Why Google ●Groundbreaking solutions. Transformative know-how. ●Whether your business is early in its journey or well on its way to digital transformation, Google Cloud's solutions and technologies help chart a path to success. Learn more ●Why Google Cloud Choosing Google Cloud Reasons why people choose us Trust and security Keep your data secure and compliant Open cloud Scale with open, flexible technology Global infrastructure Build on the same infrastructure Google uses Analyst reports See how Google Cloud ranks Customer stories Learn how businesses use Google Cloud Partners Tap into our global ecosystem of cloud experts Google Cloud Blog Read the latest stories and product updates Events Join events and learn more about Google Cloud Solutions

Industry Solutions Reduce cost, increase operational agility, and capture new market opportunities.

Retail Analytics and collaboration tools for the retail value chain.

Financial Services Computing, data management, and analytics tools for financial services.

Healthcare and Life Sciences Health-specific solutions to enhance the patient experience.

Media and Entertainment Solutions for content production and distribution operations.

Telecommunications Hybrid and multi-cloud services to deploy and monetize 5G.

Gaming AI-driven solutions to build and scale games faster.

Manufacturing Migration and AI tools to optimize the manufacturing value chain.

Energy Multi-cloud and hybrid solutions for energy companies.

Government Data storage, AI, and analytics solutions for government agencies.

Education Teaching tools to provide more engaging learning experiences.

Small and Medium Business Explore SMB solutions for web hosting, app development, AI, analytics, and more.

Cloud Natives Resources and solutions for cloud-native organizations. ●Not seeing what you're looking for? See all solutions

Application Modernization Develop and run applications anywhere, using cloud-native technologies like containers, serverless, and service mesh. Hybrid and Multi-cloud Application Platform Platform for modernizing legacy apps and building new apps. Cloud-Native App Development End-to-end solution for building, deploying, and managing apps. Serverless solutions Fully managed environment for developing, deploying and scaling apps. DevOps Processes and resources for implementing DevOps in your org. Configuration Management Tools for automating and maintaining system configurations. Continuous Delivery (CD) End-to-end automation from source to production. Continuous Integration (CI) Fast feedback on code changes at scale. Infrastructure as Code Automate repeatable tasks for one machine or millions. Secrets Management Encrypt, store, manage, and audit infrastructure and application-level secrets. Mainframe Modernization Automated tools and prescriptive guidance for moving to the cloud. Hosting Services and infrastructure for building web apps and websites.

Artificial Intelligence Add intelligence and efficiency to your business with AI and machine learning. Build and Use AI Products to build and use artificial intelligence. Contact Center AI AI model for speaking with customers and assisting human agents. Document AI Machine learning and AI to unlock insights from your documents. Cloud Talent Solution AI with job search and talent acquisition capabilities.

Business Application Platform Speed up the pace of innovation without coding, using APIs, apps, and automation. New Business Channels Using APIs Attract and empower an ecosystem of developers and partners. Unlocking Legacy Applications Using APIs Cloud services for extending and modernizing legacy apps. Open Banking APIx Simplify and accelerate secure delivery of open banking compliant APIs.

Data Management Migrate and manage enterprise data with security, reliability, high availability, and fully managed data services. Database Migration Guides and tools to simplify your database migration life cycle. Database Modernization Upgrades to modernize your operational database infrastructure. Google Cloud Databases Database services to migrate, manage, and modernize data. Migrate Oracle workloads to Google Cloud Rehost, replatform, rewrite your Oracle workloads. Open Source Databases Fully managed open source databases with enterprise-grade support. SQL Server on Google Cloud Options for running SQL Server virtual machines on Google Cloud. ●Digital Transformation ●Accelerate business recovery and ensure a better future with solutions that enable hybrid and multi-cloud, generate intelligent insights, and keep your workers connected. Business Continuity Proactively plan and prioritize workloads. Digital Innovation Reimagine your operations and unlock new opportunities. Operational Efficiency Prioritize investments and optimize costs. COVID-19 Solutions Get work done more safely and securely. COVID-19 Solutions for the Healthcare Industry How Google is helping healthcare meet extraordinary challenges.

