As the use of cloud services increases and matures, organizations want to streamline the process of securely connecting to services at scale. But for different domains to communicate, cloud and network architects have traditionally spent a lot of time exchanging infrastructure-level information like IP addresses and coordinating subnets with technologies such as VPC peering. They also have to manage complex routing topologies across different networks and organizations. This can be challenging for enterprises that want to keep services completely isolated to address security concerns or policy requirements.
At Google Cloud, we want to help you fundamentally change how you consume and deliver applications in the cloud, with a service-centric approach to networking. We’re excited to announce Private Service Connect in alpha, which allows you to connect and consume first- and third-party as well as customer-owned services easily and privately. It creates service endpoints in consumer VPCs that provide private connectivity and policy enforcement, allowing you to easily connect services across different networks and organizations. Private Service Connect abstracts the underlying infrastructure for both the teams consuming and delivering services, making it easier for you to use value-added services. With Private Service Connect, traffic stays private and secure over Google’s global network. See the overview video.
“In today’s data-driven world, organizations need to securely connect to increasingly large volumes of data spread across different networks and organizations. Google Cloud’s new Private Service Connect will allow our joint customers to consume Snowflake faster and more securely when they are connecting to Snowflake from Google’s network.” – Vikas Jain, Head of Security Product Management, Snowflake
In short, Private Service Connect allows you to:
- Simplify connectivity to services: You can easily and privately connect to and access Google Cloud services (e.g., Cloud Storage, Bigtable), third-party partner services (e.g. Snowflake), and your company’s own applications. Services can be consumed directly in their virtual networks without requiring middleboxes, proxies, or other complex configurations, simplifying the management of cloud architectures.
- Protect your network traffic: When consuming services, you can prevent your network traffic from being exposed to the public internet, reducing exposure to potential security threats; traffic remains on Google’s backbone network, extending private transit to the “last mile.”
- Accelerate cloud migrations: Since the underlying infrastructure is not exposed, connecting to and managing services is much simpler, more secure and private. You can accelerate your cloud migrations by simply connecting from on-premises to new services in the cloud, while enforcing the security standard and best practice of leveraging a private IP space.
Discover service-centric networking
In March, we launched Service Directory, which helps customers simplify service management and operations. Together, Private Service Connect and Service Directory allow you to easily and securely connect to services and manage them at scale. While Private Service Connect lets you connect and privately access services, Service Directory helps principals (users and applications) discover and publish those services, so you can deliver services faster and more securely.
Our goal is to give you the right networking solutions for connecting your business to Google Cloud. With Private Service Connect, you can access and connect to services faster, more easily protect your network traffic, and accelerate your migration to the cloud. To try the product, please contact your Google Cloud account team, and click here to learn more about Google Cloud’s networking portfolio. And be sure to tune in to Google Cloud Next ‘20: OnAir this week, where we’re highlighting enhancements to our infrastructure.