What is Google Cloud (GCP)?

Google Cloud Platform (GCP) is a cloud service provider (CSP) that offers Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-ervice (SaaS).

GCP is part of Google Cloud, which includes the GCP public cloud infrastructure and Google Workspace, a collection of cloud computing, productivity and collaboration tools, software, and products developed and marketed by Google (including Google Search, Gmail, Google Drive, and YouTube).

Why use GCP

GCP aims to accelerate business transformations by helping developers build apps faster, helping companies make smarter decisions, and helping people connect to each other from any location in the world.

GCP is committed to open source, multi-cloud, and hybrid cloud. It is also attractive to cost-conscious companies with billing-by-the-second capabilities, and to developers with innovations of big data technology (such as MapReduce, Bigtable, and Dremel), advanced machine learning, and its serverless offerings.

How does the Google Cloud work

Google Cloud offers its software and hardware contained in Google’s data centers through services around the world.

These services provide access to the underlying resources. Some resources can be accessed by any other resource, across regions and zones. These global resources include pre-configured disk images, disk snapshots, and networks. Some resources can be accessed only by resources that are located in the same region.

Resources belong to a project. A project is made up of the settings, permissions, and other metadata that describe applications.

There are three basic ways to interact with the services and resources:

Console

Google Cloud offers a web-based graphical user interface that you can use to manage your Google Cloud projects and resources.

Command Line Interface

The CLI lets you manage development workflow and Google Cloud resources in a terminal window.

API

Google Cloud provides client libraries optimized for supported languages that enable you to easily create and manage resources.

GCP and Aviatrix use cases

Aviatrix cloud networking solutions empower CloudOps and cloud infrastructure engineers to self-sufficiently manage cloud network infrastructure and network security. The product is fully integrated with Google Cloud networking to enable CloudOps engineers to easily build and scale their hybrid or all-in-cloud environments on Google Cloud.

The following figure illustrates a typical cloud network architecture in which Aviatrix Controller and Aviatrix gateways are deployed in Google Cloud networks that belong to the end customer or enterprise. The controller deploys the Aviatrix gateways that enable the services, which are described in the following sections.

Cross-network encrypted peering enables enterprises to build full-mesh, partial-mesh, or hub-and-spoke connectivity between their virtual private cloud networks. A typical enterprise footprint in Google Cloud has multiple projects owned by different business groups. A Google Cloud project can span the globe across all Google Cloud regions.

Aviatrix Cloud Networking Solution for Google Cloud provides point-and-click peering between Google Cloud projects (cross-project peering) without any manual configuration of routing and other network level changes that are difficult to perform and maintain. This solution, based on the Aviatrix central controller, simplifies cross-project peering.

Deploying a third-party firewall on a public cloud is a challenging task. Not only do customers have to go over hundreds of user guide pages, but bringing the firewall instance to live will require numerous manual steps. Further, each firewall vendor requires some unique configuration steps, which exacerbates the situation. Aviatrix offers a turnkey solution called FireNet, which significantly simplifies the deployment and allows the firewall instances to inspect east-west traffic, egress traffic, and north-south traffic.

Branch office or site-to-cloud peering enables enterprise sites or branch offices to connect to Google Cloud via IPsec connections over the internet. Aviatrix Gateway is a highly scalable multi-function network services gateway that can support hundreds of IPsec connections from enterprise sites or branch offices. Aviatrix gateways also support source and destination NAT functions to overcome overlapping IP problems and other complex IP scenarios between Google Cloud and your sites.

Google Cloud provides dedicated connectivity to their environment through Google Cloud Interconnect. Cloud Interconnect allows you to connect to Google using enterprise-grade connections with higher availability and/or lower latency than existing internet connections. Connections are offered by Cloud Interconnect service provider partners, and might offer higher service-level agreement than standard internet connections. Google Cloud also supports direct connections to its network through direct peering. If you cannot meet Google Cloud at its peering locations, or do not meet peering requirements, you may benefit from Cloud Interconnect.

Compared to connections over the internet, Cloud Interconnect is reliable and offers fast speeds, lower latency, and increased security. Cloud Interconnect provides a private high bandwidth, low-latency link between your on-premises network and Google Cloud without going through the internet. But packets between on-premises edge and Google Cloud travel through exchange points, and third-party provider networks are not encrypted.

Aviatrix provides a powerful solution to enable high-performance encryption on top of an established Cloud Interconnect link to a customer site.

ThreatIQ with ThreatGuard inserts security across Aviatrix multi-cloud data planes and allows every network node to ensure security inspection and enforcement. Distributed threat visibility and control built natively within the network data plane identifies traffic to malicious destinations and securely allows policy-based automated remediation. Network Behavior Analytics are customized for every environment, including fingerprinting workload and traffic characteristics to form a baseline. It also supports improvements over time and complements signature-based threat defenses.

Day 2 operations in the public cloud is never an easy task, and when the environment expands to multiple regions and clouds, it will be even more challenging. Enterprises have to rely on CSPs to provide visibility for troubleshooting or even application deployments.

Aviatrix CoPilot takes cloud visibility to the next level with AppIQ. It collects the performance-related data in real time across entire cloud deployments such as latency between any given cloud endpoints, security group, routing tables, instance performance data (e.g. CPU/memory usage), etc.