Google Cloud Platform (GCP) is a popular set of cloud services that offers Infrastructure-as-a-Service and Platform-as-a-Service products. Google Cloud's share of the public cloud sector trails only Amazon AWS and Microsoft Azure. As with vendors, Google Cloud uses the same extensive infrastructure that supports its core online applications. In Google's case, these include Google Search and YouTube. The GCB cloud stack has more than 100 products related to compute, data storage, database management, networking, business analytics, Big Data, machine learning (ML), artificial intelligence, identity, security, IoT, and centralized management.
Progent has experience assisting businesses of all sizes to design, deploy, test, administer, and troubleshoot IT ecosystems that use a variety of network models such as on-premises data centers, private clouds, one or multiple public clouds, or a hybrid combination of onsite and cloud infrastructure. Progent offers quick online or onsite access to high-level consultants to help you to evaluate the potential benefits and drawbacks of possible network architectures and understand the services and pricing structure of Google Cloud Platform vs. alternative cloud offerings.
Progent's Microsoft, Linux, and Cisco experts can help your organization to expand your existing network infrastructure with the Google Cloud, and Progent's database management consultants can help make your business-critical applications cloud capable so they can take full advantage of GCP services. Progent can assist you to deploy virtual machines on GCP Compute Engine, design a cost-effective storage system using GCP Cloud Storage services, and simplify identity management with Google Cloud Identity. Progent can also assist you to utilize GCP's unified tools to administer and monitor your GCP Cloud ecosystem so it consistently delivers maximum business value.
Popular Services Available for the Google Cloud
Google Cloud Platform has more than 100 Infrastructure-as-a-Service and Platform-as-a-Service services addressing nearly all facets of IT including processing, data storage, database management, networking, administration, security, web, mobility, and application development. GCP services are available on a subscription basis. As with other public cloud services, you pay for what you use. Popular GCP services for which Progent can provide advanced consulting and debugging include:
Compute Engine is an IaaS service for running Windows and Linux VMs in the cloud, comparable to Amazon EC2 or Azure Virtual Machines. Compute Engine virtual machines have transparent access to Google Cloud block storage and advanced infrastructure. GCP Compute Engine offers three classes of VMs in your choice of standard or custom sizes. GCP's N2 type VM is affordably priced and intended for common applications such as web hosting, business apps, and databases. The C2 type virtual machine supports up to 60 virtual CPUs for compute-intensive apps like electronic computer-aided design (ECAD) and simulations. GCP's M2 type virtual machine includes up to 11.5 TB of memory for memory-intensive apps such as in-memory databases or time-critical analytics. GCP's sole-tenant node option features a physical Compute Engine server dedicated to your exclusive use.
Important benefits of the GCP Compute Engine include live VM migration, which keeps virtual machines working even while undergoing scheduled maintenance, and preemptible VMs, low-cost virtual machine compute instances which last for up to 24 hours and are designed for executing batch operations that can be paused and resumed intermittently without impacting operations.
Other available benefits for GCP Compute Engine include:
Google Cloud Storage is object storage that scales to exabytes of data. Data held in Google Cloud Storage are organized in containers referred to as buckets. GCP offers four types of cloud storage, distinguished and priced based on the object's expected longevity and its busy/dormant ratio. As you move along the storage types from Standard to Archive, access expense go up, at-rest expense go down, and minimum storage duration increases. GCP's storage classes make it possible to manage costs by designing the appropriate price/performance balance for your environment, and Google's Object Life Cycle Management feature allows you to automate the migration of storage objects from high-access to low-access classes as they age. All classes feature worldwide accessibility, unlimited storage (but a size limit of 5 TB for any given object, no minimum object size, low latency, optional geo-redundancy, and a common suite of cloud security and management tools. One API works with all storage types.
Standard Storage is Google Cloud's default class and is optimized for so-called "hot" storage used frequently or stored only for short periods. There is no minimum storage duration. For the highest speed and least network fees, Standard Storage data should be kept in the same geographical region as the VM instances or the container clusters that use the objects. Standard Storage delivers the top average availability across regions, dual-regions, and multi-regions. Nearline Storage is a low-priced storage type designed for objects accessed only occasionally, preferably around once per month. Examples of suitable use cases are periodic backup and archiving. At-rest costs are less than with GCP's Standard Storage, but access is more expensive, availability is slightly lower, and storage duration is a minimum of 30 days.
Coldline Storage provides very low storage pricing for dormant data and is designed for scenarios where data are accessed less than once a quarter. Minimum storage duration is 90 days, availability is marginally lower than with Google's Standard and Nearline Storage services, and data access costs are comparatively high. GCP's Archive Storage, which features the lowest at-rest storage pricing and a minimum storage duration of one year, is the best storage service for data kept only for backup or archive scenarios. Data access costs for Archive Storage are the highest of any Google storage type.
Cloud Storage Encryption
Google Cloud Storage always encrypts data on the server end before placing it on disk. Added to this routine encryption process, you can choose more ways to encrypt your data. Google Cloud offers two supplemental server-side encryption options that cause objects to be encrypted after making it to Cloud Storage but before being stored to disk. The Customer-supplied encryption keys allows you to supply and control your own encryption keys. Google's Customer-managed encryption keys option allows you to generate and manage your encryption keys via Google's Cloud Key Management Service. Both these server-side encryption services create an additional layer of encryption above Google's default Cloud Storage encryption service.
If you perform client-side encryption before sending your data to Google Cloud Storage, your encrypted data will also be subject to Google's server-side encryption.
Google Cloud Identity and Access Management (IAM) is Google's centralized platform for managing access to resources and granting authority for users and services to use network resources for a specified period of time. Examples of Google Cloud resources are Compute Engine virtual machine instances and Cloud Storage buckets. Centralized tools offer admins the ability to manage access rights for all services within the Google Cloud Platform. Google Cloud IAM features high precision in creating policies to grant groups and users permissions to access task-relevant resources while blocking access to unnecessary resources.
With Cloud IAM, policies are made up of roles; roles are based on permissions; and permissions are assigned to resources. Users or groups are assigned to policies, and through the policy they are given access rights to whatever resources the roles give them. As an example of Cloud Identity and Access Management's role granularity, the Cloud Pub/Sub service can be accessed with a variety of usage right depending on whether a user or group has been given the role of Owner, Editor, Viewer, Publisher, or Subscriber.
Google Cloud Identity and Access Management policies are hierarchy-based, flowing downward from the organization to projects and then to resources. You can define organization-wide policies, refine them for a given project, and refine them further for a given resource. You can define policies to specific resources, to a project, or at the organizational level. Policies you assign to an organization flow down to projects in the organization and then to resources within projects.
Additional refinement in managing resource permissions is provided by enabling administrators to factor in context like device security status, IP address, resource type, and time. You can manage permissions via the graphical interface of the web-based Cloud Console, via programming by using Cloud IAM methods, or through the gcloud command-line tool. Cloud IAM automatically creates a full audit trail to simplify compliance.
Cloud IAM is provided at no extra cost to all GCP licensees.
Google Kubernetes Engine (GKE is a container service for running containerized apps. Kubernetes was originally developed by Google to automate Docker container orchestration and was offered as open source at the end of 2014. Since that time Kubernetes has grown to be the most popular platform for managing containerized workloads.
Google Kubernetes Engine (GKE) is built on Google's Container-Optimized OS and runs Certified Kubernetes, allowing workload portability to other Kubernetes platforms spanning cloud and local environments. To streamline software development, ready-to-go open-source deployment templates for commercial applications are available on Google Cloud Marketplace.
The Migrate for Anthos tool, offered for free with GKE, enables you to move and port your applications directly from your current infrastructure into Google Kubernetes Engine containers. These workloads can be physical servers and VMs situated onsite, in Google's Compute Engine, or in third-party clouds. GKE allows pod and cluster autoscaling for continuous analysis of the processor and RAM usage of pods and for dynamically adjusting processor and memory requests across node pools.
Other features of Google Kubernetes Engine include preemptible virtual machines, persistent storage, always-encrypted local solid-state drive (SSD) block storage, global load balancing to maximize speed and availability, compatibility with both Windows and Linux nodes, the ability to run stateless serverless containers via the GCP Cloud Run service, and usage metering for granular insight into your Kubernetes clusters.
Google Kubernetes Engine is compliant with HIPAA and PCI DSS 3.1. standards. For stronger cybersecurity, GKE Sandbox delivers an extra layer of protection between containerized GKE workloads. Google Kubernetes Engine clusters offer native support for Kubernetes Network Policy to filter traffic by applying pod-level firewall policies. Private clusters in Google Kubernetes Engine can be confined to a private or public device accessible only to specified addresses.
Google Kubernetes Engine is priced based on each Google Compute Engine instance in a cluster. Use of GCP Compute Engine resources is priced on a per-second basis with a one-minute minimum charge.
Cloud AI Building Blocks allow developers, even with little or no machine learning (ML) backgrounds, to integrate Google's leading-edge AI technology into their applications. Core capabilities cover vision, language, and speech. By using Google's APIs, you can access Google's out-of-the-box AI models and avoid having to hassle with developing your own datasets from scratch and training your own models. As Google's library of pre-trained models grows in sophistication and size, you can quickly add state-of-the-art AI technology to your apps. Also, Google AutoML products give you the tools required to train, validate and deploy your custom domain-specific machine learning models. Developers can use any Google AI Building Block by itself or in any combination with other AI tools depending on your business requirements.
For AI-enhanced imaging, Google GCP Cloud AI Building Blocks offer the AutoML Vision and Vision API products that allow you to extract useful intelligence from image libraries. Both products include REST and RPC APIs and allow your app to discern objects and their location within the image. AutoML Vision streamlines the training process for your custom machine learning (ML) models by offering an intuitive graphical interface. Once you optimize your models for accuracy, speed and size, you can send them to the Google Cloud or to various edge devices.
Vision API offers integration with Google's pre-trained machine learning models. Developers can quickly classify images using Google's libraries of expertly trained labels. Google Cloud's Vision API uses OCR technology to detect text, in more than 50 languages, contained anywhere within images. Combined with Google's Document Understanding AI feature, you can use the same ML technology that powers Google Search to derive actionable information from masses of free-form documents. You can detect web entities and pages, distinguish a face from other items and detect facial characteristics, and identify product logos and popular landmarks. You can also detect mature or violent content within images.
Google Cloud's AutoML Video Intelligence and Video Intelligence API services, which provide a similarly extensive range of capabilities as Google's Vision products, make it simpler to derive value from video files.
Language Products
Language is Google's strong suit, and Google's portfolio of AI Building Blocks understandably includes a rich arsenal of products. Google GCP language products include:
Progent can assist your organization to decide which of your applications are appropriate for Google Cloud and can show you how to make your legacy apps cloud ready. Progent has helped clients assess the value of running Google Cloud SQL, using Google Cloud Dataproc for on-premises Hadoop, adopting Google Kubernetes Engine as a virtualization replacement, and deploying MongoDB Atlas on GCP vs. on-premises MongoDB. Progent can deliver as-needed remote consulting expertise for small jobs to help you quickly overcome stubborn technical hurdles or Progent can deliver comprehensive project management outsourcing services to make sure your GCP integration program is successfully completed on time and within budget.
Some of most frequently encountered technical obstacles businesses face when integrating with GCP or other public cloud is setting up firewalls and VPN connections to give users easy but protected access to cloud resources. Progent offers the services of Cisco-certified CCIE network infrastructure engineers and firewall specialists for security appliances from major suppliers such as Cisco, Palo Alto Networks, Barracuda, WatchGuard, and Fortinet to assist you to configure or troubleshoot firewalls for connecting to Google Cloud. To support mobile computing, Progent's iPhone and iPad technology consultants and Google Android integration experts can assist you to configure and manage protected mobile devices for your Google Cloud users. Progent can work in conjunction with your internal IT team and Google's support engineers to resolve GCP integration problems rapidly and economically.
