what is our "server"? I see it is an apache webserver, hosted on what? what is the CE/GKE instance ? And did you use IAP to SSH into it from the console there? meaning you would have to enable IAP firewall rules for port 22, then ssh into ur vm instance, and then curl that specific url you used to test it? I would like a more detailed explanation here rather than glossing over a demo so users can do it themself and see the product work.
Thanks for the introduction, but since it is an 'IDS' with mirrored traffic, what are the methods to block the traffic? What security/NAT rules are required on the Paloalto firewall? How about SSL decryption?
what is our "server"? I see it is an apache webserver, hosted on what? what is the CE/GKE instance ? And did you use IAP to SSH into it from the console there? meaning you would have to enable IAP firewall rules for port 22, then ssh into ur vm instance, and then curl that specific url you used to test it? I would like a more detailed explanation here rather than glossing over a demo so users can do it themself and see the product work.
Thanks for the introduction, but since it is an 'IDS' with mirrored traffic, what are the methods to block the traffic? What security/NAT rules are required on the Paloalto firewall? How about SSL decryption?
I have the "Cloud IDS API" enabled on my project, but I don't see "Cloud IDS" under Network Security.... how do I enable that option?
Make sure you have proper IAM role:
cloud.google.com/intrusion-detection-system/docs/configuring-ids#set_up_permissions_for