+38 (044) 277-23-23Business center «Panorama Na Pechersʹku», 2 floor, office 4-5 Yevhena Konovaltsia St, 44-b, Kyiv, Ukraine

Võru tn 165, RopkaTartu, Estonia

Bulevardul Corneliu Coposu 6-8 București, Romania

We use cookies for our website. By continuing to browse the site, you agree to our use of cookies.

Read more
I agree
Home Services Cloud solutions Google Cloud Google Cloud Networking

Google Cloud Networking

Get a consultation

Google Cloud Networking

Try Google Cloud
Get up to $800 for testing in a real project.

How is the Google Cloud physical network organized?
Google Cloud is divided into regions, which are further divided into zones.

A region is a geographic area where the Latency Time (RTT) from one virtual machine to another is typically less than 1ms.
A zone is a deployment area within a region that has its own fully isolated and independent failover area.

This means that virtual machines in different zones or in different regions are independent of each other and will not react in the same way in the event of a single failure.
Currently, Google has more than 27 regions and more than 82 zones in more than 200 countries. This includes 146 points of presence and CDN. This is the same network that also supports Google Search, Maps, Gmail and YouTube.

+38 (044) 277-23-23

Отримати консультацію

Google network infrastructure

Google’s network infrastructure consists of three main types of networks:

  • A network of data centers that connects all the machines on the network together.
  • A software private WAN connects all data centers together
  • A software-defined public global network for user traffic entering the Google network

Hundreds of thousands of miles of fiber optic cable, including more than a dozen undersea cables, are laid between the data center and the global Internet networks. A virtual machine connects from the Internet through a public WAN and connects to other machines on the network through a private WAN. For example, when you send a packet from your cloud-based virtual machine in one region to a GCS bucket in another region, the packet does not leave the Google network backbone.

Cloud network services

Google’s physical network infrastructure provides the global virtual network you need to run your applications in the cloud. It provides the virtual networks and tools you need to lift-and-shift, expand and/or modernize your applications:

Connection

The first thing you need to do is prepare a virtual network, connect to it from other clouds or locally, and isolate your resources so that other projects and resources cannot inadvertently access the network.

Hybrid connection: This connection can be suitable if you need to connect your on-premises environment to Google Cloud so that resources and services can be easily connected between the two environments. You can use Cloud Interconnect for a dedicated connection or Cloud VPN for a secure IPSec tunnel connection. Both work, but the choice will depend on what bandwidth is required; for higher bandwidth and more data, a dedicated connection is recommended. Cloud Router will help you enable dynamic routes between your on-premises environment and Google Cloud VPC.

Virtual Private Cloud (VPC): All resources in VPC, but Prod and Dev environments must be separate. This requires the use of a shared VPC, which allows them to connect resources from multiple projects to a common virtual private cloud (VPC) network so that they can securely and efficiently communicate with each other using internal IP addresses from that network.

Cloud DNS: Cloud DNS is used for:

  • Public and private DNS zones
  • Public/private IP addresses within the VPC and across the Internet
  • DNS peering
  • Forwarding
  • Split horizons
  • DNSSEC for DNS security

Scale

Scaling includes not only the rapid scaling of applications, but also the ability to distribute the load in real time between resources in one or more regions, as well as accelerate the delivery of content for optimization of last-mile performance.

  • Cloud Load Balancing: Quickly scale applications on Compute Engine. Distribute compute resources with load balancing across one or more regions to meet high availability requirements. Cloud Load Balancing can host resources on a single anycast IP address, scale up or down with intelligent auto-scaling, and integrate with Cloud CDN.
  • Cloud CDN: Fast content delivery for websites and apps served from Compute Engine using Google’s globally distributed edge caches. A cloud CDN reduces network latency, offloads outbound traffic, and lowers maintenance costs. After you configure HTTP(S) load balancing, you can enable Cloud CDN with a single checkbox.

Security

Network security tools to protect against infrastructure DDoS attacks, reduce data exfiltration risks when connecting to Google Cloud services, and broadcast network addresses to provide controlled Internet access for resources without public IP addresses.

  • Firewall Rules: Allows you to allow or deny connections to or from virtual machine (VM) instances based on the configuration you specify. Each VPC network functions as a distributed firewall. Although firewall rules are defined at the network level, connections are allowed or denied on a per-instance basis.
  • Cloud Armor: Works in conjunction with an HTTP(S) load balancer to provide built-in protection against infrastructure DDoS attacks. Access control based on IP and geographic location, support for hybrid and multi-cloud deployments, pre-configured WAF rules and named IP lists
  • Packet Mirroring: Packet mirroring is useful when you need to monitor and analyze security status. VPC Packet Mirroring clones the traffic of specific instances in your virtual private cloud (VPC) network and forwards it for inspection. The service captures all traffic (inbound and outbound) and packet data, including payloads and headers.
  • Cloud NAT: Allows certain resources without external IP addresses to make outgoing connections to the Internet.
  • Cloud IAP: Helps work from untrusted networks without using a VPN. Validates the user’s identity and uses the context to determine whether the user should be granted access.

Optimization

It’s important to keep a close eye on your network performance to ensure that your infrastructure meets your performance needs. This includes visualizing and monitoring network topology, running diagnostic tests, and evaluating real-time performance metrics.

  • Network Service TiersThe Premium Tier delivers traffic from external systems to Google Cloud resources using Google’s highly reliable, low-latency global network, while the Standard Tier is designed to route traffic over the Internet.
  • Network Intelligence Center – Provides a single console for Google Cloud network surveillance, monitoring, and troubleshooting

Wix uses Google Cloud Networking

“The global presence of Cloud Load Balancing helps Wix to achieve best performance around the globe. With Google Cloud CDN, we are able to serve tens of millions of requests per day seamlessly, while ensuring that our customers get a consistently great web experience worldwide.”

— Eugene Olshenbaum, VP Technology, Wix

Our advantages

Large and complex IT capacities

More than 20 years of IT experience

Proven depth of expertise

Partners with over 30 IT vendors worldwide

2000+ projects carried out

Дізнайтеся, як наші фахівці можуть допомогти вам
в створенні і підтримці IT-Інфраструктури компанії

Замовити дзвінок!
Консультація фахівця!