Popular remote consulting expertise provided by Progent to help organizations expand their networks with GCP include:
Additional public clouds supported by Progent include:
Progent's Microsoft Azure planning and integration experts can help you with every aspect of Microsoft Azure integration including requirements definition, readiness evaluation, solution design, pre-production testing, implementation, automated management, performance tuning, software license controls, disaster recovery preparedness, security policy enforcement, and regulatory compliance validation. Progent can assist your IT staff to set up and debug firewalls and VPN tunnels so that your clients can safely connect to Azure-based services, and Progent's Microsoft-certified consulting experts can help you integrate key Microsoft technologies to run in Azure including Windows Server, Exchange Server, SQL and Skype for Business. Progent can also help your organization to set up a hybrid environment that seamlessly integrates on-premises datacenters with Azure resources.
Microsoft has made a strong effort to enable transparent hybrid networks that combine Microsoft 365 Exchange Online and local Exchange deployments. This permits you to have specific mailboxes located at your corporate datacenter or private cloud and other mailboxes resident on Microsoft 365. Progent's certified Exchange consulting team can help you with any phase of designing, implementing and debugging your hybrid Microsoft 365/Exchange solution. Progent's Exchange specialists can provide as-needed expertise to help you through stubborn technical bottlenecks and also offer comprehensive project management outsourcing or co-sourcing to make sure your hybrid Exchange solution is successfully completed on time and on budget. For more information about Progent's online consulting expertise for hybrid Microsoft 365 Exchange and on-prem Exchange environments, visit Microsoft 365 Exchange Online integration with on-prem Exchange.
Progent's certified Office and Microsoft 365 experts can help companies of any size to integrate Office desktop and Microsoft 365 apps including Office Excel, Office Word, PowerPoint, Microsoft Outlook, Microsoft Access, Project and OneNote into a cohesive productivity solution that provides fast return on investment and promotes improved business outcomes. Progent can help you to integrate Microsoft Office or Microsoft 365 apps with one another and with additional key Microsoft technologies including SharePoint Server, Exchange Server and SQL Server deployed on-premises or hosted in the cloud. Progent can also help you to resolve compatibility issues with various versions of Microsoft Office desktop and can provide live online Office and Microsoft 365 training to individual users or teams.
Progent's Amazon AWS cloud planning and integration consultants can provide cost-effective online support to help companies of any size to integrate Amazon Web Services (AWS) cloud services such as Amazon EC2 for virtual server hosting, Amazon S3 for scalable high-performance storage, and Glacier for value-priced archival storage. Progent can help your IT team with every phase of Amazon AWS integration including needs analysis, preparedness evaluation, system design and review, pilot testing, configuration, administration, performance tuning, licensing management, disaster recovery solutions, and security and compliance. Progent can provide advanced expertise with firewalls and VPN connections and can show you how to deploy all-cloud or hybrid networking models that seamlessly incorporate Amazon AWS cloud services. Progent can provide occasional support or Progent can provide comprehensive project management outsourcing to help you migrate efficiently to the Amazon AWS cloud.
Amazon Marketplace Web Service (Amazon MWS) is an integrated collection of APIs that allows Amazon sellers to improve the efficiency of their business processes by automating crucial sales activities such as listings, orders, shipments, fulfillment, and reports. By leveraging Amazon's vast online ecosystem and automating their sales processes, merchants can expand their market, reduce their operating costs, improve response time to customers, and increase their bottom line. Progent's Amazon Marketplace Web Service (Amazon MWS) consultants can work with your development staff and provide application programming, workflow integration, project management support, and training so you can cut development time and get to market quickly.
Contact Progent for Google Cloud Platform Integration Expertise
If you are looking for help with any aspect of integrating your IT system with Google Cloud Platform or other public cloud platform, call Progent at