Infrastructure Modernization Migrate quickly with solutions for SAP, VMware, Windows, Oracle, and other workloads. VM Migration Discovery and analysis tools for moving to the cloud. SAP on Google Cloud Certifications for running SAP applications and SAP HANA. High Performance Computing Compute, storage, and networking options to support any workload. Windows on Google Cloud Tools and partners for running Windows workloads. Data Center Migration Migration solutions for VMs, apps, databases, and more. Marketing Technology Tools for app hosting, real-time bidding, ad serving, and more. Active Assist Automatic cloud resource optimization and increased security. Virtual Desktops Remote work solutions for desktops and applications (VDI & DaaS).

Productivity and Collaboration Change the way teams work with solutions designed for humans and built for impact. G Suite Collaboration and productivity tools for enterprises. G Suite Essentials Secure video meetings and modern collaboration for teams. Cloud Identity Unified platform for IT admins to manage user devices and apps. Chrome Enterprise Chrome OS, Chrome Browser, and Chrome devices built for business. Cloud Search Enterprise search for employees to quickly find company information.

Security Detect, investigate, and respond to online threats to help protect your business. Application Security App protection against fraudulent activity, spam, and abuse. Security Analytics and Operations Solution for analyzing petabytes of security telemetry. BeyondCorp Remote Access Zero-trust access control for your internal web apps.

Smart Analytics Generate instant insights from data at any scale with a serverless, fully managed analytics platform that significantly simplifies analytics. Data Warehouse Modernization Data warehouse to jumpstart your migration and unlock insights. Stream Analytics Insights from ingesting, processing, and analyzing event streams. Marketing Analytics Solutions for collecting, analyzing, and activating customer data. Data Lake Modernization Services for building and modernizing your data lake. Business Intelligence Data analytics tools for collecting, analyzing, and activating BI. Products ●Featured Products

Compute Engine Virtual machines running in Google’s data center.

Cloud Storage Object storage that’s secure, durable, and scalable.

Cloud SDK Command-line tools and libraries for Google Cloud.

Cloud SQL Relational database services for MySQL, PostgreSQL, and SQL server.

Google Kubernetes Engine Managed environment for running containerized apps.

BigQuery Data warehouse for business agility and insights.

Cloud CDN Content delivery network for delivering web and video.

Dataflow Streaming analytics for stream and batch processing.

Operations Monitoring, logging, and application performance suite.

Cloud Run Fully managed environment for running containerized apps.

Cloud Functions Event-driven compute platform for cloud services and apps. ●Not seeing what you're looking for? See all products (100+)

AI and Machine Learning

Speech-to-Text Speech recognition and transcription supporting 125 languages.

Vision AI Custom and pre-trained models to detect emotion, text, more.

Text-to-Speech Speech synthesis in 220+ voices and 40+ languages.

Cloud Translation Language detection, translation, and glossary support.

Cloud Natural Language Sentiment analysis and classification of unstructured text.

AutoML Custom machine learning model training and development.

AI Platform Platform for training, hosting, and managing ML models.

Video AI Video classification and recognition using machine learning.

AI Infrastructure Options for every business to train deep learning and machine learning models cost-effectively.

Dialogflow Conversation applications and systems development suite.

AutoML Tables Service for training ML models with structured data. ●Not seeing what you're looking for? See all AI and machine learning products ●API Management

Apigee API Platform API management, development, and security platform.

Analyze APIs Dashboards, custom reports, and metrics for API performance.

Monetize APIs Revenue stream and business model creation from APIs.

Apigee Hybrid Deployment option for managing APIs on-premises or in the cloud.

Apigee Sense Intelligent behavior detection to protect APIs.

Cloud Endpoints Deployment and development management for APIs on Google Cloud.

Developer Portal Self-service and custom developer portal creation.

Apigee Healthcare APIx FHIR API-based digital service formation.

Apigee Open Banking APIx Open banking and PSD2-compliant API delivery.

Cloud Healthcare API Solution to bridge existing care systems and apps on Google Cloud.

AppSheet No-code development platform to build and extend applications.

Compute

Compute Engine Virtual machines running in Google’s data center.

App Engine Serverless application platform for apps and back ends.

Cloud GPUs GPUs for ML, scientific computing, and 3D visualization.

Migrate for Compute Engine Server and virtual machine migration to Compute Engine.

Preemptible VMs Compute instances for batch jobs and fault-tolerant workloads.

Shielded VMs Reinforced virtual machines on Google Cloud.

Sole-Tenant Nodes Dedicated hardware for compliance, licensing, and management.

Bare Metal Infrastructure to run specialized workloads on Google Cloud.

Recommender Usage recommendations for Google Cloud products and services.

VMware Engine Migrate and run your VMware workloads natively on Google Cloud.

Cloud Run Fully managed environment for running containerized apps. ●Not seeing what you're looking for? See all compute products

Containers

Google Kubernetes Engine Managed environment for running containerized apps.

Container Registry Registry for storing, managing, and securing Docker images.

Container Security Container environment security for each stage of the life cycle.

Cloud Build Solution for running build steps in a Docker container.

Deep Learning Containers Containers with data science frameworks, libraries, and tools.

Kubernetes Applications Containerized apps with prebuilt deployment and unified billing.

Artifact Registry Package manager for build artifacts and dependencies.

Knative Components to create Kubernetes-native cloud-based software.

Cloud Run Fully managed environment for running containerized apps.

Cloud Code IDE support to write, run, and debug Kubernetes applications.

Data Analytics

BigQuery Data warehouse for business agility and insights.

Looker Platform for BI, data applications, and embedded analytics.

Dataflow Streaming analytics for stream and batch processing.

Pub/Sub Messaging service for event ingestion and delivery.

Dataproc Service for running Apache Spark and Apache Hadoop clusters.

Cloud Data Fusion Data integration for building and managing data pipelines.

Cloud Composer Workflow orchestration service built on Apache Airflow.

Data Catalog Metadata service for discovering, understanding and managing data.

Dataprep Service to prepare data for analysis and machine learning.

Google Data Studio Interactive data suite for dashboarding, reporting, and analytics.

Google Marketing Platform Marketing platform unifying advertising and analytics.

Cloud Life Sciences Tools for managing, processing, and transforming biomedical data.

Databases

Cloud Bigtable NoSQL wide-column database for storing big data with low latency.

Firestore NoSQL document database for mobile and web application data.

Memorystore In-memory data store service for Redis for fast data processing.

Cloud Spanner Relational database management system for database administration.

Cloud SQL Relational database services for MySQL, PostgreSQL, and SQL server.

Firebase Realtime Database NoSQL cloud database for storing and syncing data in real time.

Developer Tools

Cloud SDK Command line tools and libraries for Google Cloud.

Container Registry Private Docker storage for container images on Google Cloud.

Cloud Build Continuous integration and continuous delivery platform.

Cloud Source Repositories Private Git repository to store, manage, and track code.

Cloud Scheduler Cron job scheduler for task automation and management.

Tekton Kubernetes-native resources for declaring CI/CD pipelines.

Cloud Tasks Task management service for asynchronous task execution.

Cloud Code IDE support to write, run, and debug Kubernetes applications.

Tools for Visual Studio Tools to enable development in Visual Studio on Google Cloud.

Tools for Eclipse Plugin for Google Cloud development inside the Eclipse IDE.

Cloud Code for IntelliJ IDE support for debugging production cloud apps inside IntelliJ. ●Not seeing what you're looking for? See all developer tools ●Healthcare and Life Sciences

Apigee Healthcare APIx FHIR API-based digital service production.

Cloud Healthcare API Solution for bridging existing care systems and apps on Google Cloud.

Cloud Life Sciences Tools for managing, processing, and transforming biomedical data.

Hybrid and Multi-cloud

Anthos Platform for modernizing existing apps and building new ones.

Cloud Run for Anthos Integration that provides a serverless development platform on GKE.

Google Cloud Marketplace for Anthos Containerized apps with prebuilt deployment and unified billing.

Migrate for Anthos Tool to move workloads and existing applications to GKE.

Operations Monitoring, logging, and application performance suite.

Cloud Build Service for executing builds on Google Cloud infrastructure.

Traffic Director Traffic control pane and management for open service mesh.

Apigee API Management API management, development, and security platform. ●Internet of Things

Cloud IoT Core IoT device management, integration, and connection service.

Edge TPU ASIC designed to run ML inference and AI at the edge.

Management Tools

Cloud Shell Interactive shell environment with a built-in command line.

Cloud Console Web-based interface for managing and monitoring cloud apps.

Cloud Deployment Manager Service for creating and managing Google Cloud resources.

Cloud Mobile App App to manage Google Cloud services from your mobile device.

Cloud APIs Programmatic interfaces for Google Cloud services.

Private Catalog Service catalog for admins managing internal enterprise solutions.

Cost Management Tools for monitoring, controlling, and optimizing your costs. ●Media and Gaming

Game Servers Game server management service running on Google Kubernetes Engine.

Zync Render Platform for 3D modeling and rendering on Google Cloud infrastructure.

Anvato Media content platform for OTT services and video streaming.

OpenCue Open source render manager for visual effects and animation.

Migration

BigQuery Data Transfer Service Data import service for scheduling and moving data into BigQuery.

Cloud Data Transfer Tools and services for transferring your data to Google Cloud.

Cloud Foundation Toolkit Reference templates for Deployment Manager and Terraform.

Transfer Service Data transfers from online and on-premises sources to Cloud Storage.

Migrate for Anthos Components for migrating VMs into system containers on GKE.

Migrate for Compute Engine Components for migrating VMs and physical servers to Compute Engine.

Transfer Appliance Storage server for moving large volumes of data to Google Cloud.

VM Migration VM migration to the cloud for low-cost refresh cycles.

Networking

Cloud Armor Security policies and defense against web and DDoS attacks.

Cloud CDN Content delivery network for serving web and video content.

Cloud DNS Domain name system for reliable and low-latency name lookups.

Cloud Load Balancing Service for distributing traffic across applications and regions.

Cloud NAT NAT service for giving private instances internet access.

Hybrid Connectivity Connectivity options for VPN, peering, and enterprise needs.

Network Intelligence Center Network monitoring, verification, and optimization platform.

Network Service Tiers Cloud network options based on performance, availability, and cost.

Network Telemetry VPC flow logs for network monitoring, forensics, and security.

Traffic Director Traffic control pane and management for open service mesh.

Virtual Private Cloud Virtual network for Google Cloud resources and cloud-based services.

Service Directory Platform for discovering, publishing, and connecting services.

Operations

Cloud Logging Google Cloud audit, platform, and application logs management.

Cloud Monitoring Infrastructure and application health with rich metrics.

Error Reporting Application error identification and analysis.

Kubernetes Engine Monitoring GKE app development and troubleshooting.

Service Monitoring SLO monitoring and alerting.

Cloud Trace Tracing system collecting latency data from applications.

Cloud Profiler CPU and heap profiler for analyzing application performance.

Cloud Debugger Real-time application state inspection and in-production debugging.

Transparent Service Level Indicators SLIs for monitoring Google Cloud services and their effects on your workloads.

Security and Identity

Cloud IAM Permissions management system for Google Cloud resources.

Assured Workloads Compliance and security controls for sensitive workloads.

Cloud Key Management Manage encryption keys on Google Cloud.

Confidential Computing Encrypt data in use with Confidential VMs.

Security Command Center Platform for defending against threats to your Google Cloud assets.

Cloud Data Loss Prevention Sensitive data inspection, classification, and redaction platform.

Managed Service for Microsoft Active Directory Hardened service running Microsoft® Active Directory (AD).

Access Transparency Cloud provider visibility through near real-time logs.

Titan Security Key Two-factor authentication device for user account protection.

Secret Manager Store API keys, passwords, certificates, and other sensitive data. ●Not seeing what you're looking for? See all security and identity products

Serverless Computing

Cloud Run Fully managed environment for running containerized apps.

Cloud Functions Platform for creating functions that respond to cloud events.

App Engine Serverless application platform for apps and back ends.

Workflows Workflow orchestration for serverless products and API services.

Storage

Cloud Storage Object storage that’s secure, durable, and scalable.

Filestore File storage that is highly scalable and secure.

