Course content
1. Designing, planning, and prototyping a GCP network
1.1 Designing the overall network architecture. Considerations include:
- Failover and disaster recovery strategy
- Options for high availability
- DNS strategy (e.g., on-premises, Cloud DNS, GSLB)
- Meeting business requirements
- Choosing the appropriate load balancing options
- Optimizing for latency (e.g., MTU size, caches, CDN)
- Understanding how quotas are applied per project and per VPC
- Hybrid connectivity (e.g., Google private access for hybrid connectivity)
- Container networking
- IAM and security
- SaaS, PaaS, and IaaS services
- Microsegmentation for security purposes (e.g., using metadata, tags)
1.2 Designing a Virtual Private Cloud (VPC). Considerations include:
- CIDR range for subnets
- IP addressing (e.g., static, ephemeral, private)
- Standalone or shared
- Multiple vs. single
- Multi-zone and multi-region
- Peering
- Firewall (e.g., service account–based, tag-based)
- Routes
- Differences between Google Cloud Networking and other cloud platforms
1.3 Designing a hybrid network
- Using interconnect (e.g., dedicated vs. partner)
- Peering options (e.g., direct vs. carrier)
- IPsec VPN
- Cloud Router
- Failover and disaster recovery strategy (e.g., building high availability with BGP using cloud router)
- Shared vs. standalone VPC interconnect access
- Cross-organizational access
- Bandwidth
1.4 Designing a container IP addressing plan for Google Kubernetes Engine
2. Implementing a GCP Virtual Private Cloud (VPC)
2.1 Configuring VPCs
- Configuring GCP VPC resources (CIDR range, subnets, firewall rules, etc.)
- Configuring VPC peering
- Creating a shared VPC and explaining how to share subnets with other projects
- Configuring API access (private, public, NAT GW, proxy)
- Configuring VPC flow logs
2.2 Configuring routing
- Configuring internal static/dynamic routing
- Configuring routing policies using tags and priority
- Configuring NAT (e.g., Cloud NAT, instance-based NAT)
2.3 Configuring and maintaining Google Kubernetes Engine clusters
- VPC-native clusters using alias IPs
- Clusters with shared VPC
- Private clusters
- Cluster network policy
- Adding authorized networks for cluster master access
2.4 Configuring and managing firewall rules
- Target network tags and service accounts
- Priority
- Network protocols
- Ingress and egress rules
- Firewall logs
3. Configuring network services
3.1 Configuring load balancing. Considerations include:
- Creating backend services
- Firewall and security rules
- HTTP(S) load balancer: including changing URL maps, backend groups, health checks, CDN, and SSL certs
- TCP and SSL proxy load balancers
- Network load balancer
- Internal load balancer
- Session affinity
- Capacity scaling
3.2 Configuring Cloud CDN
- Enabling and disabling Cloud CDN
- Using cache keys
- Cache invalidation
- Signed URLs
3.3 Configuring and maintaining Cloud DNS
- Managing zones and records
- Migrating to Cloud DNS
- DNS Security (DNSSEC)
- Global serving with Anycast
- Cloud DNS
- Internal DNS
- Integrating on-premises DNS with GCP
3.4 Enabling other network services
- Health checks for your instance groups
- Canary (A/B) releases
- Distributing backend instances using regional managed instance groups
- Enabling private API access
4. Implementing hybrid interconnectivity
4.1 Configuring interconnect
- Partner (e.g., layer 2 vs. layer 3 connectivity)
- Virtualizing using VLAN attachments
- Bulk storage uploads
4.2 Configuring a site-to-site IPsec VPN (e.g., route-based, policy-based, dynamic or static routing).
4.3 Configuring Cloud Router for reliability.
5. Implementing network security
5.1 Configuring identity and access management (IAM)
- Viewing account IAM assignments
- Assigning IAM roles to accounts or Google Groups
- Defining custom IAM roles
- Using pre-defined IAM roles (e.g., network admin, network viewer, network user)
5.2 Configuring Cloud Armor policies
- IP-based access control
5.3 Configuring third-party device insertion into VPC using multi-nic (NGFW)
5.4 Managing keys for SSH access
6. Managing and monitoring network operations
6.1 Logging and monitoring with Stackdriver or GCP Console
6.2 Managing and maintaining security
- Firewalls (e.g., cloud-based, private)
- Diagnosing and resolving IAM issues (shared VPC, security/network admin)
6.3 Maintaining and troubleshooting connectivity issues
- Identifying traffic flow topology (e.g., load balancers, SSL offload, network endpoint groups)
- Draining and redirecting traffic flows
- Cross-connect handoff for interconnect
- Monitoring ingress and egress traffic using flow logs
- Monitoring firewall logs
- Managing and troubleshooting VPNs
- Troubleshooting Cloud Router BGP peering issues
6.4 Monitoring, maintaining, and troubleshooting latency and traffic flow
- Network throughput and latency testing
- Routing issues
- Tracing traffic flow
7. Optimising network resources
7.1 Optimizing traffic flow
- Load balancer and CDN location
- Global vs. regional dynamic routing
- Expanding subnet CIDR ranges in service
- Accommodating workload increases (e.g., autoscaling vs. manual scaling)
7.2 Optimizing for cost and efficiency
- Cost optimization (Network Service Tiers, Cloud CDN, autoscaler [max instances])
- Automation
- VPN vs. interconnect
- Bandwidth utilization (e.g., kernel sys tuning parameters)
To see the full course content Download now
Course Prerequisites
- Basic understanding of cloud concepts such as virtual machines, containers, and networking
- You should also have a broad understanding of the various services.
- Finally, in addition to how to implement each service, make sure you also understand the best practices for these services (scaling, security, hybrid connections, high availability, etc.).
Who can attend
- 3+ years of industry experience including 1+ years managing solutions on GCP.
- If you have experience in hybrid connections, virtual networks, firewalls, load balancers, and managing networks both from the GC console and by command line, this certification is for you.
Number of Hours: 40hrs
Certification
Key features
- One to One Training
- Online Training
- Fastrack & Normal Track
- Resume Modification
- Mock Interviews
- Video Tutorials
- Materials
- Real Time Projects
- Virtual Live Experience
- Preparing for Certification
FAQs
DASVM Technologies offers 300+ IT training courses with 10+ years of Experienced Expert level Trainers.
- One to One Training
- Online Training
- Fastrack & Normal Track
- Resume Modification
- Mock Interviews
- Video Tutorials
- Materials
- Real Time Projects
- Materials
- Preparing for Certification
Call now: +91-99003 49889 and know the exciting offers available for you!
We working and coordinating with the companies exclusively to get placed. We have a placement cell focussing on training and placements in Bangalore. Our placement cell help more than 600+ students per year.
Learn from experts active in their field, not out-of-touch trainers. Leading practitioners who bring current best practices and case studies to sessions that fit into your work schedule. We have a pool of experts and trainers are composed with highly skilled and experienced in supporting you in specific tasks and provide professional support. 24x7 Learning support from mentors and a community of like-minded peers to resolve any conceptual doubts. Our trainers has contributed in the growth of our clients as well as professionals.
All of our highly qualified trainers are industry experts with at least 10-12 years of relevant teaching experience. Each of them has gone through a rigorous selection process which includes profile screening, technical evaluation, and a training demo before they are certified to train for us. We also ensure that only those trainers with a high alumni rating continue to train for us.
No worries. DASVM technologies assure that no one misses single lectures topics. We will reschedule the classes as per your convenience within the stipulated course duration with all such possibilities. If required you can even attend that topic with any other batches.
DASVM Technologies provides many suitable modes of training to the students like:
- Classroom training
- One to One training
- Fast track training
- Live Instructor LED Online training
- Customized training
Yes, the access to the course material will be available for lifetime once you have enrolled into the course.
You will receive DASVM Technologies recognized course completion certification & we will help you to crack global certification with our training.
Yes, DASVM Technologies provides corporate trainings with Course Customization, Learning Analytics, Cloud Labs, Certifications, Real time Projects with 24x7 Support.
Yes, DASVM Technologies provides group discounts for its training programs. Depending on the group size, we offer discounts as per the terms and conditions.
We accept all major kinds of payment options. Cash, Card (Master, Visa, and Maestro, etc), Wallets, Net Banking, Cheques and etc.
DASVM Technologies has a no refund policy. Fees once paid will not be refunded. If the candidate is not able to attend a training batch, he/she is to reschedule for a future batch. Due Date for Balance should be cleared as per date given. If in case trainer got cancelled or unavailable to provide training DASVM will arrange training sessions with other backup trainer.
Your access to the Support Team is for lifetime and will be available 24/7. The team will help you in resolving queries, during and after the course.
Please Contact our course advisor +91-99003 49889. Or you can share your queries through info@dasvmtechnologies.com