Networking in Google Cloud

VPC Networking Fundamentals

• Create a Compute Engine VM with multiple network interfaces.
• Use the standard tier to lower cloud networking costs.
• Use the premium tier to provide lower latency and faster access to Google Cloud resources.

Sharing VPC Networks

• Describe the different ways to share VPC networks that are available in Google Cloud.
• Recognize when to use Shared VPC and when to use VPC Network Peering.
• Configure peering between unrelated VPC networks.

Network Monitoring and Logging

• Configure uptime checks, alering policies, and chars for your network services.
• Monitor Google Cloud network resources.
• Use VPC Flow Logs to log and analyze network traffic behavior.

Network Routing and Addressing in Google Cloud

• Define key routing and addressing concepts relevant to Google Cloud, including IP addresses, subnets, route tables, firewalls, BYOIP, and NATs.
• Describe the configuration and management options for Google Cloud DNS, including private and managed zones.
• Configure and manage route tables to control traffic ?ow, resolve domain names effectively, and utilize NAT rules for secure access.

Private Connection Options

• Define and differentiate various private connection options (e.g., Private Google Access, Private Services Access, Private Service Connect).
• Explore use cases of Private Service Connect, Private Service Access, and Private Google Access.
• Implement Private Google Access with Cloud NAT.

Introduction to Network Architecture.

• Describe the Google Cloud provides components that create a good network architecture, such as Cloud Interconnect, VPC Network Peering, Shared VPC, and Network Tiers.
• Summarize key considerations for network design.

Network Topologies

• Explain when to use each network topology based on specific requirements.
• Identify potential bottlenecks or security vulnerabilities in network topologies.
• Implement a meshed topology for a resilient and scalable network architecture.

Distributed Denial of Service (DDoS) Protection

• Identify the four layers of DDoS Mitigation.
• Identify methods Google Cloud uses to mitigate the risk of DDoS for its customers.
• Use Google Cloud Armor to blocklist an IP address and restrict access to a global external Application Load Balancer.

Controlling Access to VPC Networks

• Describe how IAM policies affect VPC network access.
• Identify the benefits of using Cloud Firewall's hierarchical policies at different levels of the cloud infrastructure hierarchy.
• Apply global and regional network firewall policies using Cloud Firewall.
• Explain the role of Cloud IDS in protecting VPC networks from malicious activity.
• Deploy Cloud IDS and configure its settings according to specific security needs.
• Describe the role of Secure Web Proxy in improving network resilience and availability.
• Describe best practices for cloud network security.

Advanced Security Monitoring and Analysis

• Define Packet Mirroring and explain its purpose in network monitoring and security.
• Learn network security best practices.

Hybrid Load Balancing and Traffic Management

• Describe the benefits of hybrid load balancing.
• Configure traffic management in a load balance

Caching and Optimizing Load Balancing

• Describe how to configure an internal network load balancer as a next hop.
• Use Cloud CDN configuration to optimize content delivery performance.
• Create a Google Cloud Armor edge security policy to protect content.

Connectivity Options

• Describe the various connectivity options offered by Google Cloud for hybrid and multi-cloud environments, including Network Connectivity Center, Cloud VPN, Cloud Interconnect, and Cloud CDN.
• Define and differentiate between the various Cloud Interconnect options available in Google Cloud, including Dedicated Interconnect, Parner Interconnect, and Cross-Cloud Interconnect.

Cloud VPN

• Implement high availability VPN (HA VPN) for redundancy and failover.
• Identify the benefits and use cases for Cloud HA VPN.