Google Cloud Platform (GCP) is a leading suite of cloud computing services that provides IaaS and PaaS features. Google Cloud's share of the public cloud sector is behind only Amazon AWS and Azure. As with vendors, Google Cloud uses the same extensive network infrastructure that supports its core online applications. In Google's case, these include Google Search as well as YouTube. The Google cloud portfolio has more than 100 products related to processing, data storage, database management, network infrastructure, analytics, Big Data, machine learning (ML), artificial intelligence (AI), identity, cybersecurity, Internet of Things, and unified management.
Progent offers expertise helping organizations of all sizes to design, configure, tune, administer, and troubleshoot IT ecosystems based on a variety of network models including on-premises data centers, private clouds, one or multiple public clouds, or a hybrid combination of onsite and cloud-based infrastructure. Progent offers fast remote or onsite access to top-tier consultants to assist you to assess the potential benefits and drawbacks of possible network architectures and compare the services and cost of Google Cloud Platform vs. other cloud offerings.
Progent's Microsoft, Linux, and Cisco consultants can assist you to expand your existing network resources with the Google Cloud Platform, and Progent's database experts can help make your key applications cloud capable so they can take full advantage of GCP products and services. Progent can help you to deploy virtual machines on Google Cloud Compute Engine, design a cost-effective storage solution with GCP Cloud Storage services, and streamline access management with Google Cloud Identity. Progent can also assist you to use GCP's unified tools to administer and track your Google Cloud ecosystem so it consistently provides maximum business value.
Key Services Offered for the Google Cloud
Google Cloud offers more than 100 IaaS and PaaS services addressing nearly all areas of information technology including processing, storage, database management, networking, system management, security, web, mobile computing, and development. Google Cloud services are offered by subscription. Like other public cloud platforms, you pay for the resources you use. Important GCP services for which Progent can provide expert consulting and debugging include:
Compute Engine is an IaaS service for running Windows and Linux virtual machines in the cloud, comparable to Amazon EC2 or Microsoft Azure Virtual Machines. Compute Engine VMs have transparent access to Google Cloud block storage and advanced network infrastructure. GCP offers three classes of virtual machines in either pre-defined or custom machine sizes. GCP's N2 type virtual machine is affordably priced and intended for general-purpose applications such as web hosting, business apps, and databases. The C2 type virtual machine provides as many as 60 virtual CPUs (vCPUs) for processor-intensive applications like ECAD and simulations. Google's M2 type virtual machine includes as much as 11.5 TB of RAM for memory-intensive apps like in-memory databases or time-critical analytics. Google Cloud's sole-tenant node option provides a physical Compute Engine machine for your exclusive use.
Key features of the GCP Compute Engine include live virtual machine migration, which lets you keep virtual machines working even while undergoing system maintenance, and preemptible virtual machines, low-priced virtual machine compute instances which last for up to 24 hours and are intended for executing batch jobs that can be paused and continued intermittently without compromising operations.
Additional key benefits for GCP Compute Engine include:
Google Cloud Storage is object storage that can scale to exabytes of data. All data held in Google Cloud Cloud Storage are organized in containers referred to as buckets. Google Cloud provides four classes of cloud storage, distinguished and priced based on the object's expected longevity and its busy/dormant ratio. As you move along Google's storage types from Standard to Archive storage, access expense go up, at-rest costs go down, and minimum storage duration increases. Google's storage classes make it possible to control costs by designing the appropriate price/performance balance for your environment, and Google Cloud's Object Life Cycle Management tool enables you to program the progression of storage objects from hot to cold classes as they age. All storage types feature worldwide accessibility, virtually unlimited scale (but a maximum size limit of 5 TB for any given object, no minimum size, low latency, optional geo-redundancy, and a shared set of cloud security and management tools. One API works with all Google Cloud Storage classes.
Standard Storage is Google Cloud's default type and is optimized for so-called "hot" storage used frequently or stored only for short periods. There is no minimum storage time. To get the highest performance and lowest network usage fees, Standard Storage objects should reside in the same geographical region as the virtual machine instances or the container clusters that use the objects. Standard Storage delivers the highest average uptime across any regional distribution scheme. Nearline Storage is a economical storage type intended for data accessed only occasionally, preferably around once per month. Examples of suitable use scenarios are monthly backup and archiving. At-rest pricing is less than with Google's Standard Storage, but data access costs more, availability is slightly lower, and storage duration is at least one month.
Coldline Storage provides rock bottom storage pricing for dormant data and is suitable for scenarios where objects are accessed less than once a quarter. Minimum storage duration is three months, availability is marginally less than with Google's Standard and Nearline Storage types, and data access costs are comparatively expensive. GCP's Archive Storage, which offers the lowest at-rest storage costs and a minimum duration of one year, is the preferred storage class for data held exclusively for backup or archive scenarios. Access costs for Archive Storage are the most of any Google storage type.
Cloud Storage Encryption
Google Cloud Storage always encrypts data on the server end prior to writing it to disk. Added to this standard encryption process, you can select other ways to encrypt your data. Google Cloud offers two supplemental server-side encryption services that cause objects to be encrypted after arriving at Cloud Storage but before the data is stored to disk. The Customer-supplied encryption keys enables you to create and control your own encryption keys. The Customer-managed encryption keys alternative enables you to create and control your encryption keys using Google's Cloud Key Management Service. Both these server-side encryption options provide an additional layer of encryption above GCP's standard Cloud Storage encryption service.
In case you perform client-side encryption before sending your data to GCP Cloud Storage, your encrypted data will also be subject to server-side encryption.
Google Cloud Identity and Access Management (IAM) is Google's centralized platform for controlling access to network resources and assigning authority for users and services to access resources for a specified duration. Examples of Google Cloud resources are Compute Engine virtual machine instances and Cloud Storage buckets. Unified tools offer admins the ability to manage access rights for all services available within GCP. Google Cloud Identity and Access Management features high precision in creating policies to grant groups and users rights to access task-relevant resources while preventing access to non-essential resources.
With Google Cloud Identity and Access Management, policies are composed of roles; roles are made up of permissions; and permissions are assigned to resources. Users or groups are added to policies, and through the policy they gain access rights to the specific resources their roles provide. As an example of Google Cloud Identity and Access Management's role granularity, the Google Cloud Pub/Sub service can be accessed under a variety of usage right determined by whether a user or group has been given the role of Owner, Editor, Viewer, Publisher, or Subscriber.
Cloud Identity and Access Management policies are hierarchical, cascading down from the organization to projects and then to resources. You can define organization-wide policies, refine them for a given project, and refine them even more for a specific resource. You can define policies to individual resources, to a project, or at the organizational level. Policies you assign to an organization flow down to projects in the organization and from there resources within projects.
Additional flexibility in controlling resource permissions is offered by enabling admins to include context such as device security status, IP address, resource type, and time. You can manage permissions via the GUI interface of the web-based Cloud Console, through automation by using Cloud IAM methods, or through Google's gcloud CLI tool. Cloud IAM automatically creates a full audit trail to simplify regulatory compliance.
Cloud Identity and Access Management is included at no additional cost to all Google Cloud Platform customers.
Google Kubernetes Engine (GKE is a Docker container service for running containerized applications. Kubernetes was initially developed by Google to automate container orchestration and was offered as open source in 2014. Since that time Kubernetes has become the most popular platform for managing containerized applications.
Google Kubernetes Engine (GKE) is built on Google's Container-Optimized OS and supports Certified Kubernetes, ensuring workload compatibility with other Kubernetes products spanning cloud and on-premises networks. To streamline development, ready-to-go open-source deployment templates for commercial apps are offered on Google Cloud Marketplace.
