Google Cloud Platform (GCP) is a leading set of cloud services that includes Infrastructure-as-a-Service and Platform-as-a-Service products. GCP's share of the public cloud market is behind only Amazon AWS and Azure. Like these vendors, Google Cloud utilizes the same extensive network infrastructure that hosts its core applications. For Google, these apps include Google Search and YouTube. The Google cloud stack has more than 100 products that cover compute, data storage, database management, networking, analytics, Big Data, machine learning (ML), artificial intelligence (AI), access management, security, Internet of Things (IoT), and centralized management.
Progent offers expertise helping businesses of all sizes to plan, deploy, test, administer, and maintain IT ecosystems based on a variety of network architectures including on-prem data centers, private clouds, one or multiple public clouds, or a hybrid combination of local and cloud-based resources. Progent can provide quick remote or onsite access to top-tier experts who can help you to assess the potential benefits and limitations of different network models and compare the services and cost of Google Cloud Platform vs. other public cloud vendors.
Progent's certified Microsoft, Linux, and Cisco experts can help your organization to integrate your current IT infrastructure with the Google Cloud, and Progent's database experts can show you how to make your business-critical applications cloud ready so they can benefit fully from Google Cloud services. Progent can help you to deploy virtual machines on GCP Compute Engine, plan an efficient storage system with Google Cloud Storage services, and streamline identity management with Google Cloud Identity. Progent can also help you to use GCP's tools to manage and monitor your GCP Cloud environment so it consistently delivers top business value.
Popular Services Offered for the Google Cloud Platform
Google Cloud has more than 100 IaaS and PaaS services covering nearly all areas of IT including processing, storage, database management, networking, administration, cybersecurity, web, mobility, and application development. Google Cloud services are offered on a subscription basis. As with other public cloud services, you pay for the resources you use. Important Google Cloud services for which Progent offers expert consulting and debugging include:
Compute Engine is a service for running Windows and Linux VMs in the cloud, comparable to Amazon EC2 or Microsoft Azure Virtual Machines. Compute Engine virtual machines have transparent access to Google Cloud block storage and state-of-the-art infrastructure. GCP Compute Engine offers three basic classes of virtual machines in either standard or custom machine sizes. Google Cloud's N2 type virtual machine is affordably priced and designed for common applications such as web hosting, business applications, and databases. The C2 type VM supports as many as 60 virtual CPUs (vCPUs) for compute-intensive apps such as electronic computer-aided design (ECAD) and simulations. GCP's M2 class virtual machine offers up to 11.5 TB of RAM for RAM-intensive apps like in-memory databases or time-critical analytics. Google's sole-tenant node option provides a physical Compute Engine server for your exclusive use.
Key features of the Google Compute Engine include live virtual machine migration, which keeps VMs working even during scheduled maintenance, and preemptible virtual machines, low-priced VM compute instances which continue for up to 24 hours and are intended for executing batch jobs that can be paused and resumed at any time without impacting productivity.
Additional available features for Google Cloud Compute Engine include:
Google Cloud Storage is object storage that scales to exabytes of data. Data held in Google Cloud Cloud Storage are organized in containers called buckets. Google Cloud provides four types of cloud storage, distinguished and priced based on the object's anticipated longevity and its busy/dormant ratio. As you progress along Google's storage classes from Standard to Archive, access costs go up, at-rest costs decrease, and required minimum storage duration goes up. GCP's storage classes make it possible to control costs by planning the appropriate price/performance balance for your environment, and GCP's Object Life Cycle Management tool allows you to automate the progression of storage objects from hot to cold classes over time. All storage types share worldwide accessibility, unlimited scale (but a size limit of 5 TB for individual objects, no minimum size, low latency, optional geo-redundancy, and a shared set of security and management utilities. One API applies to all Google Cloud Storage types.
Standard Storage is Google Cloud's default class and is suited for so-called "hot" storage accessed often or stored only for short periods. There is no minimum storage duration. To get the best performance and least network usage charges, Standard Storage data should reside in the same geographical location as the virtual machine instances or the container clusters that use the objects. Standard Storage delivers the highest average availability for regions, dual-regions, and multi-regions. Nearline Storage is a low-priced storage option intended for data accessed infrequently, ideally no more than once per month. Examples of suitable use cases are periodic backup and archiving. At-rest costs are lower than with Google's Standard Storage, but access is more expensive, availability is slightly lower, and storage duration is a minimum of 30 days.
Coldline Storage offers very low storage pricing for dormant data and is suitable for scenarios where data are accessed less than once a quarter. Minimum storage duration is three months, availability is slightly less than with GCP's Standard and Nearline Storage classes, and data access pricing is relatively expensive. Google Cloud's Archive Storage, which offers the lowest at-rest storage pricing but has a minimum duration of one year, is the preferred storage service for objects kept only for backup or archive scenarios. Access pricing for Archive Storage is the highest of any Google Cloud storage service.
Cloud Storage Encryption
GCP Cloud Storage always encrypts data on the server end prior to placing it on disk. Added to this routine encryption process, you can select more options to encrypt your data. GCP offers two server-side encryption services that allow objects to be encrypted after making it to Cloud Storage but before the data is written to disk. Google's Customer-supplied encryption keys allows you to create and control your own encryption keys. Google Cloud's Customer-managed encryption keys option enables you to generate and control your encryption keys via Google's Cloud Key Management Service. Both these server-side encryption options provide an additional level of encryption above Google's standard Cloud Storage encryption.
If you perform client-side encryption before sending your data to Google Cloud Storage, your encrypted data will also be subject to Google's server-side encryption.
Google Cloud Identity and Access Management (IAM) is Google's unified platform for controlling access to resources and granting authority for users and services to use resources for a specified duration. Examples of GCP resources are Compute Engine virtual machine instances and Google Cloud Storage buckets. Centralized tools offer administrators the ability to manage access rights for all services within the Google Cloud Platform. Cloud IAM features high precision in creating policies to assign groups and users permissions to access task-relevant resources while preventing access to non-essential resources.
With Google Cloud IAM, policies are composed of roles; roles are made up of permissions; and permissions are associated with resources. Users or groups are assigned to policies, and through the policy they gain access to whatever resources the roles give them. As an example of Google Cloud Identity and Access Management's role granularity, the Cloud Pub/Sub service can be accessed with a variety of permissions determined by whether a user or group has been given the role of Owner, Editor, Viewer, Publisher, or Subscriber.
Google Cloud IAM policies are hierarchy-based, flowing down from the organization to projects and then to resources. You can establish organization-wide policies, tune them as appropriate for a given project, and refine them further for a specific resource. You can define access policies to specific resources, to a project, or at the organizational level. Policies you assign to an organization flow down to projects within the organization and from there resources in those projects.
Additional refinement in controlling resource permissions is offered by enabling admins to factor in context such as endpoint security status, IP address, resource type, and time. You can manage access rights by using the GUI interface of Google's web-based Cloud Console tool, through programming with Cloud IAM methods, or through the gcloud command-line tool. Google Cloud IAM automatically creates a complete audit trail to facilitate regulatory compliance.
Cloud IAM is included at no additional cost to all Google Cloud Platform licensees.
Google Kubernetes Engine is a Docker container service for running containerized apps. Kubernetes was initially developed by Google to automate container orchestration and was made available as open source at the end of 2014. Since that time Kubernetes has grown to be the leading solution for managing containerized applications.
Google Kubernetes Engine (GKE) is built on Google's Container-Optimized OS and supports Certified Kubernetes, ensuring workload portability to other Kubernetes platforms across cloud and on-premises networks. To accelerate development, ready-to-go open-source deployment templates for enterprise-grade apps are offered on Google Cloud Marketplace.
The Migrate for Anthos service, available for free with GKE, enables you to move and convert your workloads directly from your existing infrastructure into Google Kubernetes Engine containers. These workloads can be physical servers and virtual machines located on-premises, in GCP's Compute Engine, or in other clouds. Google Kubernetes Engine supports pod and cluster autoscaling for continuous analysis of the CPU and RAM usage of pods and for automatically tuning CPU and memory requests across node pools.
