Skip to content
Gallery
2. Networking
Core Networking
Hybrid Networking
Peering
Choosing a connection
Scalability
Threat Prevention and Detection
Networking Observability
VPC Service Controls
Share
Explore
Threat Prevention and Detection

icon picker
Cloud IDS

Cloud IDS is an intrusion detection service that provides threat detection for intrusions, malware, spyware, and command-and-control attacks on your network. Cloud IDS works by creating a Google-managed peered network with mirrored virtual machine (VM) instances. Traffic in the peered network is mirrored and then inspected by Palo Alto Networks threat protection technologies to provide advanced threat detection. You can mirror all traffic, or you can mirror filtered traffic based on protocol, IP address range, or ingress and egress.
Cloud IDS provides full visibility into network traffic, including both north-south and east-west traffic, letting you monitor VM-to-VM communication to detect lateral movement. This provides an inspection engine that inspects intra-subnet traffic.
You can also use Cloud IDS to meet your advanced threat detection and compliance requirements, including
PCI 11.4
and
HIPAA
.
Cloud IDS is subject to Google Cloud's
Cloud Data Processing Addendum
.
Cloud IDS detects and alerts on threats, but it does not take action to prevent attacks or repair damage. To take action on the threats that Cloud IDS detects, you can use products such as
Google Cloud Armor
.

Ref:
Cloud IDS overview  |  Google Cloud

Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.