Scale your applications on Google Compute Engine from zero to full-throttle with Google Cloud Load Balancing, with no pre-warming needed. Distribute your load-balanced compute resources in single or multiple regions, close to your users and to meet your high availability requirements. Cloud Load Balancing can put your resources behind a single anycast IP and scale your resources up or down with intelligent Autoscaling. Cloud Load Balancing comes in a variety of flavors and is integrated with Google Cloud CDN for optimal application and content delivery.


Global Load Balancing with Single Anycast IP
With Cloud Load Balancing, a single anycast IP front-ends all your backend instances in regions around the world. It provides cross-region load balancing including automatic multi-region failover which gently moves traffic in fractions if backends become unhealthy. In contrast to DNS-based Global Load Balancing solutions, Cloud Load Balancing reacts instantaneously to changes in users, traffic, network, backend health and other related conditions.

Software-Defined Load Balancing
Cloud Load Balancing is a fully distributed, software-defined, managed service for all your traffic. It is not an instance or device based solution, so you won’t be locked into physical load balancing infrastructure or face the HA, scale and management challenges inherent in instance based LBs. You can apply Cloud Load Balancing to all of your traffic: HTTP(S), TCP/SSL, and UDP. You can also terminate your SSL traffic with HTTPS Load Balancing and SSL proxy.

Over One Million Queries Per Second
Cloud Load Balancing is built on the same front-end serving infrastructure that powers Google. It supports 1 Million+ queries per second with consistent high performance and low latency. Traffic enters Cloud Load Balancing through 80+ distinct global load balancing locations, maximizing the distance traveled on Google's fast private network backbone.

Seamless Autoscaling
Cloud Load Balancing can scale as your users and traffic grow, including easily handling huge, unexpected and instantaneous spikes by diverting traffic to other regions in the world that can take traffic. Autoscaling does not require pre-warming, you can scale from zero to full throttle in a matter of seconds.

Internal Load Balancing enables you to build scalable and highly available internal services for your internal client instances without requiring your load balancers to be exposed to the Internet. GCP Internal Load Balancing is architected using Andromeda, Google’s software-defined network virtualization platform.

Google Cloud DNS is a scalable, reliable and managed authoritative Domain Name System (DNS) service running on the same infrastructure as Google. It has low latency, high availability and is a cost-effective way to make your applications and services available to your users. Cloud DNS translates requests for domain names like www.google.com into IP addresses like 74.125.29.101. Cloud DNS is programmable. You can easily publish and manage millions of DNS zones and records using our simple user interface, command-line interface or API.


100% Availability and Low Latency
Use Google’s infrastructure for production quality, high volume authoritative DNS serving. Your users will have reliable, low-latency access to Google’s infrastructure from anywhere in the world using our network of Anycast name servers. Our SLA promises 100% availability of our Authoritative Name Servers.

Automatic Scaling
Cloud DNS can scale to large numbers of DNS zones and records. You can reliably create and update millions of DNS records. Our name servers automatically scale to handle query volume without any intervention from you.

Cost Effective Pricing Tiers
Cloud DNS is a simple, cost effective alternative to hosting your own DNS servers on premises or using other third party DNS services. For customers with more than 10,000 zones, our highest volume pricing tier lowers the cost of ownership for large organizations operating DNS infrastructure at scale.

Google Stackdriver provides powerful monitoring, logging, and diagnostics. It equips you with insight into the health, performance, and availability of cloud-powered applications, enabling you to find and fix issues faster. It is natively integrated with Google Cloud Platform, Amazon Web Services, and popular open source packages. Stackdriver provides a wide variety of metrics, dashboards, alerting, log management, reporting, and tracing capabilities.


Monitor Cloud Platform and AWS
Stackdriver is built from the ground up for cloud-powered applications. Whether you’re running on Google Cloud Platform, Amazon Web Services, or a hybrid of the two, Stackdriver combines metrics, logs, and metadata from all of your cloud accounts and projects into a single comprehensive view of your environment.

Find and fix issues fast
Rich visualization and advanced alerting help you identify issues quickly, even hard to diagnose issues like host contention, cloud provider throttling, and degraded hardware. Integration with popular services like PagerDuty and Slack provide for rapid incident response. Integrated logging, tracing, and error reporting enable rapid drill-down and root cause analysis.

Full-stack insights
Stackdriver gives you access to logs, metrics, traces, and other signals from your infrastructure platform(s), virtual machines, containers, middleware, and application tier, so that you can track issues all the way from your end user to your backend services and infrastructure. Native support for distributed systems, auto-scaling, and ephemeral resources means that your monitoring works seamlessly with your modern architecture.

Native Google integration and more
Native integration with Google Cloud data tools BigQuery, Cloud Pub/Sub, Cloud Storage, Cloud Datalab, and out-of-the-box integration with all your other application components.

Cloud KMS is a cloud-hosted key management service that lets you manage encryption for your cloud services the same way you do on-premises. You can generate, use, rotate and destroy AES256 encryption keys. Cloud KMS is integrated with IAM and Cloud Audit Logging so that you can manage permissions on individual keys, and monitor how these are used. Use Cloud KMS to protect secrets and other sensitive data which you need to store in Google Cloud Platform.


Scalable, Automated, Fast
Keep millions of encryption keys, allowing you to determine the level of granularity at which to encrypt your data. Set keys to automatically rotate regularly, using a new primary version to encrypt data and limit the scope of data accessible with any single key version. Keep as many active key versions as you want. Rely on our low latency to ensure you can access your keys quickly.

