Google Cloud Platform (GCP) is a leading suite of cloud computing services that offers IaaS and PaaS products. Google Cloud's penetration in the public cloud market trails only Amazon AWS and Microsoft Azure. Like these vendors, GCP uses the same extensive network infrastructure that hosts its core applications. In Google's case, these apps include Google Search as well as YouTube. The Google cloud stack contains more than 100 services related to compute, data storage, database management, network infrastructure, business analytics, Big Data, machine learning (ML), AI, identity, cybersecurity, IoT, and centralized tools.
Progent offers expertise helping businesses from small offices to enterprises to plan, configure, tune, manage, and maintain IT ecosystems based on a variety of network models such as on-premises data centers, private clouds, one or more public clouds, or a hybrid mix of local and cloud-based resources. Progent offers quick remote or onsite access to top-tier experts who can assist you to evaluate the advantages and limitations of possible network models and compare the feature set and cost of Google Cloud vs. other public cloud offerings.
Progent's certified Microsoft, Linux, and Cisco consultants can assist you to integrate your existing IT infrastructure with the Google Cloud, and Progent's database management experts can help make your business-critical applications cloud ready so they can take full advantage of GCP products and services. Progent can help you to set up virtual machines on GCP Compute Engine, design a cost-effective storage solution using Google Cloud Storage services, and simplify access management with GCP Cloud Identity. Progent can also assist you to utilize GCP's tools to administer and monitor your Google Cloud ecosystem so it continually provides top business value.
Major Services Available for the Google Cloud
Google Cloud Platform has over Infrastructure-as-a-Service and Platform-as-a-Service services addressing virtually all areas of IT including processing, storage, database management, networking, system management, security, web, mobility, and development. Google Cloud services are available on a subscription basis. As with other public cloud platforms, you pay for the resources you use. Important GCP services for which Progent can provide expert consulting and technical support include:
Compute Engine is a service for running Windows and Linux virtual machines in the cloud, similar to Amazon EC2 or Microsoft Azure Virtual Machines. Compute Engine VMs have transparent access to Google Cloud block storage and state-of-the-art infrastructure. Google Cloud Compute Engine offers three basic classes of VMs in your choice of pre-defined or custom sizes. Google Cloud's N2 type VM is affordably priced and designed for general-purpose applications like web hosting, business apps, and databases. The C2 type virtual machine provides up to 60 virtual CPUs (vCPUs) for compute-intensive applications such as ECAD and simulations. GCP's M2 class VM offers up to 11.5 TB of RAM for memory-intensive apps like in-memory databases or in-depth analytics. GCP's sole-tenant node option features a physical Compute Engine machine for your exclusive use.
Key features of the Google Cloud Compute Engine include live VM migration, which lets you keep virtual machines on line even while undergoing scheduled maintenance, and preemptible VMs, low-priced VM compute instances which last for a max of 24 hours and are intended for running batch jobs that can be paused and continued at any time without compromising productivity.
Additional key benefits for Google Cloud Compute Engine include:
Google Cloud Storage provides object storage that can scale to exabytes of data. Objects placed in Google Cloud Storage are logically organized in containers referred to as buckets. Google offers four classes of cloud storage, differentiated and priced according to the object's expected duration and its busy/dormant ratio. As you move through Google's storage classes from Standard to Archive, access costs increase, at-rest expense decrease, and minimum storage duration increases. Google's storage classes allow you to manage expenses by planning the appropriate cost/performance profile for your network, and Google's Object Life Cycle Management tool enables you to program the migration of storage objects from hot to cold classes over time. All storage types feature global accessibility, unlimited storage (but a maximum size limit of 5 TB for individual objects, no minimum object size, low latency, optional geo-redundancy, and a shared suite of cloud security and management tools. A single API works with all Google Cloud Storage classes.