The Migrate for Anthos tool, available for free with GKE, allows you to migrate and convert your applications easily from your current environment into GKE containers. These workloads can be physical servers and virtual machines located onsite, in GCP's Compute Engine, or in other clouds. GKE allows pod and cluster autoscaling for ongoing analysis of the processor and RAM usage of pods and for automatically adjusting processor and memory requests across multiple node pools.
Additional features of GKE include preemptible virtual machines, persistent storage, always-encrypted local solid-state drive block storage, global load balancing to optimize performance and availability, support for both Windows and Linux nodes, the ability to run stateless serverless containers via the Google Cloud Run service, and usage metering for granular insight into your Kubernetes clusters.
GKE is compliant with HIPAA and PCI DSS 3.1. For stronger security, GKE Sandbox provides an additional level of defense between containerized Google Kubernetes Engine workloads. GKE clusters offer integrated support for Kubernetes Network Policy to filter traffic by applying pod-level firewall policies. Private clusters in Google Kubernetes Engine can be confined to a private or public endpoint accessible only to distinct address ranges.
GKE is priced based on each GCP Compute Engine instance in a cluster. Usage of Google Compute Engine resources is billed on a per-second basis with a one-minute minimum usage charge.
Cloud AI Building Blocks allow software developers, even without machine learning (ML) backgrounds, to integrate Google's advanced AI technology into their applications. Core capabilities cover vision, language, and conversation. By using APIs, you can access Google's out-of-the-box models and avoid having to deal with developing your own datasets from scratch and training and testing your own models. As Google's catalog of pre-trained models grows in sophistication and size, you can immediately add state-of-the-art AI technology to your apps. Also, Google AutoML products provide the tools required to train, validate and deploy your custom domain-specific ML models. Developers can use any Google AI Building Block individually or in combination with other AI Building Blocks depending on your requirements.
For advanced imaging, Google Cloud AI Building Blocks include the AutoML Vision and Vision API services that help you to extract useful intelligence from image libraries. Both products use REST and RPC APIs and enable your application to discern objects and their position inside the image. AutoML Vision simplifies training for your home-grown machine learning (ML) models by providing an easy-to-use graphical interface. Once you refine your models for accuracy, latency and size, you can send them to the Google Cloud or to a variety of edge devices.
Google Cloud's Vision API provides programmatic access to Google's pre-trained machine learning models. You can rapidly classify images using Google's libraries of pre-trained labels. Vision API uses OCR technology to identify text, in more than 50 languages, contained within your images. Combined with Google's Document Understanding AI feature, you can benefit from the same machine learning technology that powers Google Search to extract actionable information from masses of free-form documents. You can detect web entities and pages, distinguish a face from other objects and notice facial characteristics, and recognize product logos and famous landmarks. You can also detect adult or violent content in images.
Google GCP's AutoML Video Intelligence and Video Intelligence API services, which provide a comparably extensive range of capabilities as Google's Vision products, make it simpler to mine value from video files.
Language Services
Language is Google's wheelhouse, and Google's stack of AI Building Blocks understandably includes a potent suite of products. Google GCP language services include:
Progent can assist you to decide which of your applications are appropriate for Google Cloud and can help you make your legacy apps cloud ready. Progent has helped clients assess the value of running Google Cloud SQL, using Google Cloud Dataproc for on-prem Hadoop, adopting Google Kubernetes Engine as a virtualization substitute, and deploying MongoDB Atlas on Google Cloud vs. local MongoDB. Progent can provide as-needed remote consulting expertise for small jobs to help you quickly overcome stubborn technical challenges or Progent can deliver comprehensive project management consulting services to make sure your GCP integration program is successfully carried out on schedule and on budget.
Among the most frequently encountered technical issues organizations face when integrating with GCP or other public cloud platform is reconfiguring firewalls and VPN connections to provide users with convenient but protected access to cloud resources. Progent offers the services of Cisco-certified CCIE network consultants and firewall specialists for security gateways from major suppliers like Cisco, Palo Alto Networks, Barracuda, SonicWall, and Fortinet to help you to configure or troubleshoot firewalls for accessing Google Cloud Platform. To accommodate mobile computing, Progent's iPhone and iPad technology consultants and Google Android integration experts can help you to configure and administer secure mobile endpoints for your Google Cloud users. Progent can work in concert with your internal technical team and Google's support engineers to mitigate GCP connectivity problems rapidly and economically.
