Choosing a network connectivity option in Google Cloud
Lead Developer Advocate, Google
Try Google Cloud
Start building on Google Cloud with $300 in free credits and 20+ always free products.Free trial
The cloud is an incredible resource, but you can’t get the most out of it if you can’t interact with it efficiently. And because network connectivity is not a one-size-fits-all situation, you need options for connecting your on-premises network or another cloud provider to Google’s network.
When you need to connect to Google’s network you have the following options:
Click to enlarge
Connecting to Google Cloud: Cloud Interconnect and Cloud VPN
If you need to encrypt traffic to Google Cloud,you need a lower throughput solution, or you are experimenting with migrating your workloads to Google Cloud, you can choose Cloud VPN. If you need an enterprise-grade connection to Google Cloud that has higher throughput, you can choose Dedicated Interconnect or Partner Interconnect.
Cloud Interconnect provides two options: you can create a dedicated connection (Dedicated Interconnect) or use a service provider (Partner Interconnect) to connect to Virtual Private Cloud (VPC) networks. If your bandwidth needs are high (10Gpbs to 100Gbps) and you can reach Google’s network in a colocation facility then Dedicated Interconnect is a cost-effective option. If you don’t require as much bandwidth (50Mbps to 50Gbps) or can't physically meet Google's network in a colocation facility to reach your VPC networks, you can use Partner Interconnect to connect to service providers that connect directly to Google.
Cloud VPN lets you securely connect your on-premises network to your VPC network through an IPsec VPN connection in a single region. Traffic traveling between the two networks is encrypted by one VPN gateway and then decrypted by the other VPN gateway. This action protects your data as it travels over the internet. You can also connect two instances of Cloud VPN to each other. HA VPN provides an SLA of 99.99% service availability.
Connecting to Google Cloud: Network Connectivity Center
Network Connectivity Center (in preview) supports connecting different enterprise sites outside of Google Cloud by using Google's network as a wide area network (WAN). On-premises networks can consist of on-premises data centers and branch or remote offices.
Network Connectivity Center is a hub-and-spoke model for network connectivity management in Google Cloud. The hub resource reduces operational complexity through a simple, centralized connectivity management model. Your on-premises networks connect to the hub via one of the following spoke types: HA VPN tunnels, VLAN attachments, or router appliance instances that you or select partners deploy within Google Cloud.
Connecting to Google Workspace and Google APIs: Peering
If you need access to only Google Workspace or supported Google APIs, you have two options:
Direct Peering to directly connect (peer) with Google Cloud at a Google edge location
Carrier Peering to peer with Google by connecting through an ISP (support provider), which in turn peers with Google.
Direct Peering exists outside of Google Cloud. Unless you need to access Google Workspace applications, the recommended methods of access to Google Cloud are Dedicated Interconnect, Partner Interconnect, or Cloud VPN.
Connecting to CDN providers: CDN Interconnect
CDN Interconnect (not shown in the image) enables select third-party Content Delivery Network (CDN) providers to establish direct peering links with Google's edge network at various locations, which enables you to direct your traffic from your VPC networks to a provider's network. Your network traffic egressing from Google Cloud through one of these links benefits from the direct connectivity to supported CDN providers and is billed automatically with reduced pricing. This option is recommended for high volume egress and frequent content updates in the CDN.
For a more in-depth look into service check out the documentation.