Greater Management Over Key Use
Manage IAM permissions for user-level permissions on individual keys, and grant access to both individual users and service accounts. View admin activity and key use logs with Cloud Audit Logging, using Cloud KMS as a central point to filter access to your most sensitive data. Monitor logs to ensure proper use of your keys.

Easily Encrypt Secrets
Wrap secrets up to 64KiB in size, to allow you to protect secrets like user credentials and API tokens. Take plaintext secrets out of source code, deployment managers, containers, and metadata, and make these accessible to users as well as service accounts via decryption using the Cloud KMS API.

Implement Envelope Encryption
Implement a key hierarchy with a local data encryption key (DEK), protected by a key encryption key (KEK) in Cloud KMS. Manage keys used to encrypt your data at the application layer, stored in your storage systems, at Google, or anywhere else.

Cloud Security Scanner is a web security scanner for common vulnerabilities in Google App Engine applications. It can automatically scan and detect four common vulnerabilities, including cross-site-scripting (XSS), Flash injection, mixed content (HTTP in HTTPS), and outdated/insecure libraries. It enables early identification and delivers very low false positive rates. You can easily setup, run, schedule, and manage security scans and it is free for Google Cloud Platform users.


Find Common Security Vulnerabilities
Detect key vulnerabilities in development prior to production. After you set up a scan, Cloud Security Scanner automatically crawls your application, following all links within the scope of your starting URLs, and attempts to exercise as many user inputs and event handlers as possible.

Focus on Actionable Results
The findings for XSS, Flash injection, mixed content usage, and outdated/insecure libraries all have very low false positive rates. Results are highlighted to enable you to explore and verify in detail and focus on fixes.

Integrates Easily With Your Processes
You can easily setup and run on-demand immediate or scheduled security scans from the Google Cloud Platform Console. Scans should be run from a test environment and test accounts and are enabled for targets only within your App Engine project to prevent unintended effects.

The BigQuery Data Transfer Service automates data movement from SaaS applications to Google BigQuery on a scheduled, managed basis. Your analytics team can lay the foundation for a data warehouse without writing a single line of code. BigQuery Data Transfer Service initially supports Google application sources like Adwords, DoubleClick Campaign Manager, DoubleClick for Publishers and YouTube.



Effortless data delivery
The BigQuery Data Transfer Service lets you focus on analyzing your data. You can setup a transfer with just a few clicks and easily import data from selected SaaS applications directly to BigQuery. The BigQuery Data Transfer Service also supports historical restatements of data, making backfills and data recovery a snap.

Reliable data ingestion
The BigQuery Data Transfer Service is backed by an Uptime SLA and a Data Delivery SLA. Depend on us to reliably deliver data to BigQuery on a day to day basis.

Data delivery at scale
Leave the data scaling problem to us and focus on deriving your insights. The BigQuery Data Transfer Service automatically scales to handle your ever growing analysis and reporting needs.

Always up-to-date
BigQuery Data Transfer Service is a fully managed service. When a supported source application announces a change to their reports, the corresponding BigQuery Data Transfer Service pulls these newly announced data points for your analysis.

The DLP API helps you better understand and manage sensitive data. It provides fast, scalable classification and redaction for sensitive data elements like credit card numbers, names, social security numbers, US and selected international identifier numbers, phone numbers and GCP credentials. The API classifies this data using more than 70 predefined detectors to identify patterns, formats, and checksums, and even understands contextual clues. You can optionally redact data as well using techniques like masking, secure hashing, bucketing, and format-preserving encryption. Try the DLP API in this demo application.


Be Smart with your Data
The DLP API allows you to minimize what you collect, store, expose, or copy. Classify or automatically redact sensitive data from text streams before you write to disk, generate logs or perform analysis. Alert users before they save sensitive data in your applications. Automatically choose the most suitable storage system and the right set of access controls based on the presence of sensitive content.

Safely Unlock more of the Cloud
Today your data is your most critical asset. DLP API provides tools to classify, mask, tokenize, and transform sensitive elements in real-time to help you better manage the data that you collect, store, or use for business or analytics. For example, features like format-preserving encryption allow you to preserve utility of your data for joining or analytics while obfuscating the raw sensitive identifiers.

Efficiently Manage your Sensitive Data
One of the first steps to properly managing your sensitive data is knowing where it exists. The DLP API gives you the power to scan, discover, and report on data from virtually anywhere. Using this service, you can scan or redact streaming text and image content from data workloads in Google Cloud Platform, within other clouds, or from your on-premise environment.

The DLP API has built in support for scanning and classifying sensitive data in Cloud Storage, BigQuery, and Cloud Datastore, with no need for your data to egress out of GCP and no hard limits on object, table, or bucket size. The scan findings can then inform the configuration, management, and access policy of your sensitive data.

Built to Easily Fit into your Workloads
The DLP API architecture includes several features to make it easy to use in small or large operations. Templates for inspection and de-identification allow you to define configurations once and use them across API calls. DLP job triggers and actions allow you to kick off inspection jobs periodically and generate Cloud Pub/Sub notifications when jobs are complete. See this tutorial on using DLP with Cloud Functions to automatically classify data in Cloud Storage.

Enhance your Understanding of Data Privacy Risk
Quasi-identifiers are partially identifying or elements or combinations of data that may link to a single person or a very small group. The DLP API allows you to measure statistical properties such as k-anonymity and l-diversity, expanding your ability to understand and protect data privacy.