Persistent Disk Block storage for virtual machine instances running on Google Cloud.

Cloud Storage for Firebase Object storage for storing and serving user-generated content.

Local SSD Block storage that is locally attached for high-performance needs.

Archival Storage Data archive that offers online access speed at ultra low cost.

Cloud Data Transfer Tools and services for transferring your data to Google Cloud.

G Suite Essentials Secure video meetings and modern collaboration for teams. Pricing ●Do more for less with Google Cloud ●Our customer-friendly pricing means more overall value to your business. Contact sales ●Google Cloud Platform Overview Pay only for what you use with no lock-in Price list Pricing details on each Google Cloud product Calculators Calculate your cloud savings Free on Google Cloud Learn and build on Google Cloud for free ●More Cloud Products G Suite Google Maps Platform Cloud Identity Apigee Firebase Zync Render Getting started ●Get started with Google Cloud ●Start building right away on our secure, intelligent platform. New customers can use a $300 free credit to get started with any GCP product. Try GCP Free Get Started ●Resources to Start on Your Own Quickstarts View short tutorials to help you get started GCP Marketplace Deploy ready-to-go solutions in a few clicks Training Enroll in on-demand or classroom training Certification Become Google Cloud Certified ●Get Help from an Expert Consulting Jump-start your project with help from Google Technical Account Management Get long-term guidance from Google Find a Partner Work with a Partner in our global network Become a Partner Join Google Cloud's Partner program More ways to get started Docs Support

