book

Google Cloud Certified Professional Cloud Network Engineer Guide

Name: Google Cloud Certified Professional Cloud Network Engineer Guide
ISBN: 9781801072694

by Maurizio Ipsale, Mirko Gilioli

January 2022

Intermediate to advanced

406 pages

8h 26m

English

Packt Publishing

Read now

Unlock full access

Google Cloud Certified Professional Cloud Network Engineer Guide
ContributorsAbout the authorsAbout the reviewer
Preface
Who this book is forWhat this book coversTo get the most out of this bookDownload the color imagesConventions usedGet in touchShare Your Thoughts
Section 1: Network Infrastructure
Chapter 1: Google Cloud Platform Infrastructure
Introducing cloud computing and virtualizationWhat is cloud computing?What is virtualization?Introducing GCPGCP's global infrastructure – regions and zonesProjects, billing, and quotasGetting started with GCPGCP resource hierarchyInteracting with GCPUnderstanding virtual machines in the cloudGoogle Compute EngineVPC overviewOverview of Load Balancing, DNS, and CDNExploring containers in the cloudDevOps concepts and microservice architecturesContainerization versus virtualizationContainer orchestration with Google Kubernetes EngineSummaryFurther reading
Chapter 2: Designing, Planning, and Prototyping a GCP Network
Technical requirementsDesigning the overall network architectureFailover and DR strategyOptions for HADNS strategy in a hybrid cloud environmentChoosing an appropriate load-balancing optionOptimizing for latency (for example, maximum transmission unit (MTU) size; caches; content delivery network (CDN))Network security design strategy Designing a VPCCIDR range for subnetsIP addressingRoutesShared VPC versus VPC Network PeeringFirewall rulesDesigning a hybrid networkCloud Interconnect design (for example, Dedicated versus Partner)Peering options (Direct versus Carrier)IPsec VPNCloud RouterFailover and DR strategy (for example, building HA with BGP using Cloud Router)Designing a container IP addressing plan for GKECreating scalable GKE clustersIP address planning in GKE Network security design in GKESummary
Chapter 3: Implementing a GCP Virtual Private Cloud (VPC)
Technical requirementsConfiguring VPC networksConfiguring VPC resources in GCPSSH and ICMP protocolsConfiguring static and dynamic routing with Cloud RouterConfiguring VPC peeringConfiguring Shared VPCConfiguring NAT in Google CloudConfiguring and managing firewall rules
Section 2: Network Services and Security
Chapter 4: Configuring Network Services in GCP
Configuring load balancingHTTP(S) Global Load BalancingInternal load balancingConfiguring Cloud Content Delivery Network (CDN)Summary
Chapter 5: Implementing Hybrid Connectivity in GCP
Technical requirementsConfiguring InterconnectDedicated Interconnect connection optionPartner Interconnect connection optionConfiguring a site-to-site IPsec VPNRoute-based VPNHA VPNDiving into Cloud RouterCloud Router configurationStatic external IP address MED Summary
Chapter 6: Implementing Network Security
Configuring Identity and Access Management (IAM)Configuring Cloud Armor security policiesConfiguring a third-party software device (NGFW) insertion into VPC using multiple NICsConfiguring networking and security for a third-party virtual applianceImplementing third-party virtual appliances (Compute Engine instances) in a shared VPC environmentImplementing routes and firewall rules in a multi-NIC environmentSummary

Section 3: Network Operations, Management, and Monitoring
Chapter 7: Managing and Monitoring Network Operations
Logging and monitoring with GCP operationsVPC Flow LogsFirewall Rules LoggingVPC audit logsPacket MirroringSummary
Chapter 8: Advanced Networking in Google Cloud Platform
Google Cloud Traffic DirectorUnderstanding Istio and the service meshUnderstanding Traffic Director Configuring Traffic DirectorConfiguring the Google Cloud Service DirectoryUnderstanding Service Directory and featuresConfiguring Service Directory and DNSBuilding hub and spoke networks with Network Connectivity CenterUnderstanding Network Connectivity Center in Google Cloud PlatformConfiguring Network Connectivity Center as a transit hubSummary
Chapter 9: Professional Cloud Network Engineer Certification Preparation
Why subscribe?
Other Books You May EnjoyPackt is searching for authors like youShare Your Thoughts

Content preview from Google Cloud Certified Professional Cloud Network Engineer Guide

Chapter 6: Implementing Network Security

In this chapter, you will explore and implement security in your Virtual Private Cloud Network (VPC) in Google Cloud Platform(GCP). The chapter will cover three main parts:

Configuring Identity and Access Management (IAM)
Configuring Cloud Armor
Configuring third-party device insertion (a next-generation firewall) into VPC using multiple Network Interface Cards (NICs).

At the end of the chapter, you will be able to protect your network and services with the appropriate tools that Google Cloud provides.

Configuring Identity and Access Management (IAM)

In this section, we are going to explore how to control access to Google Cloud resources through Identity and Access Management. It is important to recall ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Google Cloud Certified Associate Cloud Engineer All-in-One Exam Guide

Publisher Resources

ISBN: 9781801072694

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Google Cloud Certified Professional Cloud Network Engineer Guide

by Maurizio Ipsale, Mirko Gilioli

Chapter 6: Implementing Network Security

Configuring Identity and Access Management (IAM)

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.