The GCP PubSec Declarative Toolkit is a collection of declarative solutions to help you on your Journey to Google Cloud. Solutions are designed using Config Connector and deployed using Config Controller.
Apache License 2.0
31
stars
28
forks
source link
Architecture Update: prepare for Google Firewall Plus / NGFW #616
A request by a large federal client for IDS or NGFW (formerly Firewall+)capabilities in the TEF that includes GPS(Standard) IPS(Enterprise) and micro segmentation
See plus differentiator in https://cloud.google.com/firewall
shadow https://github.com/GoogleCloudPlatform/pbmm-on-gcp-onboarding/issues/396
TL;DR
A request by a large federal client for IDS or NGFW (formerly Firewall+)capabilities in the TEF that includes GPS(Standard) IPS(Enterprise) and micro segmentation
Add GCP Cloud NGFW (Firewall plus) NGFW https://cloud.google.com/security/products/firewall?hl=en#cloud-ngfw-tiers NGFW https://cloud.google.com/firewall/docs/about-firewalls NGFW enterprise with IPS https://cloud.google.com/firewall/docs/about-intrusion-prevention https://www.paloaltonetworks.com/blog/network-security/netsec-google-cloud-firewall-plus/ likely location next to https://github.com/terraform-google-modules/terraform-example-foundation/tree/master/3-networks-hub-and-spoke/modules/hierarchical_firewall_policy
Links
GCP Firewall plus - https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-firewall-plus-with-intrusion-prevention config connector IDS version https://github.com/GoogleCloudPlatform/pubsec-declarative-toolkit/tree/main/solutions/ids Palo Alto VM Series NGFW https://cloud.google.com/architecture/partners/palo-alto-networks-ngfw PA VM Series NGFW example https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/google/latest/examples/standalone_vmseries_with_metadata_bootstrap IDS https://cloud.google.com/security/products/intrusion-detection-system?hl=en https://github.com/GoogleCloudPlatform/terraform-google-network-forensics standard firewall https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall Fortinet based Fortigate NGFW https://github.com/fortinet/fortigate-tutorial-gcp
see https://github.com/terraform-google-modules/terraform-google-network/tree/master/modules/network-firewall-policy see https://github.com/hashicorp/terraform-provider-google/issues/17030 b/321386368