Overview
This training course builds on the networking concepts covered in the Networking Fundamentals in Google Cloud course. Through presentations, demonstrations, and labs, participants explore and deploy Google Cloud networking technologies. These technologies include: Virtual Private Cloud (VPC) networks, subnets, and firewalls; Interconnection among networks; Load balancing ;Cloud DNS; Cloud CDN; Cloud NAT. The course will also cover common network design patterns.
Products
- VPC networks
- Load balancers
- Cloud CDN
- Cloud DNS
- Cloud NAT
Prerequisites
Having completed the Google Cloud Fundamentals: Core Infrastructure course or having equivalent experience.
-
Prior understanding of the 7 layer OSI model.
-
Prior understanding of IPv4 addressing.
-
Prior experience with managing IPv4 routes
Who this course is for
- Network engineers and administrators who use the Google Cloud console or are planning to do so.
- Individuals who want to be exposed to software-defined networking solutions in the cloud.
Learning Outcomes
-
Configure VPC networks, subnets, and routers.
-
Control administrative access to VPC objects.
-
Control network access to endpoints in VPCs.
-
Interconnect networks among Google Cloud projects.
-
Implement network connectivity between Google Cloud projects.
-
Implement load balancing.
-
Configure traffic management among load balancer backend services.
-
Use Cloud CDN to reduce latency.
-
Optimize network spend using Network Service Tiers.
-
Configure private connection options to provide access to external resources and services from internal networks.
Course Outline
Module 01: VPC Networking Fundamentals
Topics
-
VPC networks
-
Multiple Network Interfaces
-
Network Service Tiers
Objectives
-
Create a Compute Engine VM with multiple network interfaces.
-
Use the standard tier to lower cloud networking costs.
-
Use the premium tier for lower latency and faster access to Google Cloud resources.
Activities
-
1 lab
-
1 quiz
Module 02: Sharing VPC Networks
Topics
-
Shared VPC
-
VPC Network Peering
-
Migrating a VM between networks
Objectives
-
Describe the different ways to share VPC networks in Google Cloud.
-
Recognize when to use Shared VPC versus VPC Network Peering.
-
Configure peering between unrelated VPC networks.
Activities
-
1 lab
-
1 quiz
Module 03: Network Monitoring and Logging
Topics
-
Monitoring
-
Logging
Objectives
-
Configure uptime checks, alerting policies, and charts for network services.
-
Monitor Google Cloud network resources.
-
Use VPC Flow Logs to log and analyze network traffic behavior.
Activities
-
2 labs
-
1 quiz
Module 04: Network Routing and Addressing in Google Cloud
Topics
-
VPC Routing
-
IPv6
-
BYOIP
-
Cloud DNS
Objectives
-
Define key routing and addressing concepts relevant to Google Cloud.
-
Describe the configuration and management options for Google Cloud DNS.
-
Configure and manage route tables, resolve domain names, and utilize NAT rules.
Activities
-
1 lab
-
1 quiz
Module 05: Private Connection Options
Topics
-
Private Google Access
-
Private Services Access
-
Private Service Connect
-
Cloud NAT
Objectives
-
Define and differentiate various private connection options.
-
Explore use cases of Private Service Connect, Private Service Access, and Private Google Access.
-
Implement Private Google Access with Cloud NAT.
Activities
-
1 lab
-
1 quiz
Module 06: Introduction to Network Architecture
Topics
- Cloud network architecture overview
- Key considerations
Objectives
- Describe Google Cloud components for good network architecture.
- Summarize key considerations for network design.
Activities
- 1 quiz
Module 07: Network Topologies
Topics
- Hub and spoke topology
- Other topologies
- Getting topology data
- Best practices
Objectives
- Explain when to use each network topology.
- Identify bottlenecks or security vulnerabilities in network topologies.
- Implement a meshed topology for resilience and scalability.
Activities
- 1 lab
- 1 quiz
Module 08: Distributed Denial of Service (DDoS) Protection
Topics
- How DDoS attacks work
- Google Cloud mitigations
- Types of complementary partner products
Objectives
- Identify the four layers of DDoS Mitigation.
- Understand methods Google Cloud uses to mitigate DDoS risks.
- Use Google Cloud Armor to blocklist an IP address and restrict access to a global external Application Load Balancer.
