FR: Add Cloud NGFW Essential capability with optional Standard or Enterprise based IPS in the TEF 3-networks-hub-and-spoke folder and associated terraform-google-modules #1183
A request by a large federal client for IDS or NGFW (formerly Firewall+)capabilities in the TEF that includes GPS(Standard) IPS(Enterprise) and micro segmentation
fmichaelobrien
commented
4 months ago
TL;DR
A request by a large federal client for IDS or NGFW (formerly Firewall+)capabilities in the TEF that includes GPS(Standard) IPS(Enterprise) and micro segmentation
Add GCP Cloud NGFW (Firewall plus) NGFW https://cloud.google.com/security/products/firewall?hl=en#cloud-ngfw-tiers NGFW https://cloud.google.com/firewall/docs/about-firewalls NGFW enterprise with IPS https://cloud.google.com/firewall/docs/about-intrusion-prevention https://www.paloaltonetworks.com/blog/network-security/netsec-google-cloud-firewall-plus/ likely location next to https://github.com/terraform-google-modules/terraform-example-foundation/tree/master/3-networks-hub-and-spoke/modules/hierarchical_firewall_policy
Links
GCP Firewall plus - https://cloud.google.com/blog/products/identity-security/introducing-google-cloud-firewall-plus-with-intrusion-prevention config connector IDS version https://github.com/GoogleCloudPlatform/pubsec-declarative-toolkit/tree/main/solutions/ids Palo Alto VM Series NGFW https://cloud.google.com/architecture/partners/palo-alto-networks-ngfw PA VM Series NGFW example https://registry.terraform.io/modules/PaloAltoNetworks/vmseries-modules/google/latest/examples/standalone_vmseries_with_metadata_bootstrap IDS https://cloud.google.com/security/products/intrusion-detection-system?hl=en https://github.com/GoogleCloudPlatform/terraform-google-network-forensics standard firewall https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_firewall Fortinet based Fortigate NGFW https://github.com/fortinet/fortigate-tutorial-gcp
Terraform Resources
No response
Detailed design
No response
Additional information
No response