Networking overview

Connect your networks and workloads, load balance traffic, and secure your network.

Explore networking in Google Cloud

Read documentation and Cloud Architecture Center articles about networking products, capabilities, and procedures.

Virtual Private Cloud (VPC) overview

Deploy and connect resources in a virtual version of a physical network that is implemented inside of Google's production network.

Choosing a Network Connectivity product

Choose how to connect your other networks to Google Cloud.

Choose a load balancer

Choose a load balancer for your workload.

Network Intelligence Center

Observe, monitor, and troubleshoot your Google Cloud network and project resources using a single console. Reduce the risk of outages and ensure security and compliance.

Networking planning resources

Plan your networking approach with resources across a variety of networking topics. (Goes to Architecture Center.)

Planning best practices and reference architectures for Virtual Private Cloud design

Planning guide for cloud network architects and system architects who are familiar with Google Cloud networking concepts.

Hybrid and multicloud planning resources

Planning resources across a wide variety of hybrid and multicloud subjects. (Goes to Architecture Center.)

Training, blog articles, and more

Go to training courses, blog articles, and other related resources.

Networking news, updates, and best practices

View news, updates, and best practices for Google Cloud networking products and services. (Goes to Google Cloud blog.)

Network engineer learning path

Study configuring, maintaining, and troubleshooting network components of your cloud-based infrastructure. (Goes to Skills Boost Training.)

Network engineer certification

Get certified as a Google Cloud network engineer. (Goes to Google Cloud home.)

Networking products by use case

Expand sections or use the filter to find products and guides for typical use cases.

Connectivity

Set up your Virtual Private Cloud network and connect it to your other networks.

Core networking

Virtual Private Cloud (VPC)

Scale and control how workloads connect regionally and globally.

Private Service Connect

Access managed services, including Google APIs and services, privately from consumer VPC networks. Host managed services in producer VPC networks that offer private connections to service consumers.

Cloud NAT

Initiate outbound connections to the internet or to other Virtual Private Cloud (VPC) networks from virtual machine (VM) instances and other resources with internal IP addresses.

Network Service Tiers

Optimize connectivity between systems on the internet and your Google Cloud instances.

Hybrid networking

Connect and manage your networks with a hub-and-spoke architecture, conduct data transfer between your sites, and create VPC spokes to connect VPC networks. Use the Router appliance feature to establish site-to-site or site-to-cloud connectivity by using a third-party network virtual appliance.

Cloud VPN

Securely connect your peer network to Google's network through an IPsec VPN tunnel or connect two VPCs together by connecting two Cloud VPN gateways. Encrypt and decrypt traffic, protecting your data in transit. Cloud VPN is particularly well-suited for low-volume data connections.

Cloud Interconnect

Connect your Virtual Private Cloud (VPC) networks and your other networks with low-latency, high-availability connections.

Cross-Cloud Interconnect

Access your network by establishing a high-bandwidth dedicated connectivity between Google Cloud and another cloud service provider.

Dedicated Interconnect

Connect your infrastructure directly to Google Cloud.

Partner Interconnect

Connect your infrastructure to Google Cloud through a supported service provider.

Cloud Router

Dynamically exchange routes between your Virtual Private Cloud (VPC) network and a peered networking using Border Gateway Protocol (BGP).

Scalability

Make your services available at scale to your internal or external customers.

Core services

Cloud DNS

Scale, create, and update millions of DNS records reliably from anywhere in the world with Google’s anycast name servers.

Cloud Load Balancing

High performance scalable load balancing on Google Cloud. Respond instantaneously to changes in user traffic load, network conditions, and backend health by diverting traffic to other regions in the world.

Service Extensions

Enable programmability and extensibility at the edge and on load balancing data paths. Extends Google Cloud edge applications, such as Media CDN and Application Load Balancer.

Cloud Domains

CDN

Media CDN

Deliver high-throughput egress workloads, such as streaming video and large file downloads. Complements Cloud CDN.

Cloud CDN

Accelerate delivery of regularly accessed static content by caching it closer to your users. Cloud CDN serves a mix of static and dynamic latency-sensitive web assets, such as CSS, JavaScript, HTML, and image files.

CDN Interconnect

Establish direct peering links with Google's edge network at various locations to direct your traffic from your VPC networks to a provider's network.

Security

Block unauthorized traffic and implement threat prevention and detection services.

Connection and traffic security

Cloud Firewall

Protect your Google Cloud workloads from internal and external attacks by using a fully distributed firewall service with advanced protection capabilities and pervasive coverage.

Cloud NAT

Initiate outbound connections to the internet or to other Virtual Private Cloud (VPC) networks from virtual machine (VM) instances and other resources with internal IP addresses.

Secure Web Proxy

Secure egress web traffic (HTTPS or HTTP) by using this cloud-first service.

Identity-Aware Proxy (IAP)

Manage access to applications running in App Engine standard environment, App Engine flexible environment, Compute Engine, and GKE.

VPC Service Controls

Protect sensitive data in Google Cloud services using security perimeters.

Certificate Manager

Acquire and manage Transport Layer Security (TLS) certificates for use with Cloud Load Balancing.

Threat prevention and detection

Cloud Armor

Protect your Google Cloud deployments from multiple types of threats, including distributed denial-of-service (DDoS) attacks and application attacks like cross-site scripting (XSS) and SQL injection (SQLi).

Cloud IDS

Detect threats including intrusions, malware, spyware, and command-and-control attacks on your network. A peered network mirrors your network's traffic, and the peered traffic is inspected by Palo Alto Networks threat protection technologies to provide advanced threat detection.

Observability

Monitor and troubleshoot your Google Cloud network.

Network Intelligence Center

Observe, monitor, and troubleshoot your Google Cloud network and project resources using a single console. Reduce the risk of outages and ensure security and compliance.

VPC Flow Logs

Record a sample of network flows sent from and received by virtual machine (VM) instances, including instances used as Google Kubernetes Engine nodes. These logs can help you perform network monitoring, forensics, real-time security analysis, and expense optimization.