Organizations are taking advantage of hybrid cloud for a variety of reasons, but there are a few popular ones that we see across many different industries, including efficiency in workload management which leads to cost savings. The mixture of private and public cloud allows you to customize your environment so you are using your best resources where you need them most.
Designing a secure hybrid cloud network on Google Cloud Platform (GCP) is straightforward. This post is intended to be a decision-making guide for the 3 key decisions:
- Service controls
- Logging and monitoring
Most GCP customers choose the Partner Interconnect for their Data Center to Cloud connection. For remote office, branch, and store connectivity, clients choose VPN. The promise of HA VPN in 2020 may affect the interconnect customers.
Google’s ‘Defense in depth’ security enables robust access control at multiple levels:
Core minimal starter recommendation:
Logging & Monitoring
Automatic growth in storage and granular object life cycle management to control costs means you can configure GCP to be the ‘single pane of glass’ for all logging for all sources.
- Configure stackdriver logging api to consume logs from on-prem devices, system stdout, windows event logs, etc.
- Configure logging exports to Cloud Storage with Object Lifecycle Management (OLM) to move logs to nearline after 90 days and coldline after 1 year
- Configure logging exports to BigQuery and create views for rapid analysis
- Connect DataStudio to BigQuery to enable rapid ad-hoc incident query and analysis
Hopefully these recommendations and extra insight help you along your hybrid cloud journey. For more insights and expertise check out how Cloudbakers is helping other organizations customize their own cloud environements.Originally published on December 31, 2019