Google Cloud
Google Cloud expands footprint with 34 global regions
Google Cloud has added a region in Dallas, Texas, which brings Google Cloud’s total number of global regions to 34. The rollout follows the launch of its 33rd cloud region in Columbus, Ohio late last month. Other recent additions include regions in Milan, Italy; Paris, France; and Madrid, Spain.
“We’ve heard from many of you that the availability of your workloads and business continuity are increasingly top priorities. The Dallas region gives you added capacity and the flexibility to distribute your workloads across the U.S.,” Google Cloud executive Stacy Trackey Meagher wrote in a blog post.
The Texas site is the eleventh region in North America and second in the central U.S., with the other located in Iowa. It also has North American cloud regions in Oregon, Salt Lake City, Los Angeles, Las Vegas, South Carolina and Northern Virginia as well as Montreal and Toronto, Canada.
BT selects Google Cloud for group-wide data and AI transformation
In line with the theme of telcos partnering with cloud giants, UK incumbent BT has announced a new five-year deal with Google Cloud. The objective is to leverage Google’s AI and cloud expertise to foster a new company culture BT calls ‘The Digital Way.’ The partnership will include a wide range of products and services, including cloud infrastructure, machine learning (ML) and artificial intelligence (AI), data analytics, security, and API management. In particular:
- Collaboration will involve BT using Google’s enhanced data and AI capabilities at every level of its business to deliver personalised customer experiences and continue its commitment to creating societal value through responsible, inclusive, and sustainable tech
- Google Cloud will support BT with a full spectrum of products and services, from secure cloud infrastructure to advanced machine learning tools
- Access to Google Cloud’s Site Reliability Engineering (SRE) experts will help drive the cultural change needed to enable BT to operate a data and AI platform in the cloud at scale
Image of Google Cloud. Source: Google
The work will be overseen by BT Digital, a new arm of the business created last year and headed up by BT’s Chief Digital and Innovation Officer, Harmeen Mehta.
“Our partnership with Google is one of a series of strategic moves that BT Digital is taking to help accelerate BT’s growth and digital transformation. This is a partnership that is deeper than just at the technology level. It will help Digital as a whole supercharge BT and drive its return to growth,” said Mehta. She then wrote on LinkedIn, “Delighted with this fantastic partnership with Google Cloud as we accelerate the BT digital transformation.”
As part of the deal, Google’s Site Reliability Engineering (SRE) team will also partner with BT to help the operator roll out autonomous operations and develop new cloud-based services for customers.
“We’re proud to collaborate with one of the world’s leading providers of communications services and play an integral part in its digital transformation journey,”said Thomas Kurian, CEO at Google Cloud.
“By deploying our full cloud capabilities, and support from our SRE organisation, our goal in this partnership is to set up BT with the tools it needs for future growth and innovation,” he added.
Google and BT have already started working together on adopting Google technology, and plan to complete the core migration of data by 2023.
Other telco’s have partnered with Google Cloud:
- Late last month, Finnish telco Elisa also announced its own partnership with Google Cloud into its hybrid cloud offering.
- Last November, Telenor and Google Cloud formed a partnership to digitalize the Norwegian telecom company’s global operations and are exploring ways to jointly offer services to customers
- In February 2021, Canadian telco Telus and Google Cloud signed a 10-year collaboration deal to help fuel Telus’ internal digital transformation while also jointly developing new products and services.
- In November 2019, Telecom Italia and Google Cloud formed a partnership that will enable TIM to expand its portfolio of public, private and hybrid cloud services and to offer edge computing services
References:
https://www.totaltele.com/512745/Cloud-first-AI-first-BT-selects-Google-Cloud-for-strategic-shift
Google Cloud Intrusion Detection System (IDS) now available worldwide
As more and more applications move to the cloud, cloud network security teams have to keep them secure against an ever-evolving threat landscape. Shielding applications against network threats is also one of the most important criteria for regulatory compliance. To address these challenges, many cloud network security teams build their own complex network threat detection solutions based on open source or third-party IDS components. These customized solutions can be difficult and costly to operate, and they often lack the scalability that is required to protect dynamic cloud applications.
To meet this challenge, Google Cloud has announced the general availability of Google Cloud Intrusion Detection System (IDS) – a cloud-native managed network security solution, where key security capabilities are continuously engineered into our trusted cloud platform. This core network security offering helps detect network-based threats and helps organizations meet compliance standards that call for the use of an intrusion detection system.
