
GCP Networking
Refer to this link for public cloud FAQ's.
Resource in GCP
Global
-
Can be accessed by any other resource, across regions and zones
-
Creating VPC is a global operation because a network is a global resource
-
Different from AWS and Azure because the VPC and routing is global, not within a region
Regional
-
Can be accessed only by resources in the same region
-
Reserving an IP address is a regional operation
Zonal
-
Can be accessed only by resources in the same zone
-
Disks can be attached to computers in the same zone
GCP Projects
-
Projects are the fundamental organizational structure
-
GCP resources must belong to a project
-
Made up of settings, permissions, and other metadata that describe applications
-
Contains the computing, storage, and networking resources
-
A project can’t access other projects resources unless you use
-
Shared VPC
-
VPC Network Peering
-
Basic GCP Network Components
-
GCP Regions and Zones
-
VPC/Subnets
-
VPC Peering
-
Implicit Routing
-
VPN Gateway
VPC Network
-
Global Routing:
-
VPC is a global resource
-
All the subnets irrespective of region are inherently routable within a VPC
-
-
Subnets/CIDR are a regional resource
-
Projects can contain multiple VPC networks
Routes in GCP
-
Routes created by GCP for users are system generated routes
-
Default route
-
Subnet gateway
-
-
User Defined Route
-
Static Routing
-
Dynamic Routing
-
Transit (Inter-VPC) Networking
-
Lacks native transit solution to interconnect VPC’s
-
VPC peering preferred
-
Preaching single VPC
-
-
VPC Peering
-
Same qualities as other CSP’s
-
All preprogrammed routes from the two VPC’s are announced to each other
-
Used to connect multiple VPC’s
-
Non-transitive
-
Cloud Interconnect
-
Connect your On-Prem network to your VPC network through a private connection
-
Limitation: Not encrypted
-
Dedicated Interconnect
-
Enables users to connect existing network to the VPC network through a highly available, low latency, enterprise grade connection
-
-
Hi Everyone/Aviatrix team,
In video lectures it is mentioned that Azure native firewall do not have support for DPI, IDS or IPS but on azure website they it says it has IDS and IPS support. please refer the link below.
What should be our answer if the question comes on support of IDS and IPS feature of Azure native firewall?