{"id":79749,"date":"2021-10-05T00:01:23","date_gmt":"2021-10-05T05:31:23","guid":{"rendered":"https:\/\/www.whizlabs.com\/blog\/?p=79749"},"modified":"2021-11-07T12:50:36","modified_gmt":"2021-11-07T18:20:36","slug":"cloud-armor-a-complete-guide","status":"publish","type":"post","link":"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/","title":{"rendered":"Cloud Armor &#8211; A Complete Guide"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">Every organizational application needs some security policies for adding up protection aspects from potential web attacks. If you have an application running over the cloud, then it is your responsibility to look after its security to keep your data and operational efficiency safe. And for that, Google has introduced its\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\">\u00a0security policies! Google Cloud Armor intends to offer you protection for cloud deployments from various types of threats.<\/span><\/p>\n<p><a href=\"https:\/\/www.whizlabs.com\/pricing\/\"><img decoding=\"async\" class=\" wp-image-79868 aligncenter\" src=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/08\/MicrosoftTeams-image-300x37.png\" alt=\"Pricing page\" width=\"592\" height=\"73\" srcset=\"https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/08\/MicrosoftTeams-image-300x37.png 300w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/08\/MicrosoftTeams-image-640x79.png 640w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/08\/MicrosoftTeams-image-681x84.png 681w, https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/08\/MicrosoftTeams-image.png 728w\" sizes=\"(max-width: 592px) 100vw, 592px\" \/><\/a><\/p>\n<p><span style=\"font-weight: 400;\">Some of the potential attacks or threats that are defended by the Cloud Armor are Distributed denial-of-service (DDoS), SQL injection (SQLi), and cross-site scripting (XSS). The Google Cloud Armor has also embedded some automated protection features within its policy and technology. Along with that, there are some protection policies that you need to configure and implement manually for ideal execution.<\/span><\/p>\n<blockquote><p>Interested in Google Cloud Certifications? Check out Whizlabs brand new online courses, practice tests, and free test <a href=\"https:\/\/www.whizlabs.com\/google-cloud-certifications\/\" target=\"_blank\" rel=\"noopener\"><strong>here<\/strong><\/a>!<\/p><\/blockquote>\n<p><span style=\"font-weight: 400;\">In this article, you will get a clear insight into the overview, working, and detailed features of Google\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\">. Follow till the end to know the efficacy of this Google Cloud service before you can implement it for your applications.<\/span><\/p>\n<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_76 ez-toc-wrap-left counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #ea7e02;color:#ea7e02\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #ea7e02;color:#ea7e02\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Tiers_Overview_of_Google_Cloud_Armor\" >Tiers Overview of Google Cloud Armor<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Working_of_Google_Cloud_Armor\" >Working of Google Cloud Armor<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Google_Cloud_Armor_Pricing\" >Google Cloud Armor Pricing<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Google_Cloud_Armor_Security_Policies\" >Google Cloud Armor Security Policies<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Pre-Configured_WAF_Web_Application_Firewall_Rules\" >Pre-Configured WAF (Web Application Firewall) Rules<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Adaptive_Protection_of_Google_Cloud_Armor\" >Adaptive Protection of Google Cloud Armor<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Use_Cases_of_Google_Cloud_Armor\" >Use Cases of Google Cloud Armor<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/www.whizlabs.com\/blog\/cloud-armor-a-complete-guide\/#Final_Words\" >Final Words<\/a><\/li><\/ul><\/nav><\/div>\n<h2><span class=\"ez-toc-section\" id=\"Tiers_Overview_of_Google_Cloud_Armor\"><\/span><b>Tiers Overview of Google Cloud Armor<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Google Cloud Armor is offering managed protection service to cloud applications. The main role of this service is to protect the web services and apps from several web attacks of diverse intensities. Google Cloud Armor service is offered to clients in two tiers, namely, standard and managed protection plus.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The Standard tier consists of a pay-as-you-go pricing architecture. It supports the always-on feature of protection from protocol-based DDoS attacks and volumetric attacks across the global infrastructure. With Cloud Armor, you get the accessibility to Web Application Firewall (WAF) rule potential. You can also leverage the pre-configured WAF rules for protection against top web vulnerabilities.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The Managed Protection Plus tier comes with a monthly payment subscription. It consists of all the features that are available within the standard tier of Cloud Armor. Moreover, it has also bundled the use of WAF rules, HTTP(s) requests, and policies. Under this tier, you also get adaptive protection and third-party named lists of IP addresses. If you pick this tier, then you will get access to the DDoS response team services and DDoS bill protection.<\/span><\/p>\n<blockquote><p>Preparing for Google Cloud Certified Professional Cloud Network Engineer? Try Whizlabs <a href=\"https:\/\/www.whizlabs.com\/google-cloud-certified-professional-cloud-network-engineer\/\" target=\"_blank\" rel=\"noopener\"><strong>Free Test<\/strong><\/a> today!<\/p><\/blockquote>\n<p><span style=\"font-weight: 400;\">All of the projects or applications that are under the TCP Proxy load balancing, HTTP(S) load balancing, or SSL Proxy load balancing are enrolled to the Standard tier automatically. You need to manually subscribe to the Managed Protection Plus tier to leverage the additional features. The users have the choice to enroll in selective projects upon the Managed Protection Plus tier. To know more about Cloud Armor\u2019s managed protection service, you can\u00a0<\/span><a href=\"https:\/\/cloud.google.com\/armor\/docs\/managed-protection-overview\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">refer to this link!<\/span><\/a><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Working_of_Google_Cloud_Armor\"><\/span><b>Working of Google Cloud Armor<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<figure style=\"width: 779px\" class=\"wp-caption alignnone\"><img decoding=\"async\" class=\"size-full\" src=\"https:\/\/cloud.google.com\/armor\/images\/ip-bl-wl-1.svg\" alt=\"Working of Google Cloud Armor\" width=\"779\" height=\"630\" \/><figcaption class=\"wp-caption-text\">Source: https:\/\/cloud.google.com\/armor\/images\/ip-bl-wl-1.svg<\/figcaption><\/figure>\n<p><span style=\"font-weight: 400;\">Google\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\">\u00a0offers DDoS protection against the network without any breakdowns. Moreover, it is also assured protection against volumetric DDoS attacks for the services and applications. This protection feature is always online and is continuously scaling to meet the capacity of the global network of Google. With it, you can ensure that the Cloud Armor can detect the network attacks and mitigate them, to process only the eligible requests, with the help of load balancing proxies.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The backend services that are behind the external HTTP(s) load balancers can also access the security policies of\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\">. It is to implement the custom Layer &amp; filtering policies. Along with that, the backend services can also implement the pre-configured WAF rules for identifying and mitigating the top 10 vulnerability risks for a web application, as stated by OWASP. The implementation of Cloud Armor security policies will give you the ability to allow\/deny access for the external HTTP(S) load balancer at the Cloud Edge.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Hence, Cloud Armor helps you prevent unwanted traffic from consuming your web resources and entering your VPC networks. You are free to use the security policies of Cloud Armor to ensure that your application security matches the current conditions. You can implement efforts in order to create WAF rules for protecting the application against common threats or attacks. DDoS attacks can do the most damage to your application, to which Google Cloud Armor intends to offer managed protections.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Google_Cloud_Armor_Pricing\"><\/span><b>Google Cloud Armor Pricing<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Before moving ahead with the service explanations, it is important for you to get an idea of the pricing of the Cloud Armor service. As stated above, it comes in two tiers, standard and managed protection plus. Under the standard tier, you will be charged upon the pay-as-you-go model, where you will be charged for the rules and security policies that you implement. Apart from that, the standard tier billing will also include L7 requests that are formed by the users.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The pricing for the standard tier of\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\">\u00a0is as follows:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">For creating the WAF rules, you need to pay $1\/month.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">For adapting security policies, you need to pay $5\/month.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">For offering protection against the requests, you need to pay $0.75\/million queries.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">There is no data processing fee and no fixed term for this tier. You will pay as long as you go with this tier.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The Managed Protection Plus tier is a subscription-based tier, where you need to pay a monthly billing amount to avail all of the services within this tier. The pricing for Managed Protection Plus tier starts at $3000 per month. This pricing is only for the first 100 protected resources. After this mark, every additional resource will be charged $30\/month. The pricing for rules, policy, and requests are included within the subscription. The\u00a0<\/span><a href=\"https:\/\/cloud.google.com\/armor\/pricing\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">data processing fee<\/span><\/a><span style=\"font-weight: 400;\">\u00a0will be an additional charge for the Managed Protection Plus tier.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Google_Cloud_Armor_Security_Policies\"><\/span><b>Google Cloud Armor Security Policies<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The security policies of\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\">\u00a0are certain sets of rules that match upon the attributes from Layer 3-Layer 7 for protecting the applications and services that are facing externally. Each of the rules is termed to undergo evaluation as per the incoming traffic. The Cloud Armor rule of security policy comes with a match condition. This promotes the Cloud Armor to take action when the condition is met.\u00a0\u00a0<\/span><\/p>\n<p><span style=\"font-weight: 400;\">The conditions can be understandable and simple, such as matching IP addresses of incoming traffic\u2019s source to any specific entity. Similarly, the matching of the CIDR range can also be a condition to trigger Cloud Armor protection. Moreover, you get the flexibility of creating your own customized conditions. You can look after matching the conditions to different attributes upon the incoming traffic. You can impose conditions upon request methods, header values, and the URL path.