Docs Support

● Contact Sales Get started for free

● Why Google ● More ● Solutions ● More ● Products ● More ● Pricing ● More ● Getting started ● More ● Docs ● Support ● Console ● Contact Sales ● Get started for free ● Groundbreaking solutions. Transformative know-how. ● Learn more ● Why Google Cloud ● Choosing Google Cloud ● Trust and security ● Open cloud ● Global infrastructure ● Analyst reports ● Customer stories ● Partners ● Google Cloud Blog ● Events ● Industry Solutions ● Retail ● Financial Services ● Healthcare and Life Sciences ● Media and Entertainment ● Telecommunications ● Gaming ● Manufacturing ● Energy ● Government ● Education ● Small and Medium Business ● Cloud Natives ● See all solutions ● Application Modernization ● Hybrid and Multi-cloud Application Platform ● Cloud-Native App Development ● Serverless solutions ● DevOps ● Configuration Management ● Continuous Delivery (CD) ● Continuous Integration (CI) ● Infrastructure as Code ● Secrets Management ● Mainframe Modernization ● Hosting ● Artificial Intelligence ● Build and Use AI ● Contact Center AI ● Document AI ● Cloud Talent Solution ● Business Application Platform ● New Business Channels Using APIs ● Unlocking Legacy Applications Using APIs ● Open Banking APIx ● Data Management ● Database Migration ● Database Modernization ● Google Cloud Databases ● Migrate Oracle workloads to Google Cloud ● Open Source Databases ● SQL Server on Google Cloud ● Digital Transformation ● Business Continuity ● Digital Innovation ● Operational Efficiency ● COVID-19 Solutions ● COVID-19 Solutions for the Healthcare Industry ● Infrastructure Modernization ● VM Migration ● SAP on Google Cloud ● High Performance Computing ● Windows on Google Cloud ● Data Center Migration ● Marketing Technology ● Active Assist ● Virtual Desktops ● Productivity and Collaboration ● G Suite ● G Suite Essentials ● Cloud Identity ● Chrome Enterprise ● Cloud Search ● Security ● Application Security ● Security Analytics and Operations ● BeyondCorp Remote Access ● Smart Analytics ● Data Warehouse Modernization ● Stream Analytics ● Marketing Analytics ● Data Lake Modernization ● Business Intelligence ● Featured Products ● Compute Engine ● Cloud Storage ● Cloud SDK ● Cloud SQL ● Google Kubernetes Engine ● BigQuery ● Cloud CDN ● Dataflow ● Operations ● Cloud Run ● Cloud Functions ● See all products (100+) ● AI and Machine Learning ● Speech-to-Text ● Vision AI ● Text-to-Speech ● Cloud Translation ● Cloud Natural Language ● AutoML ● AI Platform ● Video AI ● AI Infrastructure ● Dialogflow ● AutoML Tables ● See all AI and machine learning products ● API Management ● Apigee API Platform ● Analyze APIs ● Monetize APIs ● Apigee Hybrid ● Apigee Sense ● Cloud Endpoints ● Developer Portal ● Apigee Healthcare APIx ● Apigee Open Banking APIx ● Cloud Healthcare API ● AppSheet ● Compute ● Compute Engine ● App Engine ● Cloud GPUs ● Migrate for Compute Engine ● Preemptible VMs ● Shielded VMs ● Sole-Tenant Nodes ● Bare Metal ● Recommender ● VMware Engine ● Cloud Run ● See all compute products ● Containers ● Google Kubernetes Engine ● Container Registry ● Container Security ● Cloud Build ● Deep Learning Containers ● Kubernetes Applications ● Artifact Registry ● Knative ● Cloud Run ● Cloud Code ● Data Analytics ● BigQuery ● Looker ● Dataflow ● Pub/Sub ● Dataproc ● Cloud Data Fusion ● Cloud Composer ● Data Catalog ● Dataprep ● Google Data Studio ● Google Marketing Platform ● Cloud Life Sciences ● Databases ● Cloud Bigtable ● Firestore ● Memorystore ● Cloud Spanner ● Cloud SQL ● Firebase Realtime Database ● Developer Tools ● Cloud SDK ● Container Registry ● Cloud Build ● Cloud Source Repositories ● Cloud Scheduler ● Tekton ● Cloud Tasks ● Cloud Code ● Tools for Visual Studio ● Tools for Eclipse ● Cloud Code for IntelliJ ● See all developer tools ● Healthcare and Life Sciences ● Apigee Healthcare APIx ● Cloud Healthcare API ● Cloud Life Sciences ● Hybrid and Multi-cloud ● Anthos ● Cloud Run for Anthos ● Google Cloud Marketplace for Anthos ● Migrate for Anthos ● Operations ● Cloud Build ● Traffic Director ● Apigee API Management ● Internet of Things ● Cloud IoT Core ● Edge TPU ● Management Tools ● Cloud Shell ● Cloud Console ● Cloud Deployment Manager ● Cloud Mobile App ● Cloud APIs ● Private Catalog ● Cost Management ● Media and Gaming ● Game Servers ● Zync Render ● Anvato ● OpenCue ● Migration ● BigQuery Data Transfer Service ● Cloud Data Transfer ● Cloud Foundation Toolkit ● Transfer Service ● Migrate for Anthos ● Migrate for Compute Engine ● Transfer Appliance ● VM Migration ● Networking ● Cloud Armor ● Cloud CDN ● Cloud DNS ● Cloud Load Balancing ● Cloud NAT ● Hybrid Connectivity ● Network Intelligence Center ● Network Service Tiers ● Network Telemetry ● Traffic Director ● Virtual Private Cloud ● Service Directory ● Operations ● Cloud Logging ● Cloud Monitoring ● Error Reporting ● Kubernetes Engine Monitoring ● Service Monitoring ● Cloud Trace ● Cloud Profiler ● Cloud Debugger ● Transparent Service Level Indicators ● Security and Identity ● Cloud IAM ● Assured Workloads ● Cloud Key Management ● Confidential Computing ● Security Command Center ● Cloud Data Loss Prevention ● Managed Service for Microsoft Active Directory ● Access Transparency ● Titan Security Key ● Secret Manager ● See all security and identity products ● Serverless Computing ● Cloud Run ● Cloud Functions ● App Engine ● Workflows ● Storage ● Cloud Storage ● Filestore ● Persistent Disk ● Cloud Storage for Firebase ● Local SSD ● Archival Storage ● Cloud Data Transfer ● G Suite Essentials ● Do more for less with Google Cloud ● Contact sales ● Google Cloud Platform ● Overview ● Price list ● Calculators ● Free on Google Cloud ● More Cloud Products ● G Suite ● Google Maps Platform ● Cloud Identity ● Apigee ● Firebase ● Zync Render ● Get started with Google Cloud ● Try GCP Free ● Get Started ● Resources to Start on Your Own ● Quickstarts ● GCP Marketplace ● Training ● Certification ● Get Help from an Expert ● Consulting ● Technical Account Management ● Find a Partner ● Become a Partner ● More ways to get started ●

