"Cloud IDS was simple and straightforward to deploy and easy to manage. That's important to us; we want to spend our time on mitigation, not setup and management. It enables us to focus on the most critical alerts so we can respond to them quickly."
Paras Chitrakar, Co-Founder/Chief Technology Officer, Dave.com
What's new
What’s new
Sign up for Google Cloud newsletters to receive product updates, event information, special offers, and more.
Documentation
Resources and documentation for Cloud IDS
Cloud IDS overview
Get an overview of Cloud IDS and how it works. Learn about how advanced network-based threat detection is enabled with Cloud IDS.
Configuring Cloud IDS
Learn how to configure Cloud IDS with information on what to do before you begin, as well as step-by-step configuration guidance.
Logging and monitoring
Understand how Cloud IDS's logging and monitoring works.
Troubleshooting
Find information on troubleshooting Cloud IDS, including ensuring that your Cloud IDS endpoint is functional and decrypting your traffic for inspection.
Quotas
Learn more about Cloud IDS’s quotas, including endpoints per zone and API requests per minute.
Use cases
High-level reference architecture
Below is the typical Cloud IDS workflow, at a high level.
All features
Learn more about Cloud IDS features
Network-based threat detection | Help detect exploit attempts and evasive techniques at both the network and application layers, including buffer overflows, remote code execution, protocol fragmentation, and obfuscation. Discover command-and-control (C2) attacks and lateral movement, as well as malware and malicious payloads hidden within common file types, compressed files, and web content. |
Cloud-native and managed | Deploy in just a few clicks and easily manage with UI, CLI, or APIs. No need to architect for high performance and availability; it’s built-in already. Cloud IDS automatically scales up and down to meet your organization's needs. Leverage an extensive, continually updated, built-in catalog of attack signatures from Palo Alto Networks’ threat analysis engine to detect the latest threats. |
Industry-leading security breadth and efficacy | Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection capabilities, backed by their threat analysis engine and extensive security research teams that continually add to the catalog of known threat signatures and leverage other threat detection mechanisms to stay on top of unknown threats. |
East-west and north-south traffic visibility | By leveraging Google Cloud’s Packet Mirroring, in addition to internet traffic, Cloud IDS customers can monitor both intra-VPC as well as inter-VPC communication in order to detect suspicious lateral movement that could indicate a bad actor within the network. |
Support customers’ compliance goals | Many compliance standards have requirements mandating the use of an IDS to detect network-based threats. As such, customers can leverage Cloud IDS to support their compliance goals. |
Prioritize the most important threats | Cloud IDS provides network threat detection warnings at varying threat severity levels: Critical, High, Medium, Low, and Informational to help you prioritize the most important threats. |
Detect app masquerading | Identify malicious applications masquerading as legitimate ones through Cloud IDS's tight integration with Palo Alto Networks’ App-ID™ technology. App-ID™ uses multiple identification techniques to determine the exact identity of applications in your network, including those trying to evade detection by posing as legitimate traffic, hopping ports, or using encryption. |
High performance | Managed scaling to inspect all of your traffic based on your organization’s specific needs. |
Pricing
Cloud IDS pricing details
Cloud IDS billing is based on two metrics: (1) A per-hour charge for each Cloud IDS endpoint created
and running (2) A per-GB charge based on the total amount of traffic
inspected