Are you curious about the new enhancements in Cloud NAT ? Have you explored Cloud NGFW Enterprise ? In this blog we dive into both of these topics with informative video demos on both that you can watch at any time. # 1- Cloud NAT and NGFWs Cloud NAT and Cloud NGFW …

Google Cloud’s VPC Service Controls can help organizations mitigate the risk of data exfiltration from their Google Cloud managed services. VPC Service Controls (VPC-SC) creates isolation perimeters around cloud resources and networks in Google Cloud, helping you limit access to your sensitive data. Today, we are excited to …

Amazon Virtual Private Cloud (Amazon VPC) provides two options for controlling network traffic: network access control lists (ACLs) and security groups. A network ACL defines inbound and outbound rules that allow or deny traffic based on protocol, IP address range, and port range. Security groups determine which inbound and …

Amazon Web Services (AWS) customers have been adopting the approach of using AWS PrivateLink to have secure communication to AWS services, their own internal services, and third-party services in the AWS Cloud. As these environments scale, the number of PrivateLink connections outbound to external services and inbound to internal …

In today's ever-evolving threat landscape, organizations require robust network security solutions to protect their critical assets in the cloud. Google Cloud is committed to providing superior cloud-first security controls, and today at Google Cloud Next, we're thrilled to announce the general availability of Google Cloud NGFW Enterprise, our next-generation …

Cross-Cloud Network has transformed how organizations connect and secure workloads across hybrid and multi-cloud networks. It simplifies complexity, strengthens security posture, and helps deliver faster business outcomes. Built on Google Cloud’s planet-scale network, Cross-Cloud Network enables you to deliver rich experiences, streamline operational efficiency, and lower TCO. AI …

In the AWS Security Profile series, we feature the people who work in Amazon Web Services (AWS) Security and help keep our customers safe and secure. This interview is with Chris Betz, Chief Information Security Officer (CISO), who began his role as CISO of AWS in August of 2023 …

In the AWS Security Profile series, we feature the people who work in Amazon Web Services (AWS) Security and help keep our customers safe and secure. This interview is with Tom Scholl, VP and Distinguished Engineer for AWS. What do you do in your current role and how long …

Changing the network security perspective In a data center, network security engineers tend to spend the bulk of their time managing individual devices: creating strong passwords and hardening configurations for networking devices and creating firewall rules for each endpoint. Since nothing is physical in the cloud networking world, the …

Google Cloud Firewall is a fully distributed, stateful inspection next-generation firewall that is built into our software-defined networking fabric and enforced for each workload. With Cloud Firewall, you can enable advanced network threat protection with operational simplicity at cloud scale. Today, we are excited to announce the general availability …

Editor’s note: Today, we hear from Parthasarathy Ranganathan, Google VP and Technical Fellow and Amin Vahdat, VP/GM. Partha delivered a keynote address today at the OCP Global Summit, an annual conference for leaders, researchers, and pioneers in the open hardware industry. Partha served on the OCP Board …

A number of Google services and Cloud customers have been targeted with a novel HTTP/2-based DDoS attack which peaked in August. These attacks were significantly larger than any previously-reported Layer 7 attacks, with the largest attack surpassing 398 million requests per second. The attacks were largely stopped at …

Over the last few years, Google's DDoS Response Team has observed the trend that distributed denial-of-service (DDoS) attacks are increasing exponentially in size. Last year, we blocked the largest DDoS attack recorded at the time. This August, we stopped an even larger DDoS attack — 71⁄2 times larger — that …

We are excited to announce the preview of the Dev(Sec)Ops toolkit for global front-end internet-facing applications, which can help you launch new apps on Google Cloud in less than an hour. This toolkit is part of the recently announced Cross-Cloud Network solution to help customers scale and …

We are excited to announce the preview of the Dev(Sec)Ops toolkit for global front-end internet-facing applications, which can help you launch new apps on Google Cloud in less than an hour. This toolkit is part of the recently announced Cross-Cloud Network solution to help customers scale and …

In this blog post, I show you how to deploy a solution that uses AWS Lambda to automatically manage the lifecycle of Amazon VPC Network Access Control List (ACL) rules to mitigate network floods detected using Amazon CloudWatch Logs Insights and Amazon Timestream. Application teams should consider the impact …

We are excited to announce general availability of Cloud NAT support for network services Standard Tier. Standard Tier delivers traffic from Google Cloud resources to external systems by routing it over the internet. Premier and Standard are network service tiers that let you optimize connectivity between systems on the …

In just a few days, Google Cloud Next returns to San Francisco as a large, in-person, three-day event. There, you’ll learn all about the technologies you need to build, connect, and secure all your cloud-first, Kubernetes, and AI/ML workloads. You’ll gain hands-on experience on the latest …

Organizations migrating web applications and their APIs to the cloud need solutions to protect them from exploits and distributed denial of service (DDoS) attacks. Google Cloud Armor is a network security service that provides defenses against DDoS and OWASP Top 10 risks. We are excited to introduce several new …

Macy’s is well known for its high-end fashion worldwide. What is not as well known are the strong measures it takes to ensure its customers’ data remains secure. When Macy’s decided to move its infrastructure from on-premises to Google Cloud, it required the move be done without …

We are excited to announce the Preview of front-end mutual TLS (mTLS) support, allowing you to offload client certificate authentication using External HTTPS Load Balancing. With TLS offload the load balancer presents a certificate on behalf of the server that the client uses to verify the server’s identity …

Google Cloud provides multiple layers of security to help customers stay ahead of evolving threats and keep their cloud workloads safe. Today at our annual Security Summit, we are excited to announce the general availability of Secure Web Proxy, a new cloud-first network security offering that provides web egress …

In Google Cloud, IAM Policies provide administrators with fine-grained control over who can use resources within their Google Cloud organization. With Organization Restrictions, a new generally available Google Cloud security control, administrators can restrict users’ access to only resources and data in specifically authorized Google Cloud organizations. It does …

Over the past few years, Google has observed that distributed denial-of-service (DDoS) attacks are increasing in frequency and growing exponentially in size. Google Cloud customers have been using Cloud Armor and leveraging the scale and capacity of Google’s network edge to protect their environment from some of the …

Modern elections rely on public access to a vast array of online information, including political candidate stances, elections monitoring, and directions to polling sites. Public websites can be taken offline by an attacker with no special access, through the use of a Distributed Denial of Service (DDoS) attack. These …