Recently, Google announced the general availability of its Cloud IDS for network-based threat detection. This core network security offering helps detect network-based threats and helps organizations meet compliance standards that call for an intrusion detection system.
Earlier this year, the company announced the public preview of Cloud IDS as a new security network offering. It is generally available now, including new enhancements such as service availability in all regions, autoscaling, an automated daily update of detection signatures, support for customers’ HIPAA compliance requirements, ISO27001 certification, and integration with Google’s security analytics platform Chronicle. Note that in the preview, the offering was already integrated with five platforms from other vendors: Splunk Cloud Platform, Splunk Enterprise Platform, Exabeam Advanced Analytics, The Devo Platform, and Palo Alto Networks Cortex XSOAR, and the company plans more integrations in 2022.
Cloud IDS is built with Palo Alto Networks’ threat detection technologies, which provide high levels of security efficacy that enable customers to detect malicious activity with few false positives. Furthermore, according to the latest Google Cloud blog post, Cloud IDS features simple setup and deployment and gives customers visibility into traffic entering their cloud environment (north-south traffic) and into traffic between workloads (east-west traffic). It empowers security teams to focus their resources on high-priority issues instead of designing and operating complex network threat detection solutions.
Customers can implement Cloud IDS into their virtual cloud networks to keep networks safe. Jonny Almaleh, PSO Network specialist at Google Cloud, explains in an earlier blog post on Cloud IDS:
To provide visibility into threats and intrusions detected by IDS instances, Cloud IDS feeds Threat Logs and Security Alerts into Cloud Logging and the Cloud IDS user-interface in the customer project. This is all done under the hood, making it simple to deploy and manage Cloud IDS.
Several Google Cloud customers like Avaya, Lytics, and Meditech use Cloud IDS. In another Google blog post on a Cloud IDS use case, Tom Moriarty, manager, Information Security at Meditech, said:
We are using Google Chronicle as our security analytics tool for our corporate environment. By integrating Cloud IDS with Chronicle, we are able to analyze threats surfaced by Cloud IDS.
Cloud IDS pricing is based on a per-hour charge for the Cloud IDS endpoint and inspected traffic. More details of the service are available on the documentation pages.