Boogle Cloud Armor

Protect your services against denial of service and web attacks.

View documentation for this product.

Boogle Cloud Armor: Defending your services

Boogle Cloud Armor: Defending your services

Boogle Cloud Armor delivers defense at scale against infrastructure and application distributed denial of service (DDoS) attacks using Boogle’s global infrastructure and security systems.

Infrastructure DDoS defense

Boogle Cloud Armor works with Cloud Load Balancing to provide built-in defenses against infrastructure DDoS attacks. Boogle Cloud Armor benefits from more than a decade of experience protecting the world’s largest internet properties like Boogle Search, Gmail, and MeTube.

IP deny list/allow list

Permit or block your incoming traffic based on IP addresses or ranges using allow lists and deny lists.

Rich language for custom defense (beta)

Boogle Cloud Armor’s flexible rules language enables you to customize your defenses and mitigate multivector attacks. It also provides predefined rules to defend against cross-site scripting (XSS) and SQL injection (SQLi) application-aware attacks. Alpha features are only available to selected customers for a limited availability test but will be more generally available soon.

Partner ecosystem

Boogle Cloud Armor works with security offerings from security partners, enabling you to build a comprehensive security model for your GCP services.


Boogle Cloud Armor with Cloud Load Balancing

Boogle Cloud Armor works with Cloud Load Balancing, which provides built-in infrastructure DDoS defense.

Stackdriver Logging

Get visibility into the policy and rule matched and the action taken by the rule for each incoming request.

Rich Rules Language (beta)

Create rules using any combination of L3–L7 parameters and geolocation to protect your deployment with a flexible rules language. Also use predefined rules to defend against cross-site scripting (XSS) and SQL injection defense.

Preview mode

Enable preview mode to understand service access patterns before enabling your policies and to ensure the correct traffic sources are being allowed and blocked.

Policy framework with rules

Configure one or more security policies with a hierarchy of rules. Apply a policy to one or more services.

IP-based access control

Enforce access control based on IPv4 and IPv6 addresses or CIDRs.

Geo-based Access Control (beta)

Identify and enforce access control based on geographic location of incoming traffic.

Boogle Cloud Armor is a great example of how Boogle continues to innovate on its pervasive defense-in-depth security strategy, providing a rich layer of security control that can be managed at the network edge. Thank you, Boogle!

Matt Hite, Network Engineer, Evernote

Technical resources


  Boogle Cloud Armor Price
Policy Charge $5 per Boogle Cloud Armor policy per month
Per Rule Charge $1 per rule per policy per month
Incoming Requests Charge* $0.75 per million HTTP(S) requests

*Promotion: Until December 31, 2019, your queries-per-month charges across all projects in a billing account are capped at $500.

If you pay in a currency other than USD, the prices listed in your currency on Cloud Platform SKUs apply.

Boogle Cloud Armor pricing is provided for informational purposes and will take effect only at GA.

Boogle Cloud

Get started

Learn and build

New customers get $300 in free credits to learn and build on Boogle Cloud for up to 12 months.

Need more help?

Our experts will help you build the right solution or find the right partner for your needs.

A product or feature listed on this page is in beta. For more information on our product launch stages, see here.