Google Cloud Certified Professional Cloud Network Engineer Guide

Book description

Gain practical skills to design, deploy, and manage networks on Google Cloud and prepare to gain Professional Cloud Network Engineer certification

Key Features

  • Gain hands-on experience in implementing VPCs, hybrid connectivity, network services, and security
  • Establish a secure network architecture by learning security best practices
  • Leverage this comprehensive guide to gain Professional Cloud Network Engineer certification

Book Description

Google Cloud, the public cloud platform from Google, has a variety of networking options, which are instrumental in managing a networking architecture. This book will give you hands-on experience of implementing and securing networks in Google Cloud Platform (GCP).

You will understand the basics of Google Cloud infrastructure and learn to design, plan, and prototype a network on GCP. After implementing a Virtual Private Cloud (VPC), you will configure network services and implement hybrid connectivity. Later, the book focuses on security, which forms an important aspect of a network. You will also get to grips with network security and learn to manage and monitor network operations in GCP. Finally, you will learn to optimize network resources and delve into advanced networking. The book also helps you to reinforce your knowledge with the help of mock tests featuring exam-like questions.

By the end of this book, you will have gained a complete understanding of networking in Google Cloud and learned everything you need to pass the certification exam.

What you will learn

  • Understand the fundamentals of Google Cloud architecture
  • Implement and manage network architectures in Google Cloud Platform
  • Get up to speed with VPCs and configure VPC networks, subnets, and routers
  • Understand the command line interface and GCP console for networking
  • Get to grips with logging and monitoring to troubleshoot network and security
  • Use the knowledge you gain to implement advanced networks on GCP

Who this book is for

This Google Cloud certification book is for cloud network engineers, cloud architects, cloud engineers, administrators, and anyone who is looking to design, implement, and manage network architectures in Google Cloud Platform. You can use this book as a guide for passing the Professional Cloud Network Engineer certification exam. You need to have at least a year of experience in Google Cloud, basic enterprise-level network design experience, and a fundamental understanding of Cloud Shell to get started with this book.

Table of contents

  1. Google Cloud Certified Professional Cloud Network Engineer Guide
  2. Contributors
  3. About the authors
  4. About the reviewer
  5. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the color images
    5. Conventions used
    6. Get in touch
    7. Share Your Thoughts
  6. Section 1: Network Infrastructure
  7. Chapter 1: Google Cloud Platform Infrastructure
    1. Introducing cloud computing and virtualization
      1. What is cloud computing?
      2. What is virtualization?
    2. Introducing GCP
      1. GCP's global infrastructure – regions and zones
      2. Projects, billing, and quotas
    3. Getting started with GCP
      1. GCP resource hierarchy
      2. Interacting with GCP
    4. Understanding virtual machines in the cloud
      1. Google Compute Engine
      2. VPC overview
      3. Overview of Load Balancing, DNS, and CDN
    5. Exploring containers in the cloud
      1. DevOps concepts and microservice architectures
      2. Containerization versus virtualization
      3. Container orchestration with Google Kubernetes Engine
    6. Summary
    7. Further reading
  8. Chapter 2: Designing, Planning, and Prototyping a GCP Network
    1. Technical requirements
    2. Designing the overall network architecture
      1. Failover and DR strategy
      2. Options for HA
      3. DNS strategy in a hybrid cloud environment
      4. Choosing an appropriate load-balancing option
      5. Optimizing for latency (for example, maximum transmission unit (MTU) size; caches; content delivery network (CDN))
      6. Network security design strategy
    3. Designing a VPC
      1. CIDR range for subnets
      2. IP addressing
      3. Routes
      4. Shared VPC versus VPC Network Peering
      5. Firewall rules
    4. Designing a hybrid network
      1. Cloud Interconnect design (for example, Dedicated versus Partner)
      2. Peering options (Direct versus Carrier)
      3. IPsec VPN
      4. Cloud Router
      5. Failover and DR strategy (for example, building HA with BGP using Cloud Router)
    5. Designing a container IP addressing plan for GKE
      1. Creating scalable GKE clusters
      2. IP address planning in GKE
      3. Network security design in GKE
    6. Summary
  9. Chapter 3: Implementing a GCP Virtual Private Cloud (VPC)
    1. Technical requirements
    2. Configuring VPC networks
      1. Configuring VPC resources in GCP
      2. SSH and ICMP protocols
      3. Configuring static and dynamic routing with Cloud Router
      4. Configuring VPC peering
      5. Configuring Shared VPC
      6. Configuring NAT in Google Cloud
    3. Configuring and managing firewall rules
  10. Section 2: Network Services and Security
  11. Chapter 4: Configuring Network Services in GCP
    1. Configuring load balancing
      1. HTTP(S) Global Load Balancing
      2. Internal load balancing
    2. Configuring Cloud Content Delivery Network (CDN)
    3. Summary
  12. Chapter 5: Implementing Hybrid Connectivity in GCP
    1. Technical requirements
    2. Configuring Interconnect
      1. Dedicated Interconnect connection option
      2. Partner Interconnect connection option
    3. Configuring a site-to-site IPsec VPN
      1. Route-based VPN
      2. HA VPN
    4. Diving into Cloud Router
      1. Cloud Router configuration
      2. Static external IP address
      3. MED
    5. Summary
  13. Chapter 6: Implementing Network Security
    1. Configuring Identity and Access Management (IAM)
    2. Configuring Cloud Armor security policies
    3. Configuring a third-party software device (NGFW) insertion into VPC using multiple NICs
      1. Configuring networking and security for a third-party virtual appliance
      2. Implementing third-party virtual appliances (Compute Engine instances) in a shared VPC environment
      3. Implementing routes and firewall rules in a multi-NIC environment
    4. Summary
  14. Section 3: Network Operations, Management, and Monitoring
  15. Chapter 7: Managing and Monitoring Network Operations
    1. Logging and monitoring with GCP operations
      1. VPC Flow Logs
      2. Firewall Rules Logging
      3. VPC audit logs
      4. Packet Mirroring
      5. Summary
  16. Chapter 8: Advanced Networking in Google Cloud Platform
    1. Google Cloud Traffic Director
    2. Understanding Istio and the service mesh
      1. Understanding Traffic Director
      2. Configuring Traffic Director
    3. Configuring the Google Cloud Service Directory
    4. Understanding Service Directory and features
    5. Configuring Service Directory and DNS
    6. Building hub and spoke networks with Network Connectivity Center
      1. Understanding Network Connectivity Center in Google Cloud Platform
      2. Configuring Network Connectivity Center as a transit hub
    7. Summary
  17. Chapter 9: Professional Cloud Network Engineer Certification Preparation
    1. Why subscribe?
  18. Other Books You May Enjoy
    1. Packt is searching for authors like you
    2. Share Your Thoughts

Product information

  • Title: Google Cloud Certified Professional Cloud Network Engineer Guide
  • Author(s): Maurizio Ipsale, Mirko Gilioli
  • Release date: January 2022
  • Publisher(s): Packt Publishing
  • ISBN: 9781801072694