Networking in Google Cloud Platform

Networking in Google Cloud PlatformNGCPGOGoogleGO-NGCP3.0<ul> <li>Configure VPC networks, subnets, and routers.</li><li>Control administrative access to VPC objects.</li><li>Control network access to endpoints in VPCs.</li><li>Interconnect networks among Google Cloud projects.</li><li>Implement network connectivity between Google Cloud projects.</li><li>Implement load balancing.</li><li>Configure traffic management among load balancer backend services.</li><li>Use Cloud CDN to reduce latency.</li><li>Optimize network spend using Network Service Tiers.</li><li>Configure private connection options to provide access to external resources and services from internal networks.</li></ul><ul> <li><span class="cms-link-marked"><a class="fl-href-prod" href="/swisscom/en/course/google-gcf-ci"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Google Cloud Fundamentals: Core Infrastructure <span class="fl-prod-pcode">(GCF-CI)</span></a></span> course (or equivalent experience)</li><li>Prior understanding of the 7 layer OSI model</li><li>Prior understanding of IPv4 addressing</li><li>Prior experience with managing IPv4 routes</li></ul><p>This course is intended for the following participants:</p> <ul> <li>Network engineers and administrators who are using the Google Cloud console or are planning to do so</li><li>Individuals who want to be exposed to software-defined networking solutions in the cloud.</li></ul><h4>Module 1: VPC Networking Fundamentals</h4><p> <strong>Topics:</strong> </p> <ul> <li>VPC networks</li><li>Multiple Network Interfaces</li><li>Network Service Tiers</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Create a Compute Engine VM with multiple network interfaces.</li><li>Use the standard tier to lower cloud networking costs.</li><li>Use the premium tier to provide lower latency and faster access to Google Cloud resources.</li></ul><h4>Module 2: Sharing VPC Networks</h4><p> <strong>Topics:</strong> </p> <ul> <li>Shared VPC</li><li>VPC Network Peering</li><li>Migrating a VM between networks</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Describe the different ways to share VPC networks that are available in Google Cloud.</li><li>Recognize when to use Shared VPC and when to use VPC Network Peering.</li><li>Configure peering between unrelated VPC networks.</li></ul><h4>Module 3: Network Monitoring and Logging</h4><p> <strong>Topics:</strong> </p> <ul> <li>Monitoring</li><li>Logging</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Configure uptime checks, alerting policies, and charts for your network services.</li><li>Monitor Google Cloud network resources.</li><li>Use VPC Flow Logs to log and analyze network traffic behavior.</li></ul><h4>Module 4: Network Routing and Addressing in Google Cloud</h4><p> <strong>Topics:</strong> </p> <ul> <li>VPC Routing</li><li>IPv6</li><li>BYOIP</li><li>Cloud DNS</li></ul><p><strong>Overview:</strong> </p> <ul> <li>Define key routing and addressing concepts relevant to Google Cloud, including IP addresses, subnets, route tables, firewalls, BYOIP, and NATs.</li><li>Describe the configuration and management options for Google Cloud DNS, including private and managed zones.</li><li>Configure and manage route tables to control traffic flow, resolve domain names effectively, and utilize NAT rules for secure access.</li></ul><h4>Module 5: Private Connection Options</h4><p> <strong>Topics:</strong> </p> <ul> <li>Private Connection Options</li><li>Private Google Access</li><li>Private Service Connect</li><li>Private services access</li><li>Cloud NAT</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Define and differentiate various private connection options (e.g., Private Google Access, Private Services Access, Private Service Connect).</li><li>Explore use cases of Private Service Connect, Private Service Access, and Private Google Access.</li><li>Implement Private Google Access with Cloud NAT.</li></ul><h4>Module 6: Introduction to Network Architecture</h4><p> <strong>Topics:</strong> </p> <ul> <li>Cloud network architecture overview</li><li>Key considerations</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Describe the Google Cloud provides components that create a good network architecture, such as Cloud Interconnect, VPC Network Peering, Shared VPC, and Network Tiers.</li><li>Summarize key considerations for network design.</li></ul><h4>Module 7: Network Topologies</h4><p> <strong>Topics:</strong> </p> <ul> <li>Hub and spoke topology</li><li>Other topologies</li><li>Getting topology data</li><li>Best practices</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Explain when to use each network topology based on specific requirements.</li><li>Identify potential bottlenecks or security vulnerabilities in network topologies.</li><li>Implement a meshed topology for a resilient and scalable network architecture.</li></ul><h4>Module 8: Distributed Denial of Service (DDoS) Protection</h4><p> <strong>Topics:</strong> </p> <ul> <li>How DDoS attacks work</li><li>Google Cloud mitigations</li><li>Types of complementary partner products</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Identify the four layers of DDoS Mitigation.