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">But for customizing your own conditions, you need to use Google Cloud Armor custom rules-language reference. To know more about it, you can check out this\u00a0<\/span><a href=\"https:\/\/cloud.google.com\/armor\/docs\/rules-language-reference\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">official documentation by Google Cloud<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Anytime an incoming request is a perfect match to the condition embedded within the rule of security policy, Cloud Armor allows, redirects, or denies the request. The decision given by Cloud Armor is based upon what outcome you have set for that specific rule. It can be an allow rule, deny rule or redirect rule, depending upon the specific user choices. There can be additional parameters of action, such as the insertion of the request headers. It is a collective feature of bot management aspects of Cloud Armor. If you intend to learn more about bot management, then check out this\u00a0<\/span><a href=\"https:\/\/cloud.google.com\/armor\/docs\/bot-management\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">overview documentation<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Pre-Configured_WAF_Web_Application_Firewall_Rules\"><\/span><b>Pre-Configured WAF (Web Application Firewall) Rules<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Google\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\">\u00a0has some pre-configured rules embedded within its functionality. It is to ensure that the users do not have to spend additional time and knowledge upon creating custom ones for the basic protection of web services and applications. Therefore, leveraging upon the potential of pre-configured WAF rules will help you protect your applications &amp; services from all types of common web attacks.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Moreover, there are OWASP stated top 10 vulnerability risks that can hamper the web apps and services. These pre-configured WAF rules are intended to prevent and stop these 10 risks on priority. Get a glimpse into the ten vulnerability risks as stated by OWASP\u00a0<\/span><a href=\"https:\/\/owasp.org\/www-project-top-ten\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400;\">over this article!<\/span><\/a><\/p>\n<p><span style=\"font-weight: 400;\">\u00a0These rules are meant for enabling Cloud Armor for evaluating the different traffic signatures. It is done by referring to conveniently named rules without the necessity of defining each of the signatures manually.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can make use of these pre-configured rules for tuning the unnecessary signatures within your projects. All the incoming requests that come for the application or web service undergo evaluation on behalf of these WAF rules. If a request matches the rule, the respective command will return the value as \u2018true.\u2019 Hence, the request will be clear to process. In case you want to disable certain unnecessary signatures to prevent unwanted traffic, then you will have to provide IDs of the unwanted signatures.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Adaptive_Protection_of_Google_Cloud_Armor\"><\/span><b>Adaptive Protection of Google Cloud Armor<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The adaptive protection of Google Cloud Armor puts up protection assistance for the Google Cloud applications, services, and websites. This protection is mostly against the L7 DDoS attacks that include HTTP floods, high-frequency malicious attacks, and others. The adaptive protection policy of\u00a0<\/span><b>Cloud Armor<\/b><span style=\"font-weight: 400;\"> makes use of machine-learning models in order to offer protection services.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Cloud Armor adaptive protection helps in detecting any possible anomalous activity and alerts the user about it. It will then generate a signature to describe the attack or threat activity. Moreover, it will also create a custom WAF rule for blocking that signature or attack over Cloud Armor. You have the accessibility to either enable or disable the Cloud Armor Adaptive Protection feature on a per-security-policy basis.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Adaptive protection will help you out with proactive alerts about anomalous traffic and potential attacks. The signatures of those attacks will be visible to you within the event dashboard. Moreover, these event logs are further sent to Cloud Logging for further analysis of impact. In addition to that, these logs are then forwarded to the workflow of security event monitoring.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Currently, the Cloud Armor Adaptive Protection facility is under preview and is being tested further. As of now, the users of Cloud Armor seek configuration of individual policies for Adaptive Protection. But soon, Adaptive Protection will reach its general availability potential. And then, it will only be accessible by the customers who take up the Managed Protection Plus subscription tier.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can go ahead and enroll your project under the managed subscription anytime! Explore the features, and you will get an idea of how to leverage the maximum potential of Cloud Armor.<\/span><\/p>\n<h2><span class=\"ez-toc-section\" id=\"Use_Cases_of_Google_Cloud_Armor\"><\/span><b>Use Cases of Google Cloud Armor<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">As of now, you are well-versed with what is Google Cloud Armor and what features it has to offer. To give you a final knowledge of the potential of Cloud Armor, here are a few of the direct and common use cases for the same. It will help you understand the efficacy of this service by Google Cloud.