Search icon CANCEL
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Architecting Google Cloud Solutions

You're reading from   Architecting Google Cloud Solutions Learn to design robust and future-proof solutions with Google Cloud technologies

Arrow left icon
Product type Paperback
Published in Apr 2021
Publisher Packt
ISBN-13 9781800563308
Length 472 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Victor Dantas Victor Dantas
Author Profile Icon Victor Dantas
Victor Dantas
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface 1. Section 1: Introduction to Google Cloud
2. Chapter 1: An Introduction to Google Cloud for Architects FREE CHAPTER 3. Chapter 2: Mastering the Basics of Google Cloud 4. Section 2: Designing Great Solutions in Google Cloud
5. Chapter 3: Designing the Network 6. Chapter 4: Architecting Compute Infrastructure 7. Chapter 5: Architecting Storage and Data Infrastructure 8. Chapter 6: Configuring Services for Observability 9. Chapter 7: Designing for Security and Compliance 10. Section 3: Designing for the Modern Enterprise
11. Chapter 8: Approaching Big Data and Data Pipelines 12. Chapter 9: Jumping on the DevOps Bandwagon with Site Reliability Engineering (SRE) 13. Chapter 10: Re-Architecting with Microservices 14. Chapter 11: Applying Machine Learning and Artificial Intelligence 15. Chapter 12: Achieving Operational Excellence 16. Other Books You May Enjoy

Securing networks

Networking plays a fundamental role in securing your infrastructure. A network designed to be open and permissive is what allows attackers to move laterally and penetrate further into systems once they get in. In Chapter 3, Designing the Network, we discussed the concept of zero trust security. The main point to remember is that you should always assume a breach, making design decisions that protect your infrastructure when a breach happens. What that means for networks is that you should always ensure traffic is implicitly denied, while only specific IP addresses and network ports are allowed in the firewall on an as-needed basis. Another way to frame this is to assume each network request in the environment is coming from a compromised server or an open, untrusted public network. What can you do to minimize the impact such requests can have? Isolation and firewalling.

Isolating networks by design

Start by isolating different environments (for example, development...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime