Skip to content

Explored the deployment and usage of Google Cloud Firewall Plus, a native Google Cloud service integrated with Palo Alto Networks' Threat Prevention technologies.

Notifications You must be signed in to change notification settings

Priyabug/Deployment-and-Prevention-of-Threats-with-Google-Cloud-NGFW-Enterprise

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

25 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

🚀 Deployment and Prevention of Threats with Google Cloud NGFW Enterprise

✨ Description

Deploy and prevent threats with Google Cloud NGFW Enterprise, a native Google Cloud service powered by Palo Alto Networks Threat Prevention technologies. This solution combines the scalability and flexibility of Google Cloud with the advanced security capabilities of Palo Alto Networks, providing:

  • Deep traffic inspection
  • Real-time threat detection
  • Automated protection against evolving cyber threats, all within your cloud environment.

Cloud NGFW Enterprise is a fully distributed firewall solution offering advanced protection to safeguard your Google Cloud workloads from both internal and external threats, such as:

  • Intrusions
  • Malware
  • Spyware
  • Command-and-control attacks

The service operates by creating Google-managed zonal firewall endpoints that utilize packet interception technology to seamlessly capture and inspect workload traffic for deep packet analysis.


💻 Languages and Utilities Used

  • Access to Google Cloud Shell, or a local machine with a Terraform or gcloud installation.
  • A Google Cloud project to host the deployment.
  • A Google Cloud billing project.

🔐 IAM Roles

Ability Level Roles
Create/modify/view firewall endpoints, endpoint associations, security profiles, and security profile groups. Organization compute.networkAdmin, compute.networkUser, compute.networkViewer
Create/modify/view global network firewall policies and view effective rules for VPC networks and virtual machines. Project compute.securityAdmin, compute.networkAdmin, compute.networkViewer, compute.viewer, compute.instanceAdmin

For more information, please see:


🌍 Topology

  • image

🔧 Setup Instructions

Step 1: Enable Required Services

gcloud services enable compute.googleapis.com
gcloud services enable networksecurity.googleapis.com
gcloud services enable firewallinsights.googleapis.com

### 🌱 Step 2: Set Environment Variables for Your Deployment

Set up the environment variables for your **deployment project** and **billing project**:

```bash
export PROJECT_ID=YOUR_PROJECT_ID
export BILLING_ID=YOUR_BILLING_PROJECT_ID

About

Explored the deployment and usage of Google Cloud Firewall Plus, a native Google Cloud service integrated with Palo Alto Networks' Threat Prevention technologies.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published