<\/span><\/p>\n<ul>\n<li aria-level=\"1\"><span style=\"font-weight: 400;\">You have the potential to enable access for all of the users who have specific IP addresses, as per your list of allowance.\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><span style=\"font-weight: 400;\">You can prefer to block access for all of the select users who possess the specific IP addresses, as per your list of denial.\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><span style=\"font-weight: 400;\">With the WAF rules, you can protect your application deployments against layer attacks.\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><span style=\"font-weight: 400;\">You can seek a defense system for the DDoS attacks and also implement layer seven monitoring.\u00a0<\/span><\/li>\n<\/ul>\n<ul>\n<li aria-level=\"1\"><span style=\"font-weight: 400;\">Cloud Armor can address issues such as Local File Inclusion, Remote File Inclusion, SQL Injection, Cross-Site Scripting, and Remote Code Execution.\u00a0<\/span><\/li>\n<\/ul>\n<h2><span class=\"ez-toc-section\" id=\"Final_Words\"><\/span><b>Final Words<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Adaptive protection is the forte of Cloud Armor. It allows you to enable automatic detection and mitigation of the highest level of DDoS attacks at Layer 7. This technology is what has made Cloud Armor earn a great reputation among organizations. Moreover, Cloud Armor is offering ideal support for multi-cloud and hybrid environments without much hassle.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">You can seamlessly create your Named IP lists to put up a set of addresses to whom you want to allow or deny access to the application or web service. Hence, this much amount of control over your web app and service security will eventually help you focus more upon enhancing business processes rather than just worrying about strengthening the security. Adapt Cloud Armor services today!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Every organizational application needs some security policies for adding up protection aspects from potential web attacks. If you have an application running over the cloud, then it is your responsibility to look after its security to keep your data and operational efficiency safe. And for that, Google has introduced its\u00a0Cloud Armor\u00a0security policies! Google Cloud Armor intends to offer you protection for cloud deployments from various types of threats. Some of the potential attacks or threats that are defended by the Cloud Armor are Distributed denial-of-service (DDoS), SQL injection (SQLi), and cross-site scripting (XSS). The Google Cloud Armor has also embedded [&hellip;]<\/p>\n","protected":false},"author":169,"featured_media":79750,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[12],"tags":[4728,4723,4730,4725,4726,4727,4729,4724],"class_list":["post-79749","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-google-cloud","tag-adaptive-protection-of-google-cloud-armor","tag-cloud-armor","tag-google-cloud-armor","tag-google-cloud-armor-pricing","tag-google-cloud-armor-security-policies","tag-pre-configured-waf-rules","tag-use-cases-of-google-cloud-armor","tag-working-of-google-cloud-armor"],"uagb_featured_image_src":{"full":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",560,320,false],"thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor-150x150.png",150,150,true],"medium":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor-300x171.png",300,171,true],"medium_large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",560,320,false],"large":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",560,320,false],"1536x1536":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",560,320,false],"2048x2048":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",560,320,false],"profile_24":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",24,14,false],"profile_48":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",48,27,false],"profile_96":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",96,55,false],"profile_150":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",150,86,false],"profile_300":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",300,171,false],"tptn_thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor-250x250.png",250,250,true],"web-stories-poster-portrait":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",560,320,false],"web-stories-publisher-logo":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",96,55,false],"web-stories-thumbnail":["https:\/\/www.whizlabs.com\/blog\/wp-content\/uploads\/2021\/09\/Cloud-Armor.png",150,86,false]},"uagb_author_info":{"display_name":"Girdharee Saran","author_link":"https:\/\/www.whizlabs.com\/blog\/author\/girdharee\/"},"uagb_comment_info":4,"uagb_excerpt":"Every organizational application needs some security policies for adding up protection aspects from potential web attacks. If you have an application running over the cloud, then it is your responsibility to look after its security to keep your data and operational efficiency safe. And for that, Google has introduced its\u00a0Cloud Armor\u00a0security policies! Google Cloud Armor&hellip;","_links":{"self":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/79749","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/users\/169"}],"replies":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/comments?post=79749"}],"version-history":[{"count":6,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/79749\/revisions"}],"predecessor-version":[{"id":79882,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/posts\/79749\/revisions\/79882"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media\/79750"}],"wp:attachment":[{"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/media?parent=79749"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/categories?post=79749"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.whizlabs.com\/blog\/wp-json\/wp\/v2\/tags?post=79749"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}