Popular online consulting services provided by Progent to help businesses expand their networks with Google Cloud include:
Additional public clouds supported by Progent include:
Progent's Azure cloud integration experts can assist you with every phase of Microsoft Azure integration including needs analysis, prerequisites evaluation, system design, pre-production testing, implementation, centralized management, performance tuning, license controls, disaster recovery strategies, security planning, and regulatory compliance assessment. Progent can help you to configure and troubleshoot firewalls and VPN connections so that your clients can safely access to Azure services, and Progent's Microsoft-certified consultants can assist you integrate critical Microsoft technologies to run in the cloud including Windows Server, Exchange, SQL Server and SharePoint. Progent can also assist you to set up a hybrid ecosystem that transparently combines on-premises datacenters with Azure-based services.
Microsoft supports transparent hybrid networks that combine Microsoft 365 Exchange Online and on-premises installations of Exchange. This allows you to have certain mailboxes located at your corporate datacenter or private cloud and other mailboxes resident on Microsoft 365. Progent's Microsoft-certified Exchange consulting team can help you with any phase of designing, implementing and debugging your hybrid Microsoft 365/Exchange network. Progent's Exchange specialists can provide occasional expertise to help you through challenging technical issues and also offer extensive project management outsourcing or co-sourcing to ensure your hybrid Exchange initiative is successfully completed on schedule and within budget. To learn more about Progent's consulting services for hybrid Microsoft 365 Exchange and on-prem Exchange environments, see Exchange Online integration with on-premises Exchange.
Progent's certified Office and Microsoft 365 consultants can assist businesses of any size to integrate Office desktop and Microsoft 365 apps including Excel, Office Word, PowerPoint, Outlook, Microsoft Access, Project and Publisher into a cohesive solution that provides quick return on investment and promotes better business results. Progent can assist you to integrate Microsoft Office or Microsoft 365 apps with one another and with additional core Microsoft technologies such as SharePoint Server, Microsoft Exchange Server and Microsoft SQL Server deployed on-premises or in the cloud. Progent's consultants can also assist you to resolve compatibility issues with various versions of Office and can provide customized online Microsoft Office and Microsoft 365 instruction to individual users and groups.
Progent's Amazon Web Services (AWS) planning and integration consultants can provide cost-effective remote support to help companies of any size to access Amazon Web Services (AWS) cloud services including Elastic Compute Cloud (EC2) for virtual machine hosting, Amazon S3 for expandable cloud storage, and Amazon Glacier for low-cost long-term archiving. Progent can help you with every aspect of Amazon AWS integration including requirements analysis, readiness evaluation, system design and review, pilot testing, configuration, centralized administration, performance tuning, licensing management, backup/restore solutions, and security. Progent can provide advanced expertise with firewalls and VPN access and can help you deploy all-cloud or hybrid ecosystems that efficiently incorporate Amazon AWS services. Progent offers as-needed expertise or Progent can provide project management outsourcing services to help you migrate efficiently to the Amazon AWS cloud platform.
Amazon Marketplace Web Service is an integrated collection of APIs that allows Amazon sellers to streamline their business processes by automating crucial sales activities such as listings, orders, shipments, fulfillment, and finances. By leveraging Amazon's extensive online ecosystem and automating their sales, vendors can expand their reach, lower their operating costs, accelerate response time to customers, and add to their bottom line. Progent's Amazon Marketplace Web Service (Amazon MWS) consultants can work with your development staff and provide application programming, workflow integration, project management support, and mentoring to help you cut development time and speed up your return on investment.
Contact Progent for Google Cloud Integration Expertise
If you need assistance with any facet of integrating your network with Google Cloud Platform or any other public cloud service, call Progent at