Activities
- 1 lab
- 1 quiz
Module 09: Controlling Access to VPC Networks
Topics
- IAM
- Cloud Firewall
- Cloud IDS
- Secure Web Proxy
Objectives
- Describe how IAM policies affect VPC network access.
- Identify the benefits of using Cloud Firewall's hierarchical policies.
- Apply global and regional network firewall policies using Cloud Firewall.
- Explain the role of Cloud IDS in VPC network protection.
- Deploy Cloud IDS and configure settings for security.
- Describe the role of Secure Web Proxy in improving network resilience and availability.
- Discuss best practices for cloud network security.
Activities
- 2 labs
- 1 quiz
Module 10: Advanced Security Monitoring and Analysis
Topics
- Packet Mirroring for network traffic inspection
- Network security best practices
Objectives
- Define Packet Mirroring and its purpose in network security.
- Learn network security best practices.
Activities
- 1 lab
- 1 quiz
Module 11: Hybrid Load Balancing and Traffic Management
Topics
- Hybrid load balancing
- Traffic management
Objectives
Describe the benefits of hybrid load balancing.
Configure traffic management in load balancing.
Activities
- 1 lab
- 1 quiz
Module 12: Caching and Optimizing Load Balancing
Topics
- Internal network load balancers as next hops
- Cloud CDN
- Cloud Armor
- Load balancer optimization strategies
Objectives
Configure an internal network load balancer as a next hop.
- Use Cloud CDN configuration to optimize content delivery.
- Create a Google Cloud Armor edge security policy to protect content.
Activities
- 1 lab
- 1 quiz
Module 13: Connectivity Options
Topics
- Google Cloud connectivity options
- Dedicated Interconnect
- Partner Interconnect
- Cross-Cloud Interconnect
Objectives
- Describe the connectivity options for hybrid and multi-cloud environments.
- Define and differentiate between various Cloud Interconnect options.
Activities
- 1 quiz
Module 14: Cloud VPN
Topics
- Use case for Cloud VPN
- HA VPN topologies
- HA VPN over Cloud Interconnect
- Influence best path selection
Objectives
- Implement high availability VPN (HA VPN) for redundancy and failover.
- Identify benefits and use cases for Cloud HA VPN.
Activities
- 1 lab
- 1 quiz
Frequently asked questions
How can I create an account on myQA.com?
There are a number of ways to create an account. If you are a self-funder, simply select the "Create account" option on the login page.
If you have been booked onto a course by your company, you will receive a confirmation email. From this email, select "Sign into myQA" and you will be taken to the "Create account" page. Complete all of the details and select "Create account".
If you have the booking number you can also go here and select the "I have a booking number" option. Enter the booking reference and your surname. If the details match, you will be taken to the "Create account" page from where you can enter your details and confirm your account.
Find more answers to frequently asked questions in our FAQs: Bookings & Cancellations page.
How do QA’s virtual classroom courses work?
Our virtual classroom courses allow you to access award-winning classroom training, without leaving your home or office. Our learning professionals are specially trained on how to interact with remote attendees and our remote labs ensure all participants can take part in hands-on exercises wherever they are.
We use the WebEx video conferencing platform by Cisco. Before you book, check that you meet the WebEx system requirements and run a test meeting (more details in the link below) to ensure the software is compatible with your firewall settings. If it doesn’t work, try adjusting your settings or contact your IT department about permitting the website.
How do QA’s online courses work?
QA online courses, also commonly known as distance learning courses or elearning courses, take the form of interactive software designed for individual learning, but you will also have access to full support from our subject-matter experts for the duration of your course. When you book a QA online learning course you will receive immediate access to it through our e-learning platform and you can start to learn straight away, from any compatible device. Access to the online learning platform is valid for one year from the booking date.
All courses are built around case studies and presented in an engaging format, which includes storytelling elements, video, audio and humour. Every case study is supported by sample documents and a collection of Knowledge Nuggets that provide more in-depth detail on the wider processes.
When will I receive my joining instructions?
Joining instructions for QA courses are sent two weeks prior to the course start date, or immediately if the booking is confirmed within this timeframe. For course bookings made via QA but delivered by a third-party supplier, joining instructions are sent to attendees prior to the training course, but timescales vary depending on each supplier’s terms. Read more FAQs.
When will I receive my certificate?
Certificates of Achievement are issued at the end the course, either as a hard copy or via email. Read more here.