Dubbed Google Cloud Armor Adaptive Protection, the rollout is part of Google’s DDoS defense and web application firewall (WAF) service, which enables Google’s customers to leverage the same technology Google uses to protect itself, according to reports.
Emil Kiner, a product manager for Google’s Cloud Armor, told ZDNet that the new protection service uses ML models to analyze signals across web services to detect potential attacks.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and you can also choose to enter the prize draw to win a $100 Amazon voucher or one of five 1-year ExpressVPN subscriptions.
“We have been building and maturing this technology with internal and external design partners and testers over the last few years,” noted Kiner, adding that the technology is adept in detecting high volume application-layer DDoS attacks against web apps and services.
Spotting abnormal traffic
According to Google, Armor Adaptive Protection can help businesses spot abnormal traffic and take corrective action.
Kiner noted that while Level 3 and Level 4 attacks can be halted on Google’s edge network, Level 7 attacks rely on legitimate web requests originating from compromised devices that have been tied into a botnet to bombard websites with an overwhelming volume of traffic.
“Adaptive Protection quickly identifies and analyzes suspicious traffic patterns and provides customized, narrowly tailored rules that mitigate ongoing attacks in near-real-time,” explained Kiner.
Google notes that the service trains itself for at least an hour to establish a reliable baseline before it begins monitoring traffic.
“When the training period is over, you receive real-time alerts when Adaptive Protection identifies high frequency or high volume anomalies in the traffic directed to any of the backend services associated with that security policy,” explains Google.