</li><li>Identify methods Google Cloud uses to mitigate the risk of DDoS for its customers.</li><li>Use Google Cloud Armor to blocklist an IP address and restrict access to a global external Application Load Balancer.</li></ul><h4>Module 9: Controlling Access to VPC Networks</h4><p> <strong>Topics:</strong> </p> <ul> <li>IAM</li><li>Cloud Firewall</li><li>Cloud IDS</li><li>Secure Web Proxy</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Describe how IAM policies affect VPC network access.</li><li>Identify the benefits of using Cloud Firewall's hierarchical policies at different levels of the cloud infrastructure hierarchy.</li><li>Apply global and regional network firewall policies using Cloud Firewall.</li><li>Explain the role of Cloud IDS in protecting VPC networks from malicious activity.</li><li>Deploy Cloud IDS and configure its settings according to specific security needs.</li><li>Describe the role of Secure Web Proxy in improving network resilience and availability.</li><li>Describe best practices for cloud network security.</li></ul><h4>Module 10: Advanced Security Monitoring and Analysis</h4><p> <strong>Topics:</strong> </p> <ul> <li>Packet Mirroring for network traffic inspection</li><li>Network security best practices</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Define Packet Mirroring and explain its purpose in network monitoring and security.</li><li>Learn network security best practices.</li></ul><h4>Module 11: Hybrid Load Balancing and Traffic Management</h4><p> <strong>Topics:</strong> </p> <ul> <li>Hybrid load balancing</li><li>Traffic management</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Describe the benefits of hybrid load balancing.</li><li>Configure traffic management in a load balance.</li></ul><h4>Module 12: Caching and Optimizing Load Balancing</h4><p> <strong>Topics:</strong> </p> <ul> <li>Internal network load balancers as next hops</li><li>Cloud CDN</li><li>Cloud Armor</li><li>Load balancer optimization strategies</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Describe how to configure an internal network load balancer as a next hop.</li><li>Use Cloud CDN configuration to optimize content delivery performance.</li><li>Create a Google Cloud Armor edge security policy to protect content.</li></ul><h4>Module 13: Connectivity options</h4><p> <strong>Topics:</strong> </p> <ul> <li>Google Cloud connectivity options</li><li>Dedicated Interconnect</li><li>Partner Interconnect</li><li>Cross-Cloud Interconnect</li></ul><p><strong>Objectives:</strong> </p> <ul> <li>Describe the various connectivity options offered by Google Cloud for hybrid and multi-cloud environments, including Network Connectivity Center, Cloud VPN, Cloud Interconnect, and Cloud CDN.</li><li>Define and differentiate between the various Cloud Interconnect options available in Google Cloud, including Dedicated Interconnect, Partner Interconnect, and Cross-Cloud Interconnect.</li></ul><h4>Module 14: Cloud VPN</h4><p> <strong>Topics:</strong> </p> <ul> <li>Use case for Cloud VPN</li><li>HA VPN topologies</li><li>HA VPN over Cloud Interconnect</li><li>Influence best path selection</li></ul><h4>Objectives:</h4><ul> <li>Implement high availability VPN (HA VPN) for redundancy and failover.</li><li>Identify the benefits and use cases for Cloud HA VPN.</li></ul>- Configure VPC networks, subnets, and routers. - Control administrative access to VPC objects. - Control network access to endpoints in VPCs. - Interconnect networks among Google Cloud projects. - Implement network connectivity between Google Cloud projects. - Implement load balancing. - Configure traffic management among load balancer backend services. - Use Cloud CDN to reduce latency. - Optimize network spend using Network Service Tiers. - Configure private connection options to provide access to external resources and services from internal networks.- Google Cloud Fundamentals: Core Infrastructure (GCF-CI) course (or equivalent experience) - Prior understanding of the 7 layer OSI model - Prior understanding of IPv4 addressing - Prior experience with managing IPv4 routesThis course is intended for the following participants: - Network engineers and administrators who are using the Google Cloud console or are planning to do so - Individuals who want to be exposed to software-defined networking solutions in the cloud.Module 1: VPC Networking Fundamentals Topics: - VPC networks - Multiple Network Interfaces - Network Service Tiers Objectives: - Create a Compute Engine VM with multiple network interfaces. - Use the standard tier to lower cloud networking costs. - Use the premium tier to provide lower latency and faster access to Google Cloud resources. Module 2: Sharing VPC Networks Topics: - Shared VPC - VPC Network Peering - Migrating a VM between networks Objectives: - Describe the different ways to share VPC networks that are available in Google