Este curso de treinamento aprofunda os conceitos de rede abordados no curso Fundamentos de Redes no Google Cloud. Por meio de apresentações, demonstrações e laboratórios, os participantes exploram e implementam tecnologias de rede do Google Cloud. Essas tecnologias incluem: redes Virtual Private Cloud (VPC), sub-redes e firewalls; interconexão entre redes; balanceamento de carga; Cloud DNS; Cloud CDN; e Cloud NAT. O curso também abordará padrões comuns de design de redes.
Objetivos
Neste curso, os participantes aprenderão as seguintes habilidades:
• Configurar redes VPC, sub-redes e roteadores.
• Controlar o acesso administrativo a objetos da VPC.
• Controlar o acesso à rede para endpoints nas VPCs.
• Interconectar redes entre projetos do Google Cloud.
• Implementar conectividade de rede entre projetos do Google Cloud.
• Implementar balanceamento de carga.
• Configurar o gerenciamento de tráfego entre os serviços de backend do balanceador de carga.
• Usar o Cloud CDN para reduzir a latência.
• Otimizar os gastos com rede utilizando os Níveis de Serviço de Rede (Network Service Tiers).
• Configurar opções de conexão privada para fornecer acesso a recursos e serviços externos a partir de redes internas.
Público-Alvo
Esta classe é destinada ao seguinte público:
- Engenheiros e administradores de rede que usam o console do Google Cloud ou planejam usá-lo.
- Indivíduos que desejam se expor a soluções de redes definidas por software na nuvem.
Pré-requisitos
Para aproveitar ao máximo este curso, os participantes precisam atender aos seguintes critérios:
- Conclusão do curso Google Cloud Fundamentals: Core Infrastructure ou experiência equivalente.
- Compreensão prévia do modelo OSI de 7 camadas.
- Compreensão prévia de endereçamento IPv4.
- Experiência prévia com gerenciamento de rotas IPv4.
Duração
Investimento
Resumo do curso
• Create a Compute Engine VM with multiple network interfaces.
• Use the standard tier to lower cloud networking costs.
• Use the premium tier to provide lower latency and faster access to Google Cloud
resources.
• Describe the different ways to share VPC networks that are available in Google Cloud.
• Recognize when to use Shared VPC and when to use VPC Network Peering.
• Configure peering between unrelated VPC networks.
• Configure uptime checks, alerting policies, and charts for your network services.
• Monitor Google Cloud network resources.
• Use VPC Flow Logs to log and analyze network traffic behavior.
• Define key routing and addressing concepts relevant to Google Cloud, including IP addresses, subnets, route tables, firewalls, BYOIP, and NATs.
• Describe the configuration and management options for Google Cloud DNS, including private and managed zones.
• Configure and manage route tables to control traffic flow, resolve domain names effectively, and utilize NAT rules for secure access.
• Define and differentiate various private connection options (e.g., Private Google Access, Private Services Access, Private Service Connect).
• Explore use cases of Private Service Connect, Private Service Access, and Private Google Access.
• Implement Private Google Access with Cloud NAT.
• Describe the Google Cloud provides components that create a good network architecture, such as Cloud Interconnect, VPC Network Peering, Shared VPC, and Network Tiers.
• Summarize key considerations for network design.
• Explain when to use each network topology based on specific requirements.
• Identify potential bottlenecks or security vulnerabilities in network topologies.
• Implement a meshed topology for a resilient and scalable network architecture.
• Identify the four layers of DDoS Mitigation.
• Identify methods Google Cloud uses to mitigate the risk of DDoS for its customers.
• Use Google Cloud Armor to blocklist an IP address and restrict access to a global external Application Load Balancer.
- Describe how IAM policies affect VPC network access.
- Identify the benefits of using Cloud Firewall’s hierarchical policies at different levels of the cloud infrastructure hierarchy.
- Apply global and regional network firewall policies using Cloud Firewall.
- Explain the role of Cloud IDS in protecting VPC networks from malicious activity.
- Deploy Cloud IDS and configure its settings according to specific security needs.
- Describe the role of Secure Web Proxy in improving network resilience and availability.
- Describe best practices for cloud network security.
- Define Packet Mirroring and explain its purpose in network monitoring and security.
- Learn network security best practices.
- Describe the benefits of hybrid load balancing.
- Configure traffic management in a load balance
- Describe how to configure an internal network load balancer as a next hop.
- Use Cloud CDN configuration to optimize content delivery performance.
- Create a Google Cloud Armor edge security policy to protect content.
- Describe the various connectivity options offered by Google Cloud for hybrid and multi-cloud environments, including Network Connectivity Center, Cloud VPN, Cloud Interconnect, and Cloud CDN.
- Define and differentiate between the various Cloud Interconnect options available in Google Cloud, including Dedicated Interconnect, Partner Interconnect, and Cross-Cloud Interconnect.
- Implement high availability VPN (HA VPN) for redundancy and failover.
- Identify the benefits and use cases for Cloud HA VPN.