Additional capabilities of Google Kubernetes Engine include preemptible virtual machines, persistent storage, always-encrypted local SSD block storage, global load balancing to optimize speed and availability, support for both Windows and Linux nodes, the ability to run stateless serverless containers with the GCP Cloud Run service, and usage metering for granular insight into Kubernetes clusters.
Google Kubernetes Engine complies with HIPAA and PCI DSS 3.1. For enhanced cybersecurity, GKE Sandbox provides an additional level of defense between containerized Google Kubernetes Engine workloads. Google Kubernetes Engine clusters offer integrated support for Kubernetes Network Policy to filter traffic by applying pod-level firewall security policies. Private clusters in Google Kubernetes Engine can be limited to a private or public device with access limited to distinct addresses.
Google Kubernetes Engine is priced based on each GCP Compute Engine instance in a cluster. Use of GCP Compute Engine resources is billed by the second with a one-minute minimum charge.
Cloud AI Building Blocks enable software developers, even with little or no machine learning backgrounds, to integrate Google's leading-edge AI technology into their applications. Essential services cover vision, language, and conversation. By using Google's APIs, you can access Google's out-of-the-box models and avoid having to hassle with creating your own datasets from scratch and training your own models. As Google's catalog of pre-trained models grows in sophistication and size, you can quickly add state-of-the-art AI technology to your apps. In addition, Google AutoML products give you the tools you need to train, validate and deploy your custom domain-specific machine learning models. Developers can use any Google AI Building Block by itself or in combination with other AI Building Blocks according to your business requirements.
For advanced imaging, Google GCP Cloud AI Building Blocks offer the AutoML Vision and Vision API services that allow you to derive insights from your images. Both services use REST and RPC APIs and enable your application to discern objects and their location inside an image. AutoML Vision streamlines training for your custom machine learning (ML) models by providing an intuitive graphical interface. Once you tune your models for accuracy, latency and size, you can send them to the Google GCP Cloud or to a variety of edge devices.
Vision API provides programmatic access to Google's pre-trained machine learning models. You can rapidly classify images using Google's extensive collections of predefined labels. Google Cloud's Vision API uses OCR technology to detect text, in more than 50 languages, embedded anywhere within images. Combined with Google's Document Understanding AI technology, you can benefit from the same machine learning technology that powers Google Search to extract actionable insights from masses of free-form documents. You can discern web objects and pages, distinguish a face from other objects and detect facial characteristics, and identify product logos and popular landmarks. You can also detect adult or violent content within images.
Google GCP's AutoML Video Intelligence and Video Intelligence API services, which offer a comparably wide array of features as the Vision services, make it easy to extract value from video files.
Language Products
Language is Google's strong suit, and Google's stack of AI Building Blocks understandably includes a rich suite of services. Google GCP language services include:
Progent can help you to decide which of your applications are suited for GCP and can show you how to make your legacy apps cloud compatible. Progent has experience helping clients assess the value of migrating to Google Cloud SQL, using Google Dataproc for local Hadoop, adopting Google Kubernetes Engine as a virtualization replacement, and deploying MongoDB Atlas on Google Cloud vs. on-premises MongoDB. Progent can provide on-demand remote consulting support for small jobs to help you rapidly overcome occasional technical hurdles or Progent can deliver comprehensive project management outsourcing services to ensure your GCP integration initiative is completed on schedule and within budget.
Among the most frequently encountered technical issues organizations run into when migrating to GCP or other public cloud is setting up firewalls and VPN connections to provide users with easy but secure access to cloud resources. Progent offers the services of Cisco-certified CCIE network engineers and firewall experts for security gateways from leading vendors such as Cisco, Palo Alto Networks, Check Point, SonicWall, and Fortinet to assist you to configure or troubleshoot firewalls for accessing Google Cloud Platform. To accommodate mobile computing, Progent's iPhone and iPad technology consultants and Google Android integration experts can help you to configure and manage protected mobile devices for your GCP users. Progent can work in conjunction with your internal technical staff and Google's support engineers to mitigate GCP integration problems quickly and economically.
Examples of online consulting services provided by Progent to assist businesses integrate their networks with Google Cloud include:
Additional leading clouds supported by Progent include:
Progent's Azure planning and integration experts can help you with any phase of Microsoft Azure integration such as requirements definition, readiness evaluation, solution design, pre-production testing, implementation, centralized management, performance tuning, software license management, disaster recovery strategies, security planning, and compliance validation. Progent can assist your IT staff to set up and troubleshoot firewalls and VPN tunnels so your users can safely access to Azure services, and Progent's Microsoft-certified consultants can help you set up key Microsoft technologies to run in the cloud including Microsoft Windows Server, Exchange, SQL Server and Skype for Business. Progent can also help you to set up a hybrid ecosystem that transparently integrates physical datacenters with Azure-based resources.
Microsoft allows you to create seamless hybrid networks that integrate Microsoft 365 Exchange Online and local Exchange. This permits you to have certain Exchange mailboxes located at your on-premises datacenter or private cloud and other mailboxes hosted by Microsoft 365. Progent's certified Exchange consulting team can assist your organization with any phase of planning, integrating and debugging your hybrid Exchange solution. Progent's Exchange consultants can provide occasional support to help you resolve challenging technical issues and also can provide comprehensive project management outsourcing to make sure your hybrid Microsoft 365/Exchange solution is successfully completed on time and on budget. To learn more about Progent's online consulting support for integrating Microsoft 365 Exchange and on-prem Exchange systems, refer to Exchange Online integration solutions with on-premises Exchange.
Progent's certified Microsoft Office and Microsoft 365 experts can assist companies of any size to incorporate Office desktop and Microsoft 365 apps including Office Excel, Word, PowerPoint, Microsoft Outlook, Microsoft Access, Project and OneNote into a seamless productivity solution that provides quick ROI and enables improved business outcomes. Progent can help you to integrate Office or Microsoft 365 apps with each other and with other core Microsoft technologies including SharePoint Server, Microsoft Exchange Server and Microsoft SQL Server deployed on-premises or hosted in the cloud. Progent can also help you to resolve compatibility issues with different versions of Microsoft Office desktop and offers customized online Microsoft Office and Microsoft 365 instruction to individual users or teams.
Progent's Amazon AWS planning and integration consultants offer cost-effective online support to help companies to access Amazon Web Services (AWS) cloud services including Elastic Compute Cloud (EC2) for virtual machine hosting, Amazon Simple Storage Service (Amazon S3) for expandable high-performance storage, and Amazon Glacier for value-priced long-term archiving. Progent can assist your IT team with every phase of Amazon AWS migration and troubleshooting including requirements analysis, preparedness evaluation, system design and review, pilot testing, configuration, centralized administration, performance tuning, licensing management, backup/restore solutions, and security strategies. Progent offers advanced expertise with firewall configuration and VPN technology and can show you how to deploy cloud-based or hybrid environments that seamlessly integrate Amazon AWS cloud services. Progent offers occasional expertise or Progent can deliver project management outsourcing services to help you move smoothly to the Amazon AWS cloud.
Amazon Marketplace Web Service is an integrated library of APIs that allows Amazon sellers to improve the efficiency of their business processes by automating crucial sales activities such as listings, orders, payments, inbound and outbound fulfillment, and finances. By leveraging Amazon's extensive online ecosystem and automating their sales, vendors can expand their market, reduce their operating costs, improve reaction time to customers, and add to their bottom line. Progent's Amazon Marketplace Web Service developers can work with your development team and provide programming, workflow integration, project management support, and training to help you cut development time and expedite your ROI.
Contact Progent for Google Cloud Platform Integration Consulting
If you are looking for assistance with any phase of integrating your network with Google Cloud Platform or any other public cloud service, call Progent at