It’s an always-on monitoring mechanism with a low false-positive attack detection rate that doesn’t add latency to traffic flows, Shadmi said. Whenever Cloud Armor detects early signs of workload distress or a sudden change in traffic patterns compared to the usual baseline, it will alert customers that an attack is taking place. The first pertains to the customer’s workload’s health, while the second analyzes incoming traffic. In a blog post announcing the update, Google Cloud Product Manager Lihi Shadmi explains how Cloud Armor Advanced Network DDoS Protection runs behind the scenes, at the edge of Google’s network, where it passively monitors two kinds of signals. The new service will help to defend customers from some of the most common volumetric DDoS and protocol DDoS attacks, such as so-called SYN flood, UDP flood, DNS reflection and NTP amplification attacks. To remedy that, Google Cloud today introduced Cloud Armor Advanced Network DDoS Protection, providing customers with always-on attack detection and mitigation for such workloads. Until now, these customers lacked a Google Cloud-native defensive capability to protect those workloads, meaning they were at high risk of distributed denial-of-service and other attacks. Google Cloud is expanding the capabilities of its Cloud Armor networking defense service to protect customers in gaming, telecommunications and other industries that run workloads behind external network load balancers or virtual machines with public IP addresses or use protocol forwarding.
0 kommentar(er)
