Google Cloud Platform (GCP) is a leading suite of cloud computing services and offers Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (PaaS) features. GCP's share of the public cloud market trails only Amazon Web Services (AWS) and Microsoft Azure. Like these competitors, GCP uses the same massive infrastructure that supports its most popular online applications. In Google's case, these include Google Search and YouTube. The GCB cloud stack includes over 100 services that cover compute, storage, database management, networking, analytics, Big Data, machine learning, AI, identity and security, Internet of Things (IoT), and management tools.
Google Cloud Plarform uses the same global infrastructure as Google Search and YouTube
Progent has experience helping organizations of all sizes to plan, configure, test, tune, manage, and troubleshoot IT ecosystems that use a variety of network models including on-prem data centers, private clouds, one or multiple public clouds, or a hybrid mix of local and cloud-based resources. Progent can provide fast online or onsite access to seasoned experts who can assist you to assess the advantages and drawbacks of different network architectures and compare the feature set and pricing structure of Google Cloud Platform vs. alternative public cloud offerings.
Progent's certified Microsoft, Linux, and Cisco experts can help you integrate your current network infrastructure with the Google Cloud Platform, and Progent's database consultants can help make your business-critical applications cloud ready so they can take full advantage of GCP services. Progent can help you deploy virtual machines on GCP Compute Engine, design an efficient storage solution using GCP Cloud Storage services, and streamline identity management with GCP Cloud Identity. Progent can also help you use GCP's tools to manage and monitor your GCP environment so it continues to deliver maximum business value.
Key Services Available for the Google Cloud Platform
Google Cloud Platform offers more than 100 IaaS and PaaS services covering virtually all areas of information technology including compute, data and storage, networking, management, security, web, mobile, applications, and development. GCP services are available on a subscription basis. As with other public cloud services, you pay for what you use. Popular GCP products and services for which Progent offers advanced consulting and technical support include:
Compute Engine is an IaaS service for running Windows and Linux virtual machines in the cloud, comparable to Amazon EC2 or Azure Virtual Machines. Compute Engine VMs have seamless access to GCP block block storage and state-of-the-art network infrastructure. GCP offers three basic types of VMs in pre-defined or custom machine sizes. GCP's N2 type virtual machine is value priced and designed for general purpose applications like web hosting, business apps, and databases. The C2 type VM provides up to 60 virtual CPUs (vCPUs) for processor-intensive applications like electronic computer-aided design (ECAD) and simulations. Google's M2 type VM includes up to 11.5 TB of RAM for memory-intensive applications like in-memory databases or time-critical analytics. Google's sole-tenant node option provides a physical Compute Engine server for your exclusive use, which simplifies the deployment of bring-your-own-license scenarios.
Important features of the GCP Compute Engine include live VM migration, which keeps virtual machines working even during scheduled maintenance, and preemptible VMs, low-cost VM compute instances which last for up to 24 hours and are designed for running batch jobs that can be paused and resumed intermittently without impacting productivity. Other available features for GCP include always-encrypted local solid-state drive (SSD) block storage for high performance and security, graphics processing unit (GPU) accelerators that can be added to VM instances for CPU-intense applications like machine learning and 3D visualizations, global load balancing for maximizing performance and uptime at minimal cost, and Google Kubernetes Engine for managing and orchestrating Docker containers on Compute Engine VMs.
Pricing for Compute Engine services is based on per-second usage according to VM instances and types, disks and images, network usage, sole-tenant nodes, GPUs, plus other selected resources and usage patterns.
Google Cloud Storage is object storage that scales to exabytes of data. All data held in Google Cloud Storage are organized in containers known as buckets. GCP offers four classes of cloud storage, differentiated and priced according to the object's expected duration and access vs. at-rest ratio. As you move through the storage classes from Standard to Archive, access costs go up, at-rest costs go down, and minimum storage duration increases. GCP's storage classes allow you to manage costs by designing the optimal price/performance balance for your environment, and Google's Object Life Cycle Management feature allows you to automate the migration of storage objects from high-access to low-access classes over time. All classes feature worldwide accessibility, unlimited storage (but a maximum size limit of 5 TB for individual objects), no minimum object size, low latency, high durability, optional geo-redundancy, and a common set cloud security and management tools. A single API applies to all storage classes.
Standard Storage is the default class and is optimized for data accessed frequently (so-called "hot" storage) or stored only briefly. There is no minimum storage duration. For the best performance and lowest network charges, Standard Storage objects should reside in the same geographical location as the Compute Engine instances or the container clusters that use the data. Standard Storage offers the highest average availability across regions, dual-regions, and multi-regions. Nearline Storage is a low-cost storage option intended for data accessed only occasionally, ideally once per month or less. Examples of suitable use cases are periodic backup and archiving. At-rest costs are lower than with Standard Storage, but data access is more expensive, availability is marginally lower, and storage duration is a minimum of 30 days.
Coldline Storage offers very low storage costs for at-rest data and is suitable for scenarios where objects are accessed no more frequently than once a quarter. Minimum storage duration is 90 days, availability is marginally lower than with Standard and Nearline Storage, and access costs are relatively high. Archive Storage, which features the lowest at-rest storage costs and a minimum storage duration of one year, is the preferred storage class for data held exclusively for backup or archive purposes. Access costs for Archive Storage are the highest of any storage class.
Cloud Storage Encryption
GCP Cloud Storage always encrypts data on the server side prior to writing it to disk. In addition to this standard encryption, you can select other ways to encrypt your data. There are two server-side encryption options that cause data to be encrypted after arriving at Cloud Storage but before the data is stored to disk. The Customer-supplied encryption keys allows you to create and manage your own encryption keys. The Customer-managed encryption keys option allows you to generate and manage your encryption keys via Google's Cloud Key Management Service. Both these server-side encryption options create an additional layer of encryption above standard Cloud Storage encryption.
If you use client-side encryption before sending data to GCP Cloud Storage, your encrypted data will also undergo server-side encryption.
Google Cloud Identity and Access Management (IAM) is Goole's unified system for managing access to resouces and assigning permissions for users and services to access resources for a specified duration. Examples of GCP resources are Compute Engine instances and Cloud Storage buckets. Centralized and consistent tools give administrators control over access rights for all services available within the Google Cloud Platform. Cloud IAM offers fine granularity in creating policies to assign groups and users permissions to access task-relevant resources while blocking access to unnecessary resources.
With Cloud IAM, policies are made up of roles; roles are made up of permissions; permissions are assigned to resources. Users or groups are added to policies, and through the policy they gain access to the specific resources the roles give them. As an example of Cloud IAM's role granularity, the Cloud Pub/Sub service can be accessed with a variety of permissions depending on whether a user or group has been assigned the role of Owner, Editor, Viewer, Publisher, or Subscriber.
Cloud IAM policies are hierarchical, flowing down from the organization to projects and then to resources. You can establish organization-wide policies, refine them for a given project, and tune them for a specific resource. You can assign access policies to individual resources, to a project, or at organizational level. Policies assigned to an organization cascade down to projects in the organization and then to resources in those projects.
Cloud IAM's policy hierarchy provides flexibility for allowing or restricting access to resources
Further refinement in managing resource permissions is provided by allowing admins to factor in contextual attributes like device security status, IP address, resource class, and date/time. You can manage access rights by using the graphical interface of the web-based Google Cloud Console, via programming by using Cloud IAM methods, or through the gcloud command-line tool. Cloud IAM automatically creates a full audit trail to simplify compliance.
Cloud IAM is provided without extra cost to all GCP customers.
Google Kubernetes Engine (GKE) is a Docker container service for running containerized applications. Kubernetes was originally developed by Google to automate container orchestration and was made available as open source in 2014. Since then Kubernetes has become the leading platform for managing containerized workloads.
Google Kubernetes Engine GKE is powered by Google's Container-Optimized OS and runs Certified Kubernetes, ensuring workload portability to other Kubernetes platforms spanning cloud and on-premises environments. To accelerate development, prebuilt open-source deployment templates for commercial applications are available on Google Cloud Marketplace.
The Migrate for Anthos service, available for free with GKE, allows you to move and convert your workloads directly from your current infrastructure into GKE containers. These workloads can include physical servers and virtual machines located on-premises, in GCP's Compute Engine, or in third-party clouds. GKE supports pod and cluster autoscaling for continuously analyzing the CPU and memory usage of pods and dynamically adjusting CPU and memory requests across multiple node pools.
Other features of GKE include preemptible VMs, persistent disks, always-encrypted local solid-state drive (SSD) block storage, global load balancing to maximize performance and availability, support for both Windows Server and Linux nodes, the ability to run stateless serverless containers with the GCP Cloud Run service, and usage metering for fine-grained visibility into your Kubernetes clusters.
GKE is compliant with HIPAA and PCI DSS 3.1. For enhanced cyber security, GKE Sandbox delivers an additional layer of protection between containerized GKE workloads. GKE clusters offer native support for Kubernetes Network Policy to filter traffic by applying pod-level firewall policies. Private clusters in GKE can be limited to a private or public endpoint accessible only to specified address ranges.
GKE charges for each Google Compute Engine instance in a cluster. Compute Engine resources are billed on a per-second basis with a one-minute minimum usage cost.
Cloud AI Building Blocks allow developers, even without machine learning (ML) backgrounds, to incorporate Google's leading-edge AI capabilities into their applications. Core capabilities cover vision, language, and conversation. By using APIs you can access Google's pre-trained models and avoid having to deal with developing your own datasets and training your own models. As Google's library of pre-trained models expands, you can immediately add state-of-the-art AI technology to your apps. You can also train and deploy your own domain-specific custom machine learning models by using Google's Cloud AutoML products, which use Google's advanced transfer learning and neural architecture search technology. AI Building Blocks can be used individually or in combination, according to your business requirements.
Cloud AI Building Blocks let you add vision, language, and conversation capabilities to applications
As examples of AI Building Blocks, Google Cloud offers the AutoML Vision and Vision API products that help you derive useful intelligence from your images. Both products use REST and RPC APIs and allow your app to detect objects and their location within the image. AutoML Vision streamlines the training process for your home-grown machine learning models by providing an intuitive graphical interface. Once you optimize your models for accuracy, latency and size, you can export them to the cloud or to various edge devices.
Vision API offers programmatic access to pre-trained machine learning models. You can classify images using Google's giant libraries of predefined labels. Vision API uses OCR technology to identify text in over 50 languages embedded within images. Combined with Google's Document Understanding AI technology, you can use the same ML technology behind Google Search to extract actionable insights from masses of unstructured documents and to automate compliance workflows. You can detect web entities and pages, distinguish a face from other objects and detect facial attributes (but not facial recognition except for celebrities), and identify famous landmarks and product logos. You can also detect adult or violent content in images.
Google's AutoML Video Intelligence and Video Intelligence API products, which offer a similarly extensive range of features as the Vision products, make it easier to search and extract value from your video library.
Language is Google's wheelhouse, and Google's portfolio of AI Building Blocks predictably includes a potent arsenal of products. Language products include:
How Progent Can Help You with Google Cloud Platform Integration
- Cloud Translation API
This cloud service allows you to enhance web sites and programs with dynamic language translation capability powered by Google's pre-trained neural machine translation technology. Google offers a Basic and an Advanced version of the Translation API. Both versions use Google's pre-trained, generalized model and feature automatic language detection, an integrated REST API, seamless HTML support, and the ability to translate between more than 100 language pairs. The Advanced version of Cloud Translation API adds a customizable glossary to preserve your branding in translated copy, batch translation support in Google Cloud Storage, the ability to use (but not create) custom AutoML Translation models, and an integrated gRPC API. The Cloud Translation service charges on a per-character basis.
- AutoML Translation
This machine learning tool allows you to create a custom translation model by training it using your own prepared dataset. The dataset consists of matching pairs of sentences in the source and target languages. AutoML Translation applies statistical analysis to the items from your dataset to train the model, test it, and evaluate its performance. After you review the results of your model, you can modify your dataset and train a new model until you are satisfied with the outcome. You can build custom translation models in over fifty language pairs. Pricing for using AutoML Translation are based on the hours of training required and the number of characters you submit for translation.
- Cloud Natural Language API
Google's Natural Language API uses a suite of pre-built machine learning models to help you understand the meaning and structure of documents. A content classification model identifies content categories within a document, such as architecture, finance, or sports; an entity analysis model identifies and labels common known entities referenced in the document, such as product, company, or public figure); a sentiment analysis model evaluates the positive or negative attitude of the author expressed in the document and the magnitude of emotion; an entity sentiment analysis model combines entity analysis and sentiment analysis by identifying known entities within a document and determining the positive or negative attitude and the magnitude of emotion expressed in relation to those entities; a syntactic analysis model extracts structural information by breaking text up into sentences and tokens (words), which are further broken down into parts of speech and roots. Each API detects the language of the target text if it is not specified. The Natural Language API is a REST API and involves JSON requests and responses. Text to be analyzed can be embedded in the request or stored on Google Cloud Storage.
- AutoML Natural Language
AutoML Natural Language allows you to create and refine Natural Language models for classification, entity extraction, and sentiment analysis that are customized for your organization. For example, a custom sentiment analysis model designed by an airline could learn that a reference to lost baggage in a tweet reflects a negative sentiment. Google's AutoML Natural Language makes it easy to build a dataset, use the dataset to train a model, test the resulting model, and refine the dataset until the resulting model is ready for production.
This natural language understanding platform allows you to create a conversational interface so your application or product can interact with your users by voice. You can add this capability to a mobile app, website, device, interactive voice response system, or any other scenario that could be enhanced with voice interaction. Dialogflow can analyze text or audio inputs and can respond via text or synthetic speech. Dialogflow can recognize a user's intent and extract prebuilt entities including time, date, and numbers. You can also train your agent to identify your own custom entity types by providing small sample datasets, or you can use more than 40 out-of-the-box agents as templates. The commercial editions of Dialogflow are priced based on audio/phone time, character count, and query volume.
- Cloud Text-to-Speech
This easy-to-use API converts text or Speech Synthesis Markup Language (SSML) to high-fidelity, natural-sounding speech in over 30 languages and more than 180 voices. Cloud Text-to-Speech supports any application or device capable of sending REST or gRPC requests. This includes phones, desktop PCs, tablets, and IoT devices such as cars, TVs, and speakers. Supported audio formats include mp3, Linear16, and Ogg Opus. You can use SSML tags in order to add pauses, numbers, date and time formatting, and other instructions. Cloud Text-to-Speech is priced per million characters of text processed.
This API gives developers access to advanced automatic speech recognition (ASR) technology powered by Google's continually refined deep-learning neural network algorithms. Google Speech-to-Text can translate streaming audio in real time and can be optimized to support various sampling rates for phones, video, or voice commands/search. The API supports 120 languages and can identify what language is spoken from a list of up to four. You can specify a maximum of 5,000 words or phrases that pertain to your organization, such as the names of products or partners. The technology can automatically capitalize names and places and convert spoken numbers into addresses, dates, phone numbers, and currencies. Video transcription includes punctuation and with the speaker diarization feature can distinguish among multiple talkers in a conference. Noise cancellation is built in, and for some languages you can filter out inappropriate language. Supported encodings include FLAC, AMR, PCMU, and Linear-16. Pricing is time based.
If you want to integrate your network with Google Cloud Platform, whether as a cloud-centric environment or as a hybrid on-premises/cloud solution, Progent can help you to evaluate the advantages of GCP compared to other public clouds or alternative networking models. Progent can assist you with every stage of a migration to GCP including requirements analysis, readiness assessment, solution architecture, pilot testing, implementation, management automation, performance tuning, license management, disaster recovery strategies, security planning, and regulatory compliance validation.
Progent can help you decide which of your applications are appropriate for GCP and can help you make your legacy applications cloud ready. Progent has experience helping clients evaluate running Cloud SQL as a replacement for hundreds of MySQL databases, Google Dataproc for on-premises Hadoop, Google Kubernetes Engine as a virtualization replacement, and MongoDB Atlas on GCP vs. local MongoDB. Progent can provide on-demand remote consulting expertise for small tasks to help you quickly overcome technical hurdles or Progent can deliver end-to-end project management outsourcing or co-sourcing services to ensure your GCP integration initiative is successfully completed on time and within budget.
Among the most common technical problems organizations run into when migrating to Google Cloud Platform or other public clouds is reconfiguring firewalls and VPN tunnels to provide users with secure access to cloud resources. Progent can provide the services of Cisco-certified CCIE network consultants and firewall experts for security appliances from major vendors like Palo Alto Networks, Barracuda, Fortinet, Cisco, SonicWall, WatchGuard, and Check Point to help you set up or debug firewalls for connecting to GCP. To support BYOD computing, Progent's iPhone and iPad technology consultants and Android integration experts can help you integrate and manage secure mobile endpoints for your GCP users. Progent can set up remote access to your GCP computers and work in concert with your in-house technical staff and Google's support engineers to resolve GCP integration problems quickly and affordably.
Examples of online consulting services offered by Progent to help businesses integrate their networks with Google Cloud Platform include:
Additional Cloud Integration Services Available from Progent
- Review hybrid system design for Google Compute Engine Virtual Machines and GCP Cloud Storage
- Build and test virtual machine images for Windows or Linux servers and applications
- Configure, update and troubleshoot VPN tunnels for access to GCP
- Configure and troubleshoot firewalls from Cisco, Palo Alto Networks, Fortinet, Barracuda, WatchGuard, and others
- Set up and debug endpoints
- Set up and verify security policies
- Resolve IP addressing issues
- Manage costs for GCP Cloud Storage
- Tune query performance on Cloud SQL
- Automate software license management
- Resolve certificate issues
A growing selection of public cloud services compete with or complement Google Cloud Platform and the range and capability of cloud services is evolving quickly. For a variety of reasons, many enterprises favor network architecture that incorporates multiple public clouds as well as on-premises resources. Progent can help you assess the business benefits of the major public cloud offerings and can help you integrate and manage IT ecosystems that incorporate an assortment of public and private clouds and physical datacenters.
Other public cloud platforms supported by Progent include:
Progent's Azure cloud planning and integration consultants can help you with any stage of Azure cloud integration including needs definition, prerequisites evaluation, solution design, pilot testing, deployment, automated administration, performance tuning, license management, disaster recovery strategies, security policy enforcement, and compliance assessment. Progent can help you to configure and debug firewall appliances and VPN connections so your users can safely connect to Azure resources, and Progent's Microsoft-certified consulting experts can assist you set up key Microsoft platforms to work in the cloud including Windows Server, Exchange Server, SQL and Skype for Business. Progent can also help you to set up a hybrid ecosystem that transparently integrates on-premises datacenters with Azure-based resources.
Microsoft supports transparent hybrid environments that integrate Office 365 and on-premises Exchange deployments. This permits you to have certain mailboxes located at your corporate datacenter and other mailboxes resident on Office 365. Progent's Microsoft-certified Exchange consulting team can help your organization with any phase of designing, implementing and troubleshooting your hybrid Office 365/Exchange network. Progent's Exchange consultants can provide as-needed support to help you resolve stubborn technical problems and also offer comprehensive project management outsourcing to ensure your hybrid Office 365 initiative is carried out on time and within budget. To learn more about Progent's consulting support for hybrid Office 365 and on-premises Exchange systems, visit Office 365 Exchange Online integration solutions with on-premises Exchange.
Progent's certified Office and Office 365 consultants can help companies to incorporate Microsoft Office desktop and Microsoft Office 365 apps such as Office Excel, Word, PowerPoint, Outlook, Microsoft Access, Project and OneNote into a cohesive solution that provides quick return on investment and promotes improved business outcomes. Progent can help your company to integrate Office or Office 365 apps with each other and with additional key Microsoft platforms such as SharePoint, Microsoft Exchange Server and SQL Server deployed on-premises or hosted in the cloud. Progent can also help you to resolve compatibility issues with different versions of Office and can provide customized online Microsoft Office and Office 365 instruction to individuals and groups.
Progent's Amazon Web Services (AWS) planning and integration consultants offer cost-effective remote consulting to assist companies of any size to integrate Amazon AWS cloud services such as Amazon EC2 for virtual server hosting, Amazon S3 for expandable high-performance storage, and Amazon Glacier for low-cost archival storage. Progent can help your IT team with every phase of Amazon AWS integration including needs analysis, preparedness evaluation, architectural design, testing, configuration, centralized administration, performance tuning, licensing management, disaster recovery solutions, and security and compliance. Progent offers advanced expertise with firewall configuration and VPN connections and can show you how to create cloud-centric or hybrid networking models that seamlessly incorporate Amazon AWS services. Progent offers occasional expertise or Progent can deliver project management outsourcing to help you move smoothly to the Amazon AWS cloud platform.
Amazon Marketplace Web Service is an integrated collection of APIs that allows Amazon sellers to streamline their operations by automating crucial sales functions such as listings, orders, payments, inbound and outbound fulfillment, and finances. By leveraging Amazon's vast online ecosystem and automating their sales, vendors can expand their market, lower their cost of sales, accelerate reaction time to customers, and add to their profits. Progent's Amazon Marketplace Web Service developers can work with your development staff and provide application programming, workflow integration, project management support, and mentoring to help you cut development time and costs and expedite your ROI.
Contact Progent for Google Cloud Integration Consulting
If you need help with any aspect of integrating your network with Google Cloud Platform or other public cloud service, call Progent at 800-993-9400 or visit Contact Progent.