Cloud. - Recognize when to use Shared VPC and when to use VPC Network Peering. - Configure peering between unrelated VPC networks. Module 3: Network Monitoring and Logging Topics: - Monitoring - Logging Objectives: - Configure uptime checks, alerting policies, and charts for your network services. - Monitor Google Cloud network resources. - Use VPC Flow Logs to log and analyze network traffic behavior. Module 4: Network Routing and Addressing in Google Cloud Topics: - VPC Routing - IPv6 - BYOIP - Cloud DNS Overview: - Define key routing and addressing concepts relevant to Google Cloud, including IP addresses, subnets, route tables, firewalls, BYOIP, and NATs. - Describe the configuration and management options for Google Cloud DNS, including private and managed zones. - Configure and manage route tables to control traffic flow, resolve domain names effectively, and utilize NAT rules for secure access. Module 5: Private Connection Options Topics: - Private Connection Options - Private Google Access - Private Service Connect - Private services access - Cloud NAT Objectives: - Define and differentiate various private connection options (e.g., Private Google Access, Private Services Access, Private Service Connect). - Explore use cases of Private Service Connect, Private Service Access, and Private Google Access. - Implement Private Google Access with Cloud NAT. Module 6: Introduction to Network Architecture Topics: - Cloud network architecture overview - Key considerations Objectives: - Describe the Google Cloud provides components that create a good network architecture, such as Cloud Interconnect, VPC Network Peering, Shared VPC, and Network Tiers. - Summarize key considerations for network design. Module 7: Network Topologies Topics: - Hub and spoke topology - Other topologies - Getting topology data - Best practices Objectives: - Explain when to use each network topology based on specific requirements. - Identify potential bottlenecks or security vulnerabilities in network topologies. - Implement a meshed topology for a resilient and scalable network architecture. Module 8: Distributed Denial of Service (DDoS) Protection Topics: - How DDoS attacks work - Google Cloud mitigations - Types of complementary partner products Objectives: - Identify the four layers of DDoS Mitigation. - Identify methods Google Cloud uses to mitigate the risk of DDoS for its customers. - Use Google Cloud Armor to blocklist an IP address and restrict access to a global external Application Load Balancer. Module 9: Controlling Access to VPC Networks Topics: - IAM - Cloud Firewall - Cloud IDS - Secure Web Proxy Objectives: - Describe how IAM policies affect VPC network access. - Identify the benefits of using Cloud Firewall's hierarchical policies at different levels of the cloud infrastructure hierarchy. - Apply global and regional network firewall policies using Cloud Firewall. - Explain the role of Cloud IDS in protecting VPC networks from malicious activity. - Deploy Cloud IDS and configure its settings according to specific security needs. - Describe the role of Secure Web Proxy in improving network resilience and availability. - Describe best practices for cloud network security. Module 10: Advanced Security Monitoring and Analysis Topics: - Packet Mirroring for network traffic inspection - Network security best practices Objectives: - Define Packet Mirroring and explain its purpose in network monitoring and security. - Learn network security best practices. Module 11: Hybrid Load Balancing and Traffic Management Topics: - Hybrid load balancing - Traffic management Objectives: - Describe the benefits of hybrid load balancing. - Configure traffic management in a load balance. Module 12: Caching and Optimizing Load Balancing Topics: - Internal network load balancers as next hops - Cloud CDN - Cloud Armor - Load balancer optimization strategies Objectives: - Describe how to configure an internal network load balancer as a next hop. - Use Cloud CDN configuration to optimize content delivery performance. - Create a Google Cloud Armor edge security policy to protect content. Module 13: Connectivity options Topics: - Google Cloud connectivity options - Dedicated Interconnect - Partner Interconnect - Cross-Cloud Interconnect Objectives: - Describe the various connectivity options offered by Google Cloud for hybrid and multi-cloud environments, including Network Connectivity Center, Cloud VPN, Cloud Interconnect, and Cloud CDN. - Define and differentiate between the various Cloud Interconnect options available in Google Cloud, including Dedicated Interconnect, Partner Interconnect, and Cross-Cloud Interconnect. Module 14: Cloud VPN Topics: - Use case for Cloud VPN - HA VPN topologies - HA VPN over Cloud Interconnect - Influence best path selection Objectives: - Implement high availability VPN (HA VPN) for redundancy and failover. - Identify the benefits and use cases for Cloud HA VPN.3 days695.001690.001495.004510.001495.001495.001950.001995.001950.001950.001950.001950.005200.001980.002755.002450.00