Standard Storage is Google Cloud's default class and is intended for so-called "hot" storage used frequently or stored only briefly. There is no minimum storage time. For the highest speed and least network usage charges, Standard Storage data should be kept in the same geographical location as the VM instances or the container clusters that interact with the data. Standard Storage offers the highest average uptime for any regional distribution scheme. Nearline Storage is a economical storage type intended for objects accessed only occasionally, preferably around once per month. Examples of appropriate use cases are periodic backup and archiving. At-rest pricing is less than with Google Cloud's Standard Storage, but access is more expensive, availability is marginally less, and storage duration is a minimum of one month.
Coldline Storage provides rock bottom storage pricing for dormant data and is designed for situations where data are accessed less than once every 90 days Minimum duration is three months, availability is slightly lower than with Google Cloud's Standard and Nearline Storage services, and access costs are comparatively high. GCP's Archive Storage, which offers the lowest at-rest storage costs but has a minimum duration of one year, is the best storage class for data kept only for backup or archive purposes. Data access pricing for Archive Storage is the most of any Google storage type.
Cloud Storage Encryption
GCP Cloud Storage always encrypts data on the server side before placing it on disk. Added to this standard encryption, you can choose more options to encrypt your data. There are two server-side encryption services that allow objects to be encrypted after arriving at Cloud Storage but before being written to disk. Google's Customer-supplied encryption keys enables you to create and manage your own encryption keys. Google Cloud's Customer-managed encryption keys option enables you to generate and control your encryption keys via Google's Cloud Key Management Service. Both these server-side encryption options provide an extra level of encryption above GCP's standard Cloud Storage encryption service.
In case you perform client-side encryption prior transporting your data to GCP Cloud Storage, your encrypted data will also be subject to server-side encryption.
Google Cloud Identity and Access Management (IAM) is Google's unified platform for controlling access to network resources and granting permissions for users and services to access resources for a specified period of time. Examples of Google Cloud resources are Compute Engine VM instances and Google Cloud Storage buckets. Unified and consistent tools give admins the ability to manage access rights for all services available within GCP. Google Cloud Identity and Access Management features fine granularity in designing policies to grant groups and users permissions to use task-relevant resources while preventing access to non-essential resources.
With Google Cloud Identity and Access Management, policies are composed of roles; roles are made up of permissions; and permissions are associated with resources. Users or groups are assigned to policies, and through the policy they are given access to whatever resources the roles provide. As an example of Google Cloud Identity and Access Management's role granularity, the Cloud Pub/Sub service can be accessed under a range of permissions depending on whether a user or group has been assigned the role of Owner, Editor, Viewer, Publisher, or Subscriber.
Google Cloud IAM policies are hierarchy-based, flowing downward from the organization to projects and lastly to resources. You can define organization-wide policies, refine them as appropriate for a specific project, and refine them even more for a specific resource. You can assign policies to individual resources, to a project, or at the organizational level. Policies assigned to an organization flow down to projects in the organization and from there resources in those projects.
Further flexibility in controlling resource permissions is offered by enabling admins to include context such as device security status, IP address, resource type, and date/time. You can manage permissions via the graphical interface of the web-based Cloud Console tool, through programming with Google Cloud IAM methods, or through Google's gcloud command-line tool. Cloud IAM automatically creates a full audit trail to simplify regulatory compliance.
Cloud IAM is included at no additional cost to all GCP customers.
Google Kubernetes Engine is a container service for running containerized applications. Kubernetes was originally created by Google to automate Docker container orchestration and was made available as open source in 2014. Since then Kubernetes has become the most popular platform for managing containerized applications.
Google Kubernetes Engine (GKE) is powered by Google's Container-Optimized OS and runs Certified Kubernetes, allowing workload compatibility with other Kubernetes products across cloud and on-premises environments. To streamline software development, ready-to-go open-source deployment templates for enterprise-grade apps are available on Google Cloud Marketplace.
The Migrate for Anthos tool, offered at no cost with Google Kubernetes Engine, enables you to move and convert your workloads directly from your existing environment into Google Kubernetes Engine containers. These workloads can be physical servers and VMs located on-premises, in GCP's Compute Engine, or in third-party clouds. GKE allows pod and cluster autoscaling for ongoing analysis of the CPU and memory usage of pods and for automatically tuning CPU and RAM requests across node pools.
Additional features of Google Kubernetes Engine include preemptible VMs, persistent storage, always-encrypted local solid-state drive block storage, global load balancing to maximize speed and availability, compatibility with both Windows Server and Linux nodes, the ability to run stateless serverless containers via the GCP Cloud Run service, and usage metering for fine-grained visibility into your Kubernetes clusters.
Google Kubernetes Engine is compliant with HIPAA and PCI DSS 3.1. For stronger cybersecurity, GKE Sandbox delivers an additional level of defense between containerized GKE workloads. GKE clusters provide native support for Kubernetes Network Policy to filter traffic by applying pod-level firewall security policies. Private clusters in GKE can be limited to a private or public device accessible only to specified addresses.
Google Kubernetes Engine charges for each Google Compute Engine instance in a cluster. Usage of Google Compute Engine resources is billed by the second with a one-minute minimum usage charge.
Cloud AI Building Blocks enable software developers, even without machine learning experience, to integrate Google's advanced AI capabilities into their applications. Core services address vision, language, and conversation. By using Google's APIs, you can access Google's pre-trained models and avoid having to deal with developing your own datasets and training and validating your own models. As Google's catalog of pre-trained models expands, you can immediately add leading-edge AI technology to your applications. Also, Google Cloud AutoML products provide the utilities you need to train, validate and deploy your own domain-specific machine learning models. Developers can use any Google Cloud AI Building Block individually or in combination with other AI Building Blocks according to your business requirements.
For AI-enhanced imaging, Google Cloud AI Building Blocks offer the AutoML Vision and Vision API products that allow you to derive insights from your images. Both products use REST and RPC APIs and enable your application to detect objects and their location inside the image. AutoML Vision streamlines the training process for your home-grown machine learning (ML) models by providing an intuitive graphical interface. After you refine your models for accuracy, speed and size, you can send them to the Google GCP Cloud or to a variety of edge devices.
Vision API offers integration with Google's out-of-the-box models. You can quickly classify images via Google's collections of predefined labels. Google Cloud's Vision API uses OCR tools to detect text, in more than 50 languages, contained anywhere within your images. Combined with Google's Document Understanding AI technology, you can use the same ML technology behind Google Search to derive useful insights from masses of free-form documents. You can detect web entities and pages, isolate a face from other items and notice facial attributes, and identify product logos and famous landmarks. You can also detect adult or violent content in images.
Google GCP's AutoML Video Intelligence and Video Intelligence API services, which offer a comparably extensive range of features as the Vision products, make it simpler to derive value from video files.
Language Services
Language is Google's strong suit, and Google's portfolio of AI Building Blocks understandably includes a potent arsenal of products. Google Cloud language products include:
Progent can assist your organization to determine which of your applications are suited for GCP and can help you make your legacy applications cloud ready. Progent has helped clients assess the value of migrating to Google Cloud SQL, using Google Dataproc for on-premises Hadoop, adopting Google Cloud Kubernetes Engine as a virtualization replacement, and deploying MongoDB Atlas on GCP vs. on-premises MongoDB. Progent can provide on-demand online consulting support for short-term tasks to help you rapidly overcome occasional technical hurdles or Progent can deliver end-to-end project management outsourcing services to ensure your Google Cloud integration program is successfully carried out on schedule and on budget.
Among the most common technical obstacles organizations face when migrating to Google Cloud or other public cloud is reconfiguring firewalls and VPN tunnels to provide users with convenient but protected access to cloud services. Progent offers the expertise of Cisco-certified CCIE network consultants and firewall experts for security appliances from leading suppliers like Cisco, Palo Alto Networks, Check Point, SonicWall, and Fortinet to help you to configure or debug firewalls for connecting to GCP. To accommodate BYOD computing, Progent's iPhone and iPad technology consultants and Android integration consultants can help you to integrate and administer secure mobile devices for your Google Cloud users. Progent can work in conjunction with your internal technical team and Google's support engineers to resolve GCP connectivity issues rapidly and economically.
Popular online consulting expertise provided by Progent to assist organizations integrate their networks with Google Cloud include:
Additional public cloud platforms supported by Progent include:
Progent's Azure planning and integration experts can assist you with every phase of Azure cloud integration including requirements definition, prerequisites assessment, system design, pre-production testing, deployment, automated management, performance tuning, license controls, disaster recovery preparedness, security policy enforcement, and compliance assessment. Progent can assist your IT staff to set up and troubleshoot firewall appliances and VPN connections so your users can securely access to Azure-based resources, and Progent's Microsoft-certified consultants can help you integrate key Microsoft platforms to work in the cloud including Microsoft Windows Server, Exchange Server, SQL and Skype for Business. Progent can also assist your organization to create a hybrid ecosystem that transparently integrates on-premises datacenters with Azure services.
Microsoft has made a strong effort to enable seamless hybrid ecosystems that integrate Microsoft 365 Exchange Online and on-premises Exchange. This allows you to have certain Exchange mailboxes located on your physical datacenter or private cloud and other mailboxes hosted by Microsoft 365. Progent's Microsoft-certified consulting team can assist you with any phase of planning, implementing and troubleshooting your hybrid Microsoft 365/Exchange network. Progent's Exchange consultants can provide as-needed expertise to help you through challenging technical issues and also can provide comprehensive project management outsourcing to make sure your hybrid Microsoft 365/Exchange solution is completed on schedule and within budget. To find out more about Progent's online consulting expertise for hybrid Microsoft 365 Exchange and on-prem Exchange systems, refer to Microsoft 365 Exchange Online integration solutions with on-prem Exchange.
Progent's Microsoft Office and Microsoft 365 experts can assist companies of any size to incorporate Office desktop and Microsoft 365 applications such as Excel, Office Word, PowerPoint, Outlook, Microsoft Access, Project and OneNote into a cohesive productivity solution that offers fast return on investment and enables improved business outcomes. Progent can assist your company to interface Office or Microsoft 365 applications with one another and with other core Microsoft platforms such as SharePoint, Microsoft Exchange Server and Microsoft SQL Server running on-premises or in the cloud. Progent's consultants can also help you to fix compatibility problems with different versions of Office desktop and offers customized online Office and Microsoft 365 training to individuals or groups.
Progent's Amazon Web Services (AWS) integration consultants offer affordable remote consulting to help businesses to access Amazon Web Services (AWS) cloud services including Elastic Compute Cloud (EC2) for virtual machine hosting, Amazon Simple Storage Service (Amazon S3) for scalable cloud storage, and Glacier for value-priced long-term archiving. Progent can assist you with every aspect of Amazon AWS migration and troubleshooting including needs analysis, preparedness evaluation, architectural design and review, pilot testing, deployment, centralized administration, performance optimization, software license management, backup/restore solutions, and security strategies. Progent can provide advanced expertise with firewall configuration and VPN access and can help you create all-cloud or hybrid environments that efficiently incorporate Amazon AWS services. Progent offers occasional consulting or Progent can provide project management outsourcing to help you move smoothly to the Amazon AWS cloud.
Amazon Marketplace Web Service is an integrated library of APIs that enables Amazon sellers to streamline their operations by automating crucial sales functions including listings, orders, payments, inbound and outbound fulfillment, and finances. By tapping into Amazon's vast online ecosystem and automating their sales processes, merchants can expand their market, reduce their cost of sales, improve response time to customers, and increase their bottom line. Progent's Amazon Marketplace Web Service developers can collaborate with your development staff and provide programming, workflow integration, project management support, and training to help you cut development time and speed up your return on investment.
Contact Progent for Google Cloud Integration Consulting
If you are looking for help with any facet of integrating your IT system with Google Cloud or other public cloud platform, call Progent at