Google on Wednesday announced a bevy of updates across its Network Security portfolio for Google Cloud customers. New features include enhancements to existing DDoS protections, as well as new capabilities that aim to help customers protect data and applications in the cloud.
The most significant update is Google’s new Cloud Armor Adaptive Protection networking security technology, which leverages machine learning to protect against Layer 7 DDoS attacks.
Cloud Armor is a distributed denial of service (DDoS) defense and web application firewall (WAF) service that relies on the same technology and infrastructure that powers Google services. Available since 2019, Cloud Armor also offers IP whitelisting and blacklisting tools and integrates with Google’s Cloud HTTP(S) Load Balancing service.
Google said its new Adaptive Protection technology within Cloud Armor uses multiple machine learning models to analyze security signals across web services to detect potential attacks. The Adaptive Protection system can detect high volume application layer DDoS attacks against web apps and services, and speed up time to mitigation through high confidence alerts about abnormal traffic, the company said.
In addition to surfacing the attack, Adaptive Protection also provides context on why the system deemed it malicious as well as suggested rules to mitigate the attack.
“This protection is woven into our cloud fabric and only alerts the operator for more serious issues with context, an attack signature, and a Cloud Armor rule that they can then deploy in preview or blocking mode,” Google said in a blog post. “Rather than spending hours analyzing traffic logs to triage the ongoing attack, application owners and incident responders will have all of the context they need to make a decision on whether and how to stop the potentially malicious traffic. Cloud Armor Adaptive Protection is going to simplify protection in a big way, and will be rolling out to the public in preview soon.”
Additional network security updates new firewall insights for improved firewall rule management, hierarchical firewall policies for more flexible levels of control, and new controls for packet mirroring to third party network inspection services. Google is also adding new filters to mirror packets that will be generally available soon.