GCP: Safeguard Your Endpoints with Advanced Threat Protection Capabilities

Google Cloud Platform (GCP)’s firewall is a fully distributed firewall service with micro-segmentation and pervasive coverage to protect Google Cloud workloads from such threats as intrusion, malware, spyware, and command-and-control. It’s powered by Palo Alto Networks.

The Google Cloud Firewall works by creating Google-managed zonal firewall endpoints which use packet intercept technology to inspect workloads for configured threat signatures, and then protect against those threats. It’s essential for:

• Network security: Protecting virtual machine instances in a virtual private cloud (VPC) from unauthorized access.
• Traffic management: Controlling traffic based on specific rules, such as port numbers and network tags.
• Threat mitigation: Proactively managing threats to your cloud security.

How the Google Cloud Firewall Works

Google Cloud firewall rules intercept VPC network traffic and redirect it to the firewall endpoint for inspection. Network firewall rules referencing the security profile group define the traffic redirection.

The Google Cloud console logs all actions. You can forward these threats to Cortex XSIAM for further investigation and action.

Tufin and Google Cloud Firewall: Improving Firewall Rules and Network Firewall Policies

Tufin is proud to offer you best-in-class integrations with GCP. With this integration, our customers can:

• Better protect your hybrid-cloud environments.
• Reduce the risk of security incidents and non-compliance.
• Reduce costs by matching the speed of IT operations to business needs.

Incorporate cloud native security controls into your unified security policy management capability with Tufin integrations with GCP.

How Tufin Works with Google Cloud Firewall

The Tufin Orchestration Suite (TOS) allows teams to view the rules surrounding your firewall policies, including metadata, configs, and incoming traffic of workloads in your gcloud VPC Firewall rules.

You can quickly and automatically optimize VPC rules in your cloud networks through a central control pane—Tufin works across your VPC firewalls and the rest of your multi-cloud network. Cut down the time it takes to identify overly permissive rules across all platforms, including on-premise, SD-WAN, SASE, and multi-cloud environments.

The Benefits of Tufin’s Integration with Google Cloud Firewall

• Automatic optimization of cloud resources.
• Real-time insights into all VPC firewall changes with security alerts.
• Rapid change troubleshooting tools across various use cases and VPC firewall rules, for every major vendor and platform, including monitoring all types of firewall rule traffic ports such as TCP, UDP, SSH, SSL, etc.
• The ability to optimize default ingress and egress traffic rules to boost your security posture.
• The peace of mind knowing that enabled VPC firewall rules are always enforced, protecting your instances regardless of their configuration and operating system, even if they have not started up.
• Manage all your Google Cloud Firewall rules and policies in one central location.
• Obtain granular metrics on source IP ranges, destination ranges, TCP ports, private or public IPs, and a variety of other network and security elements.
• Gain insights into compliance with Tufin’s robust reporting and analytics capabilities, so you can see historical policy changes, network security trends, vulnerabilities, and performance.
• Reduce the confusion of multiple firewall rules across multi-vendor hybrid cloud environments with broad visibility into your network security policies to learn more about rule usage, traffic flows, and potential security risks.
• See deeper into your firewall with detailed cloud logging for monitoring and auditing your traffic.
• Easily install Tufin on a virtual machine.