Cloud IDS is built with Palo Alto Networks’ industry-leading threat detection technologies, providing high levels of security efficacy that enable you to detect malicious activity with few false positives. The general availability release includes these enhancements:
- Service availability in all regions
- Auto-scaling available in all regions
- Detection signatures automatically updated daily
- Support for customers’ HIPAA compliance requirements (under the Google Cloud HIPAA Business Associate Agreement)
- ISO27001 certification (and in the audit process to support customers’ PCI-DSS compliance requirements by year end)
- Integration with Chronicle, Google’s security analytics platform, to help organizations investigate threats surfaced by Cloud IDS.
Managed network threat detection with full traffic visibility:
Cloud IDS delivers cloud-native, managed, network-based threat detection. It features simple setup and deployment, and gives customers visibility into traffic entering their cloud environment (north-south traffic) and into traffic between workloads (east-west traffic). Cloud IDS empowers security teams to focus their resources on high priority issues instead of designing and operating complex network threat detection solutions.4
“Cloud IDS delivers cloud-native, managed, network-based threat detection. It features simple setup and deployment, and gives customers visibility into traffic entering their cloud environment (north-south traffic) and into traffic between workloads (east-west traffic). Cloud IDS empowers security teams to focus their resources on high priority issues instead of designing and operating complex network threat detection solutions,” according to Google.
“Google Cloud customers will be able to deploy on-demand application visibility and threat detection between workloads or containers in any Google Cloud virtual private cloud (VPC) to support their compliance goals and protect applications,” said Palo Alto Networks Senior Vice President Muninder Singh Sambi in a separate post.
Google Cloud VPC threat detection preceding Google Cloud IDS was limited in its scope, he said. It was also complex to design and implement, and—most crucially for cloud-native businesses—couldn’t scale dynamically to handle cloud bursting events, which are necessary to handle peaks in IT demand.
“Until now, detecting threats in traffic between workloads within the trust boundary of a VPC has been a significant hurdle for cloud network security teams, leading to compliance challenges and blind spots for the Security Operations Center (SOC),” he said.
“The Palo Alto Networks ML-powered threat analysis engine processes over 15 trillion transactions per day, automatically collected from across our global network of firewalls and endpoint agents. The result is 4.3 million unique security updates made per day to ensure you’re covered against the latest threats,” Sambi added.
Google Cloud IDS comes at at time when hyper-scalers, including Google, Amazon and Microsoft, are rapidly increasing their global Wide Area Network (WAN) reach. Businesses are increasingly turning to the public cloud and multi-cloud as more companies pivot to being cloud-native or at least cloud-adjacent.
In December Google announced plans to move into Germany, Israel, and Saudi Arabia with new cloud regions planned for 2022. Those join 29 cloud regions and 88 zones already in use.
Cloud IDS is now available in all regions. It provides protection against malware, virus and spyware, command and control (C2) attacks, and vulnerabilities such as buffer overflow and illegal code execution attacks. Auto-scaling capability dynamically adjusts Cloud IDS as needed when your traffic throughput changes so that you can automatically keep up with your scale needs. Threat signature updates are applied daily so you can stay ahead of the new threat variants. You can now use Chronicle to investigate the threats surfaced in Cloud IDS. With Chronicle’s integration, you can store and analyze Cloud IDS threat logs along with all your security telemetry data in one place so that you can effectively investigate and respond to threats at scale.
Google has patented their IDS, which is defined as follows:
An intrusion detection system for detection of intrusion or attempted intrusion by an unauthorized party or entity to a computer system or network, the intrusion detection system comprising means for monitoring the activity relative to the computer system or network, means for receiving and storing one or more general rules, each of the general rules being representative of characteristics associated with a plurality of specific instances of intrusion or attempted intrusion, and matching means for receiving data relating to activity relative to said computer system or network from the monitoring means and for comparing, in a semantic manner, sets of actions forming the activity against the one or more general rules to identify an intrusion or attempted intrusion. Inductive logic techniques are proposed for suggesting new intrusion detection rules for inclusion into the system, based on examples of sinister traffic.
References:
https://www.paloaltonetworks.com/blog/2021/07/google-cloud-network-threat-detection/
https://patents.google.com/patent/WO2003090046A2
Google Cloud IDS simplifies virtual private cloud network threat detection