Shielded VMs

Hardened virtual machines on Google Cloud. Try it free Contact sales View documentation for this product. Shielded VMs Overview logo

Overview

Shielded VMs are virtual machines (VMs) on Google Cloud hardened by a set of security controls that help defend against rootkits and bootkits. Using Shielded VMs helps protect enterprise workloads from threats like remote attacks, privilege escalation, and malicious insiders. Shielded VMs leverage advanced platform security capabilities such as secure and measured boot, a virtual trusted platform module (vTPM), UEFI firmware, and integrity monitoring. Quickly protect VMs against advanced threats logo

Quickly protect VMs against advanced threats

In just a few clicks, you can enable Shielded VMs to help protect against threats such as malicious project insiders, malicious guest firmware, and kernel- or user-mode vulnerabilities. Ensure workloads are trusted and verifiable logo

Ensure workloads are trusted and verifiable

Shielded VMs help protect your virtual machines against rootkits and boot- and kernel-level malware with secure and measured boot capabilities. Using a vTPM, Shielded VMs provide a virtual root-of-trust to verify VM identity and ensure they’re part of your specified project and region. Help protect secrets against exfiltration and replay logo

Help protect secrets against exfiltration and replay

Using Shielded VMs, secrets generated or protected by a vTPM are sealed to a VM and only revealed once integrity is verified.

Features

Verifiable integrity with secure and measured boot

Secure boot helps prevent malicious code from being loaded early in the boot sequence. Measured boot ensures the integrity of the bootloader and kernel and boot drivers to guard against malicious modifications to the VM.

vTPM exfiltration resistance

Validate your guest VM pre-boot and boot integrity using vTPM technology, which is compatible with Trusted Computing Group TPM 2.0 specifications and is FIPS 140-2 L1 verified. A vTPM generates and securely stores encryption keys or sensitive data on guest operating systems.

Trusted UEFI firmware

Trusted firmware is based on Unified Extensible Firmware Interface (UEFI) 2.3.1, which replaces legacy BIOS sub-systems and enables UEFI Secure Boot capability.

Tamper-evident attestations

Gain insight into the integrity state of Shielded VMs with tamper-evident attestation claims available in Cloud Logging and Cloud Monitoring. These integrity measurements help identify changes from the "healthy" baseline of your VM and current runtime state.

Live migration and patching

Keep your virtual machine instances running even when a host system event occurs, such as a software or hardware update.

Define IAM policies and permissions

Set policies and permissions that constrain all new Compute Engine instances to use Shielded VM disk images and have vTPM and integrity monitoring options enabled.

Shield existing VM images

Transform your existing VMs into Shielded VMs that run on Google Cloud, bringing verifiable integrity and exfiltration resistance to your existing images.

Technical resources

Try tutorials, launch quickstarts, and explore reviews. Documentation logo

Shielded VMs documentation

View documentation Whitepaper logo

Google Infrastructure Security Design Overview

Read whitepaper Blog logo

Titan chip in-depth

Read blog post

Pricing

There is no separate charge for using Shielded VMs.

Take the next step

Start building on Google Cloud with $300 in free credits and 20+ always free products. Try it free Need help getting started? Contact sales Work with a trusted partner Find a partner Continue browsing See all products ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● ● Sign up for the Google Cloud newsletter

Aug	SEP	Oct
	18
2019	2020	2021

Shielded VMs

Overview

Quickly protect VMs against advanced threats

Ensure workloads are trusted and verifiable

Help protect secrets against exfiltration and replay

Features

Verifiable integrity with secure and measured boot

vTPM exfiltration resistance

Trusted UEFI firmware

Tamper-evident attestations

Live migration and patching

Define IAM policies and permissions

Shield existing VM images

Technical resources

Shielded VMs documentation

Google Infrastructure Security Design Overview

Titan chip in-depth

Pricing

Take the next step

Why Google

Products and pricing

Solutions

Resources

Engage