GCP cloudvpn Mappings

Cloud VPN securely connects your peer network to your Virtual Private Cloud (VPC) network through an IPsec VPN connection. Traffic traveling between the two networks is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects your data as it travels over the internet. You can also connect two instances of Cloud VPN to each other.

Mappings

Capability ID	Capability Description	Category	Value	ATT&CK ID	ATT&CK Name	Notes
cloudvpn	CloudVPN	protect	significant	T1040	Network Sniffing	Comments Cloud VPN enables traffic traveling between the two networks, and it is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects users' data as it travels over the internet. This control may prevent adversaries from sniffing network traffic. References https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview
cloudvpn	CloudVPN	protect	significant	T1557	Adversary-in-the-Middle	Comments Cloud VPN enables traffic traveling between the two networks, and it is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects users' data as it travels over the internet. This control may prevent adversaries from attempting to position themselves between two or more networks and modify traffic. References https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview
cloudvpn	CloudVPN	protect	partial	T1565	Data Manipulation	Comments This control provides protection against data from being manipulated by adversaries through target applications by encrypting important information. References https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview
cloudvpn	CloudVPN	protect	partial	T1565.002	Transmitted Data Manipulation	Comments This control provides protection against data from being manipulated by adversaries through target applications by encrypting important information. Since this control only provides protection against data in transit, it received a partial score. References https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview
cloudvpn	CloudVPN	protect	partial	T1557.002	ARP Cache Poisoning	Comments Cloud VPN enables traffic traveling between the two networks, and it is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects users' data as it travels over the internet. This control may prevent adversaries from attempting to position themselves between two or more networks and modify traffic. References https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview
cloudvpn	CloudVPN	protect	partial	T1133	External Remote Services	Comments This control provides protections against adversaries who try to access and/or persist within a network. Remote services such as VPNs, Citrix, and other access mechanisms allow users to connect to internal enterprise network resources from external locations. References https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview