Skip to main content
DE / EN
Cloud / Google Cloud / Products / Cloud Armor - DDoS Protection and WAF

Cloud Armor - DDoS Protection and WAF

Cloud Armor protects applications from DDoS attacks and provides a Web Application Firewall.

Networking
Get Expert Support Documentation
Pricing Model Pay-per-use
Availability Global with EU regions
Data Sovereignty EU regions available
Reliability 99.99% SLA

What is Cloud Armor?

Cloud Armor is Google’s DDoS protection and Web Application Firewall service. It sits at Google’s global edge network and blocks attacks before they reach your applications. The service protects against volumetric DDoS attacks and application layer attacks.

Core Features

  • DDoS protection at Google’s edge network (200+ points of presence)
  • Web Application Firewall with OWASP Top 10 rules
  • Adaptive Protection with ML-based attack detection
  • Bot management and reCAPTCHA Enterprise integration
  • Geo-based access control and IP allow/deny lists

Typical Use Cases

E-commerce Protection: Securing online shops against DDoS attacks during sales events and protection from automated bot attacks.

API Security: Rate limiting and WAF rules for public APIs to protect against abuse and exploitation.

Compliance Requirements: Meeting PCI DSS and other standards through application layer firewall rules.

Benefits

  • Protection through Google’s global network with 200+ PoPs
  • No changes to application architecture required
  • Automatic scaling for attacks of any size
  • Integrated logging and monitoring

Integration with innFactory

As a Google Cloud partner, innFactory supports you with Cloud Armor: architecture, migration, operations, and cost optimization.

Available Tiers & Options

Standard

Strengths
  • Basic DDoS protection
  • Simple IP rules
Considerations
  • No WAF rules
Recommended

Plus

Strengths
  • Full WAF
  • Adaptive Protection
  • Bot management
Considerations
  • Higher costs

Typical Use Cases

DDoS protection
WAF rules
Bot mitigation
IP filtering

Technical Specifications

API RESTful API and client libraries
Integration Native Google Cloud integration
Security Global edge network

Frequently Asked Questions

What is Cloud Armor?

Cloud Armor is a DDoS protection and WAF service that protects applications at Google's edge network before attacks reach your infrastructure.

How does Adaptive Protection work?

Adaptive Protection uses machine learning to detect attack patterns and automatically suggest defense rules that you can activate with one click.

Which WAF rule sets are available?

Cloud Armor offers preconfigured OWASP Top 10 rules, SQL injection protection, XSS prevention, and custom rules with CEL syntax.

Which backend services are supported?

Cloud Armor protects HTTP(S) Load Balancer, Cloud CDN, Cloud Run, GKE, and external backend services.

Quick Links

Documentation Pricing Console

Google Cloud Partner

innFactory is a certified Google Cloud Partner. We provide expert consulting, implementation, and managed services.

Google Cloud Partner

Similar Products from Other Clouds

Other cloud providers offer comparable services in this category. As a multi-cloud partner, we help you choose the right solution.

AWS

Amazon API Gateway - Managed API Platform

Amazon API Gateway is a fully managed service for creating, publishing, and managing REST, HTTP, and WebSocket APIs.

Pricing Pay per request
SLA 99.95% availability
Compare →
AWS

Amazon CloudFront: Content Delivery Network

Amazon CloudFront is a global CDN with 450+ edge locations for fast content delivery worldwide.

Pricing Pay for data transfer and requests
SLA 99.9% availability
Compare →
AWS

Amazon Route 53 - DNS Service

Amazon Route 53 is a highly available DNS web service with domain registration, routing policies, and health checks.

Pricing Pay per hosted zone and queries
SLA 100% availability SLA
Compare →
AWS

Amazon VPC - AWS Networking & Content Delivery Service

Amazon VPC is an AWS service for Network isolation and Multi-tier web applications. GDPR-compliant in EU regions.

Pricing No charge for VPC itself, pay for …
SLA N/A (no charge service)
Compare →
AWS

AWS App Mesh - Service Mesh for Microservices

AWS App Mesh is a service mesh for microservices with traffic routing, observability, and communication control.

Pricing No charge, pay for resources
SLA N/A
Compare →
AWS

AWS Cloud Map: Service Discovery

AWS Cloud Map enables service discovery for microservices and containers with automatic registration.

Pricing Pay per resource and query
SLA 99.9% availability
Compare →

39 comparable products found across other clouds.

Ready to start with Cloud Armor - DDoS Protection and WAF?

Our certified Google Cloud experts help you with architecture, integration, and optimization.

Schedule Consultation