Skip to main content

Cloud IDS for network-based threat detection is now generally available

As more and more applications move to the cloud, cloud network security teams have to keep them secure against an ever-evolving threat landscape. Shielding applications against network threats is also one of the most important criteria for regulatory compliance. For example, effective intrusion detection is a requirement of the Payment Card Industry Data Security Standard - PCI DSS 3.2.1. To address these challenges, many cloud network security teams build their own complex network threat detection solutions based on open source or third-party IDS components. These bespoke solutions can be difficult and costly to operate, and they often lack the scalability that is required to protect dynamic cloud applications. 

Earlier this year, we announced Cloud IDS, a new cloud-native network security offering that delivers on our vision of Invisible Security, where key security capabilities are continuously engineered into our trusted cloud platform. Today we’re excited to announce the general availability of Cloud IDS. This core network security offering helps detect network-based threats and helps organizations meet compliance standards that call for the use of an intrusion detection system. 

Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection technologies,  providing high levels of security efficacy that enable you to detect malicious activity with few false positives. 

The general availability release includes these enhancements:

  • Service availability in all regions
  • Auto-scaling available in all regions
  • Detection signatures automatically updated daily
  • Support for customers’ HIPAA compliance requirements (under the Google Cloud HIPAA Business Associate Agreement)
  • ISO27001 certification (and in the audit process to support customers’ PCI-DSS compliance requirements by year end)
  • Integration with Chronicle, Google’s security analytics platform, to help organizations investigate threats surfaced by Cloud IDS.

Managed network threat detection with full traffic visibility

Cloud IDS delivers cloud-native, managed, network-based threat detection. It features simple setup and deployment, and gives customers visibility into traffic entering their cloud environment (north-south traffic) and into traffic between workloads (east-west traffic). Cloud IDS empowers security teams to focus their resources on high priority issues instead of designing and operating complex network threat detection solutions.


Avaya is a leader in cloud communications and collaboration solutions. Cloud IDS was enabled for Avaya’s Google Cloud environment to address network threat detection requirements. John Akerboom, Sr. Director for Architecture & Experience Platforms at Avaya shared his experience with Cloud IDS:

"It was easy to setup: a couple clicks, a few settings, and a few minutes later it was up and running," explained Akerboom. "We had a scanner running, and some pen testing going on. We went into the Google Cloud IDS UI and saw all those things in progress."


Graham Forest, Principal Operations Engineer at Lytics, a cloud-native, customer data platform (CDP) vendor headquartered in Oregon, summarized his take on Cloud IDS this way:

"It's built-in to our platform on Google Cloud; it's just a toggle, with a giant team of Google SREs behind it. The implementation cost is extremely low; reliability and architecture complexity are not impacted, and maintenance cost is low." 

Forest chose Cloud IDS for these main reasons:

 "Our customers require compliance validation, like SOC2, and our larger financial customers run their own audits on our service. Our initial interest was to fulfill those compliance requirements. But we also want indication when attackers are attempting to breach our network, and we want to know immediately. We get both with this solution!"


Medical Information Technology, Inc. (MEDITECH) empowers providers and patients around the world with its Expanse EHR (Electronic Health Record), setting new standards for electronic medical record usability, efficiency, and provider and patient satisfaction. The company's cloud-native solutions are built on Google Cloud, representing the latest step in MEDITECH's journey to deliver innovative, cost-effective healthcare technology that is also safe and secure.

"In healthcare, infrastructure and patient data security are absolutely crucial. Keeping our environment secure is our primary reason for deploying Cloud IDS," said Tom Moriarty, Manager, Information Security, MEDITECH. "The ease of setup and its cloud-native design add value, by protecting access to high quality healthcare for a diverse range of geographic settings and healthcare needs." 

MEDITECH also has previous experience with Cloud IDS' threat detection from Palo Alto Networks. "We are using Palo Alto Networks IDS and IPS in our on-premises network, and we look forward to leveraging the same advantages in our cloud hosted environment," said Moriarty. 

MEDITECH's confidence in these offerings stems from deploying them in-house. “We are using Google Chronicle as our security analytics tool for our corporate environment. By integrating Cloud IDS with Chronicle, we are able to analyze threats surfaced by Cloud IDS. This also helps us address our compliance requirements,” Moriarty concluded. 

Read more about MEDITECH’s use of Cloud IDS in their detailed case study.

Detect at scale, investigate, and respond to threats in all regions

Cloud IDS is now available in all regions. It provides protection against malware, virus and spyware, command and control (C2) attacks, and vulnerabilities such as buffer overflow and illegal code execution attacks. Autoscaling capability dynamically adjusts Cloud IDS as needed when your traffic throughput changes so that you can automatically keep up with your scale needs. Threat signature updates are applied daily so you can stay ahead of the new threat variants. You can now use Chronicle to investigate the threats surfaced in Cloud IDS. With Chronicle’s integration, you can store and analyze Cloud IDS threat logs along with all your security telemetry data in one place so that you can effectively investigate and respond to threats at scale.

Getting started

You can get started with Cloud IDS through the GCP console. Watch a Getting started with Cloud IDS video that walks you through the high-level architecture and a product demo.


Popular posts from this blog

Use Vault for Gmail Confidential Messages and Jamboard Files

Google vault will be supporting two new formats in the future, Gmail confidential mode emails & Jamboard files stored in Google Drive. Google Vault gives you a chance to retain, hold, search, and export data to support your organization’s retention and eDiscovery needs. This dispatch includes support for new information types with the goal that you can thoroughly oversee your association's information. What happens when individuals in your association sends confidential messages? Vault can hold, retain, search, and export all confidential mode messages sent by users in your association. Messages are constantly accessible to Vault, notwithstanding when the sender sets a termination date or denies access to private messages. Here’s an example of what will see in Vault when they search for and preview this email sent by . But It’ll not work vise versa. Admins can hold, retain, search and export message headers and s

Zoom’s Work Transformation Summit on Jan. 19: Fresh Approaches for Moving Forward

These past two years have undoubtedly reshaped work. More specifically, these past two years — shuffling between remote, in-person, and hybrid work scenarios — reshaped what employees expect out of their jobs, how they want to work, and what the office means to them.  Organizations are challenged with making big decisions to meet those expectations, and those decisions will dramatically alter how they hire, manage their facilities, buy technology, and maintain productivity. Simply adjusting policies and retooling previous work models won’t do. It takes a comprehensive reimagining. To help organizations navigate this next phase of work, Zoom is hosting our  Work Transformation Summit  on Jan. 19, a free, half-day virtual event designed to provide you and your organization with meaningful strategies, creative approaches, and innovative solutions for redefining work.  Summit attendees will have the opportunity to hear from peers and industry experts on the importance of embracing technolo

Access well-known educational technology tools straight from Google Classroom.

  We're making it simpler for instructors to use popular EdTech products that are most effective for their class right in Google Classroom with a new seamless integration of single sign-on, assigning, and grading. With the help of this feature, teachers can find, assign, and grade interesting content for their classes, and both teachers and students can access their EdTech tools without needing to navigate to other websites or apps or go through a cumbersome login process that requires remembering numerous usernames and passwords. This offers a more simplified experience when using technology to affect learning, in addition to saving instructors and students time. We partnered with 15+ EdTech companies to build custom add-ons, including Kahoot!, Pear Deck, IXL, and Nearpod.  Admins :  In order for educators to use add-ons, district administrators must provide access to them. For further information on how to install the add-ons functionality and specific add-ons for a domain, OU, o