<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1870732089876948&amp;ev=PageView&amp;noscript=1">

Building your hybrid cloud: design considerations for networking & security

Organizations are taking advantage of hybrid cloud for a variety of reasons, but there are a few popular ones that we see across many different industries, including efficiency in workload management which leads to cost savings. The mixture of private and public cloud allows you to customize your environment so you are using your best resources where you need them most.

Designing a secure hybrid cloud network on Google Cloud Platform (GCP) is straightforward. This post is intended to be a decision-making guide for the 3 key decisions:

  1. Connectivity
  2. Service controls
  3. Logging and monitoring

Connectivity

ProsCons

Most GCP customers choose the Partner Interconnect for their Data Center to Cloud connection. For remote office, branch, and store connectivity, clients choose VPN. The promise of HA VPN in 2020 may affect the interconnect customers.

Service Controls

Google’s ‘Defense in depth’ security enables robust access control at multiple levels:

Defense-in-depth-network-security

Core minimal starter recommendation:

Control-settings

Logging & Monitoring

Automatic growth in storage and granular object life cycle management to control costs means you can configure GCP to be the ‘single pane of glass’ for all logging for all sources.

logging-on-premises-resources-with-stackdriver-and-blue-medora-1-logging-architecture-bindplane

Key recommendations:

  1. Configure stackdriver logging api to consume logs from on-prem devices, system stdout, windows event logs, etc.
  2. Configure logging exports to Cloud Storage with Object Lifecycle Management (OLM) to move logs to nearline after 90 days and coldline after 1 year
  3. Configure logging exports to BigQuery and create views for rapid analysis
  4. Connect DataStudio to BigQuery to enable rapid ad-hoc incident query and analysis

Hopefully these recommendations and extra insight help you along your hybrid cloud journey. For more insights and expertise check out how Cloudbakers is helping other organizations customize their own cloud environements. 

Originally published on December 31, 2019

If you enjoyed this post, please consider sharing

Want more tech tips?
Subscribe to our IT Superhero Newsletter!