This week at Cloud Next ’18, Google introduced Cloud Armor: a significant new addition to Google Cloud Platform. Several sessions of the conference announced and showcased this new capability.
Cloud Armor delivers defense at scale against web attacks and DDoS. Previously, GCP users had to assemble their own web security solutions. Now, there’s a robust, globally distributed defense framework built into GCP.
As a security framework, Cloud Armor enforces the rules and policies that the user defines within it. Out of the box, it includes some predefined rules to protect against certain types of web attack.
Making Cloud Armor Effective
To get the most from Cloud Armor, users need to define an accurate and comprehensive set of rules. To maintain effective defenses, it’s also important to monitor the ever-evolving Internet threat environment, updating these security policies appropriately as new threats emerge.
Doing this correctly can be challenging even on a day-to-day basis, and all the more so under the stress of a massive DDOS attack. Therefore, while Cloud Armor was still in alpha, Google worked diligently with certain key security partners to automate its capabilities. One of those partners was Reblaze Technologies.
Reblaze is a cloud based, comprehensive, machine-intelligent web security platform — it protects against breaches and intrusions, DoS and DDoS, scraping and data theft, malicious bots, and more. Reblaze was already tightly integrated with Google Cloud. (GCP users can deploy Reblaze directly from their console with just a few clicks.) As Cloud Armor matured, Reblaze personnel worked closely with Google to integrate the Reblaze platform with Cloud Armor as well.
Reblaze and Cloud Armor together are an autonomous system that reacts immediately to every type of attack, from DDOS to breach attempts to bruteforcing via scrapers and scanning tools. When Reblaze detects a threat, Cloud Armor is updated immediately, and it blocks the hostile traffic at the edges. Additionally, every rule, signature, and policy defined by Reblaze is synced onto Cloud Armor.
Augmenting and Extending Cloud Armor
Reblaze not only automates Cloud Armor, it augments it. Reblaze extends Cloud Armor’s scope into defensive capabilities not inherent to it, including bot mitigation, human behavioral analysis, scraping prevention, and more.
Furthermore, Reblaze automates the leveraging of machine learning for web security. Reblaze continually applies machine learning to all global traffic it processes (currently over 3.5 billion HTTP/S transactions per day). As new web threats arise, all Reblaze deployments are immediately hardened against them, automatically.
If you’re a Reblaze customer, full Cloud Armor support is going out now in rolling updates. (If you need to move to the head of the line, please contact support.)
If you aren’t currently a Reblaze customer and would like to schedule a demo, or you’d just like to learn more about the platform, send an email to email@example.com. Or, fill out the form at https://www.reblaze.com/contact/. We’ll be in touch soon.