Networking in Google Cloud Platform (NGCP)


Course Overview

This training course builds on the networking concepts covered in the Architecting with Google Compute Engine course. Through presentations, demonstrations, and labs, participants explore and deploy Google Cloud networking technologies. These technologies include: Virtual Private Cloud (VPC) networks, subnets, and firewalls, Interconnection among networks, Load balancing, Cloud DNS, Cloud CDN, Cloud NAT. The course will also cover common network design patterns.

Who should attend

This course is intended for the following participants:

  • Network engineers and administrators who are using the Google Cloud console or are planning to do so
  • Individuals who want to be exposed to software-defined networking solutions in the cloud.


This course is part of the following Certifications:


  • Google Cloud Fundamentals: Core Infrastructure (GCF-CI) course (or equivalent experience)
  • Networking Fundamentals in Google Cloud quest (or equivalent experience)
  • Prior understanding of the 7 layer OSI model
  • Prior understanding of IPv4 addressing
  • Prior experience with managing IPv4 routes

Course Objectives

  • Configure Google VPC networks, subnets, and routers, and control administrative access to VPC objects.
  • Route traffic by using DNS traffic steering.
  • Control access to VPC networks.
  • Implement network connectivity between Google Cloud projects.
  • Implement load balancing.
  • Configure connectivity to Google Cloud VPC networks.
  • Configure private connection options to provide access to external resources and services from internal networks.
  • Identify the best Network Service Tier for your needs.

Follow On Courses

Outline: Networking in Google Cloud Platform (NGCP)

Module 1: VPC Networking Fundamentals


  • Overview of VPC networks
  • IPv6 addressing
  • Routes and route preferences
  • Bring your own IP (BYOIP)
  • Multiple network interfaces
  • Cloud DNS policies


  • Create and configure VPC networks and subnets.
  • Create and configure multiple network interfaces.
  • Create and configure DNS policies.
  • Create VMs that have an IPv6 address.
  • Create Compute Engine instances with multiple virtual network interfaces

Module 2: Controlling Access to VPC Networks


  • Identity and Access Management (IAM) roles
  • Policy constraints
  • Firewall rules


  • Outline how IAM policies affect VPC network access.
  • Create and use service accounts to control access to network resources.
  • Control access to Compute Engine instances with tag-based firewall rules.

Module 3: Sharing Networks across Projects


  • Shared VPC
  • VPC Network Peering


  • Describe the different ways to share VPC networks that are available in Google Cloud.
  • Recognize when to use Shared VPC and when to use VPC Network Peering.
  • Configure peering between unrelated VPC networks.

Module 4: Load Balancing


  • Load balancing overview
  • Hybrid load balancing
  • Traffic management
  • Internal TCP/UDP load balancers as next hops
  • Cloud CDN


  • Create a load balancer.
  • Describe where you can use hybrid load balancing.
  • Describe the benefits of using an Internal TCP/UDP load balancer as an external next hop.
  • Enable and use Cloud CDN.
  • Configure traffic management

Module 5: Hybrid Connectivity


  • Cloud Interconnect
  • Cloud VPN
  • Influencing best path selection
  • Network Connectivity Center


  • Describe how Dedicated Interconnect and Partner Interconnect are used and what their differences are.
  • Determine which Cloud Interconnect product is best for a given use case.
  • Create a connection over a VPN with Cloud Router.
  • Describe how to use Network Connectivity Center to configure connectivity.

Module 6: Private Connection Options


  • Private access overview
  • Private Google Access
  • Private Service Connect
  • Private services access
  • Cloud NAT


  • Determine which private connection option is needed for a given use case.
  • Configure Private Google Access to allow access to Google Cloud services from VM instances with only internal IP addresses.
  • Describe Private Service Connect and its use cases.
  • Describe private service access and its use cases.
  • Configure Cloud NAT to provide your instances without public IP addresses access to the internet.

Module 7: Network Billing and Pricing


  • Networking pricing
  • Network Service Tiers
  • Billing


  • Recognize how networking features are billed.
  • Use Network Service Tiers to optimize spend.
  • Compare and contrast the Network Service Tiers.
  • Describe how labels are used to understand network spend.

Module 8: Network Monitoring and Troubleshooting


  • Monitoring
  • Logging


  • Configure uptime checks, alerting policies, and charts for your network services.
  • Use VPC Flow Logs to log and analyze network traffic behavior.

Prices & Delivery methods

Online Training

2 days

  • Online Training: CAD 1,975
  • Online Training: US$ 1,495
Classroom Training

2 days

  • Canada: CAD 1,975

Click on town name or "Online Training" to book Schedule

This is an Instructor-Led Classroom course
Guaranteed date:   We will carry out all guaranteed training regardless of the number of attendees, exempt from force majeure or other unexpected events, like e.g. accidents or illness of the trainer, which prevent the course from being conducted.
Instructor-led Online Training:   This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training.
This is a FLEX course, which is delivered both virtually and in the classroom.

United States

Guaranteed to Run Online Training 09:00 US/Eastern Enroll
Online Training 09:00 US/Central Enroll
Online Training 09:00 US/Pacific Enroll
Online Training 09:00 US/Eastern Enroll


Guaranteed to Run Online Training 09:00 Canada/Eastern Enroll
Online Training 09:00 Canada/Central Enroll
Online Training 09:00 Canada/Pacific Enroll
Online Training 09:00 Canada/Eastern Enroll