Skip to content
/ Deployment-and-Prevention-of-Threats-with-Google-Cloud-NGFW-Enterprise---Firewall-Policy-Rules Public

Explored the deployment and usage of Google Cloud Firewall Plus, a native Google Cloud service integrated with Palo Alto Networks' Threat Prevention technologies.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Priyabug/Deployment-and-Prevention-of-Threats-with-Google-Cloud-NGFW-Enterprise---Firewall-Policy-Rules

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
terraform
terraform
 
 
README.md
README.md
 
 
delete_tls.sh
delete_tls.sh
 
 
delete_tutorial.sh
delete_tutorial.sh
 
 
diagram.png
diagram.png
 
 
nmase
nmase
 
 

Repository files navigation

🚀 Configuration of firewall policy rules to inspect traffic using IPS security profile in Google Cloud

✨ Description

Deploy and prevent threats with Google Cloud NGFW Enterprise, a native Google Cloud service powered by Palo Alto Networks Threat Prevention technologies. This solution combines the scalability and flexibility of Google Cloud with the advanced security capabilities of Palo Alto Networks, providing:

  • Deep traffic inspection
  • Real-time threat detection
  • Automated protection against evolving cyber threats, all within your cloud environment.

Cloud NGFW Enterprise is a fully distributed firewall solution offering advanced protection to safeguard your Google Cloud workloads from both internal and external threats, such as:

  • Intrusions
  • Malware
  • Spyware
  • Command-and-control attacks

The service operates by creating Google-managed zonal firewall endpoints that utilize packet interception technology to seamlessly capture and inspect workload traffic for deep packet analysis.

💻 Google Cloud NGFW Enterprise

image

💻 Languages and Utilities Used

  • Access to Google Cloud Shell, or a local machine with a Terraform or gcloud installation.
  • A Google Cloud project to host the deployment.
  • A Google Cloud billing project.

🔐 IAM Roles

Ability Level Roles
Create/modify/view firewall endpoints, endpoint associations, security profiles, and security profile groups. Organization compute.networkAdmin, compute.networkUser, compute.networkViewer
Create/modify/view global network firewall policies and view effective rules for VPC networks and virtual machines. Project compute.securityAdmin, compute.networkAdmin, compute.networkViewer, compute.viewer, compute.instanceAdmin

For more information, please see:

Benefits of Cloud NGFW Enterprise

  • Cloud-native, easy and fast to deploy, with managed scaling for high performance and availability.

  • Supported via firewall policies and tags, providing flexible insertion, independent from routing.

  • Industry-leading detection breadth and efficacy, built with Palo Alto Networks technologies.

  • TLS Inspection via integration with Certificate Authority Service. Alerts are surfaced in:
    UI – User Interface
    API – Application Programming Interface
    Cloud Logging – A cloud-based service for collecting, storing, and analyzing log data from applications and infrastructure

🌍 Topology

  • image

🔧 Setup Instructions

Prepare for Deployment

Enable the required APIs, retrieve the deployment files, and configure the environment variables.

🚀 Deployment Guide

Prepare for Deployment

image

About

Explored the deployment and usage of Google Cloud Firewall Plus, a native Google Cloud service integrated with Palo Alto Networks' Threat Prevention technologies.

Topics

security virtual-machine terraform iam load-balancer configuration-management google-cloud-platform firewall-template security-tools firewall-management palo-alto-networks ngfw-configuration

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages