Road to an open and flexible cloud network with new Network Connectivity Center partners

At Google Cloud we aim to provide our customers with the flexibility to choose the networking solutions that best fit their needs. Network Connectivity Center, our unified network connectivity management solution, is generally available in 15 regions across the U.S., U.K., India, Australia, and Japan, and we are en route to expanding this coverage to include all Google Cloud regions, enabling global onramp to the cloud.We are committed to maintaining an open and flexible cloud networking environment that will enable interconnectivity with the Google Cloud network, and partners play a critical role in this. Today, as part of that commitment, we’re excited to announce partnerships with Alkira, Arista, Aruba, Aviatrix, Cisco Meraki and Citrix, who are leading the charge in software-defined networking solutions. Together, we are providing streamlined onramp from their leading solutions to Google Cloud through integration with Network Connectivity Center.To recap, we introduced Network Connectivity Center back in March to help you simplify how you deploy, manage and scale on-prem and cloud networks. Network Connectivity Center gives you the universal connectivity control you need to connect all your networking resources together in a simple and scalable model. Network Connectivity Center can connect your entire enterprise network including on-prem, multi-site, and hybrid networks all in one place; and with Network Intelligence Center, you can monitor and troubleshoot the network. Together, you get a vantage point for looking at your Google Cloud network and all the networks connected to it. In May we announced some exciting new partnerships that extend your connectivity choices. We are now pleased to announce new networking partnerships that seamlessly extend our partners’ solution into Google Cloud via Network Connectivity Center. These integrations enable global connectivity, allowing VPN or third-party virtual appliances to easily connect with VPCs using standard BGP, enabling dynamic route exchange and simplifying the overall network architecture and connectivity model. Now, you have the flexibility to deploy, operate and manage all your connectivity needs with these third-party solutions, minimizing operational overhead for your networking teams.Read more for details about Network Connectivity Center integrations from our partners:AlkiraWith Alkira Network Cloud, powered by the Alkira Cloud Services Exchange, enterprises can have consistent and simplified experience of provisioning and operating global networks across users, sites and clouds with integrated next-generation security services. At the core of Alkira Cloud Services Exchange are the Alkira Cloud Exchange Points (Alkira CXPs) that are distributed around the world and are interconnected through a high-speed low-latency Alkira Cloud Backbone, allowing enterprises to instantly establish global secure network connectivity.Network Connectivity Center simplifies cloud onramp by connecting to one or multiple Alkira CXPs as spokes in a single-region or multi-region deployment model. Routing information is dynamically exchanged to allow communication between Google Cloud VPCs and Alkira CXPs. Learn more here.Arista Arista CloudEOS is a multi-cloud and cloud-native networking solution supporting autonomic operation to deliver an enterprise-class, highly secure, and reliable networking experience for extending an enterprise network to the cloud. Network Connectivity Center integration with CloudEOS means enterprises can quickly connect to Google Cloud with a simplified provisioning and deployment model. The partnership will deliver simplified high-scale deployments across your public cloud and on-premises infrastructure. Learn more here.Aruba The Aruba EdgeConnect edge and Aruba SD-Branch platforms power a self-driving wide area network for cloud-first enterprises. These SD-WAN platforms enable enterprises to improve their network performance for running all cloud applications and services via broadband—even consumer broadband. The Aruba EdgeConnect and Aruba SD-Branch integrations with the Google Cloud Network Connectivity Center enable enterprises to use their SD-WAN fabric for branch-to-Google-Cloud connectivity over the public internet by running EdgeConnect and Virtual Gateway instances in Google Cloud VPCs. The resulting network service enables high-performance connectivity between SD-WAN-connected branches and workloads in Google Cloud. Enterprises will experience a simplified and automated cloud on-ramp experience for their Google Cloud workloads. Learn more here.Aviatrix The Aviatrix cloud network platform brings multi-cloud networking, security, and operational visibility that enterprise customers require. Aviatrix software leverages public cloud provider APIs to interact with and directly program native cloud-networking constructs, abstracting the unique complexities of each cloud to form one network data plane while also adding advanced networking and security features.Google Cloud Network Connectivity Center integrated with Aviatrix simplifies cloud onboarding while unifying connectivity across Google Cloud networks. Enterprise customers can leverage the Aviatrix cloud network platform to orchestrate a repeatable cloud footprint, accelerate deployment time, and integrate with native Google Cloud constructs for on-prem and cloud connectivity through Network Connectivity Center. Learn more here.CiscoCisco Meraki MX and vMX are built on a cloud architecture to deliver network security and experience for any workload, from anywhere. Cloud architecture teams can now create a secure fabric that optimizes connectivity between offices, remote workers, and services running in Google Cloud.The integration with Network Connectivity Center extends the secure Meraki SD-WAN fabric deeper into Google Cloud, enabling dynamic route exchange for connectivity to VPCs. In this way, distributed branches and remote users can dynamically and securely access cloud workloads across multiple regions. Learn more here.Citrix Citrix SD-WAN is a core networking capability of the Citrix unified approach to a Secure Access Service Edge (SASE) architecture. A unified approach makes it easy for IT to enable secure, resilient, and automated connectivity between hybrid workers and applications hosted in Google Cloud. Together, Citrix SD-WAN and Google Cloud Network Connectivity Center enable IT teams to simplify their network architecture for site-to-cloud and site-to-site connectivity. This integrated and automated approach helps IT rapidly scale networks to Google Cloud and ensure your hybrid workforce is always connected. Now hybrid workers everywhere get fast, low-latency access to enterprise workloads, desktop-as-a-service (DaaS) or Citrix Virtualized Applications and Desktops (CVAD), by leveraging Google Cloud’s global backbone using Citrix SD-WAN. Citrix SD-WAN’s unique ability to inspect and prioritize the CVAD HDX protocol provides the highest level of responsiveness and reliability for hybrid workers. Learn more here.Getting Started Our partnerships truly democratize access to the cloud from anywhere by making that access simple and reliable. Our vision is to allow you and your customers to connect to workloads in any cloud or on-prem locations with a consistent experience that is easy to secure and manage. You can get started with the Network Connectivity Center here. You can learn more about our partners and how to deploy their solution with the Network Connectivity Center here.Related ArticleIntroducing Network Connectivity Center: A revolution in simplifying on-prem and cloud networkingWith Network Connectivity Center, you can connect and manage VPNs, interconnects, third-party routers and SD-WAN across on-prem and cloud…Read Article
Quelle: Google Cloud Platform

reCAPTCHA Enterprise puts users first

reCAPTCHA has defended the web for more than 14 years, and is protecting more than 5+ million websites on the Internet today. The heart of our mission has always been to be hard on bots and easy on humans. This is a challenge that evolves with all the new ways the web can be used and the increasing sophistication of bots. reCAPTCHA started with simple warped text. As bots got smarter, reCAPTCHA provided harder images for end users to solve. We recognize this race between the intelligence of AI and humans has made the users’ experience increasingly challenging. So, in the latest version of reCAPTCHA, reCAPTCHA Enterprise, we’ve created a new detection method that provides a frictionless experience for users, but is still effective at identifying bots.reCAPTCHA Enterprise has been built on two primary principles that put end users first:Protect usersProvide a frictionless user experienceProtect UsersToday, reCAPTCHA Enterprise is a pure security product. Information collected is used to provide and improve reCAPTCHA Enterprise and for general security purposes. We don’t use this data for any other purpose.reCAPTCHA Enterprise has codified these requirements in our terms, which restrict reCAPTCHA Enterprise to be used to fight spam and abuse. It cannot be used for other purposes such as determining credit worthiness, employment eligibility, financial status, or insurability of a user. Additionally, none of the data collected can be used for personalized advertising by Google.To further keep users safe, reCAPTCHA Enterprise customers are required to explicitly inform applicable end users that the customer has implemented reCAPTCHA Enterprise. Customers need to comply with all applicable privacy laws and regulations, especially those applying to personal data. This includes providing a privacy policy for their API client that clearly and accurately describes to users the information collected and uses of that information. For customers with end users in the European Union, this includes compliance with the EU User Consent Policy.reCAPTCHA Enterprise has also increased the number of features, including integrated multi-factor authentication and password check, to protect against account takeovers and keep end users safe. You can learn more about this use case in a recent blog. Provide a Frictionless User ExperienceSince reCAPTCHA Enterprise was launched in 2018, the priority has been to integrate into as many web pages on a website as a frictionless solution. This means end users do not have to identify crosswalks or decrypt text before proceeding on a web page. reCAPTCHA Enterprise detects bots by observing on-page behavior rather than having users solve tests. reCAPTCHA’s adaptive risk analysis engine identifies attacker patterns more accurately by looking at activities across different pages on a website. This is more difficult for bots to mimic and reduces user friction. This can help improve your business’ individual goals such as customer satisfaction and brand loyalty. The Future: A Total Fraud SolutionAs reCAPTCHA Enterprise is now a frictionless solution, it can be installed across a website’s entire user experience to detect fraud and abuse. Users will be able to interact with a website secured by reCAPTCHA Enterprise without having to solve additional challenges or otherwise be impeded. Recognizing companies’ need for an integrated fraud solution, the reCAPTCHA Enterprise team is working to build a complete and integrated set of tools to defend against fraud all the way from a pageview, to login, through the final payment. This will not only provide a single solution for our customers to adopt, but it will also provide an integrated view of fraud across all user actions.Related ArticleProtect your organization from account takeovers with reCAPTCHA EnterpriseHow reCAPTCHA Enterprise helps protect your websites from fraudulent activity like account takeovers and hijackingRead Article
Quelle: Google Cloud Platform

Cloud Domains, now GA, makes it easy to register and manage custom domains

In February, we announced Cloud Domains, which makes it easy for Google Cloud customers to register new domains. Today, we’re excited to announce that Cloud Domains is in general availability. We created Cloud Domains with the goal of simplifying domain-related tasks, and we’ve continued to build on the initial release with new functionality.Click to enlargeCloud Domains allows you to manage access controls for domains through Cloud IAM and manage your domain registrations and renewals through Cloud Billing, for a more seamless experience with the rest of Google Cloud. Cloud Domains is also tightly integrated with Cloud DNS. In just one click, you can create Cloud DNS zones and associate them with your Cloud Domains, while the Cloud DNS API makes it easy for you to bulk-manage DNS zones for your domain portfolio. With Cloud Domains, you can also enable DNSSEC for your Public DNS Zones for enhanced security. When transferring domains, you can call Cloud DNS APIs to set up DNS for the newly transferred domains. Cloud Domains works better with your other Google Cloud applications such as Cloud Run, Google App Engine and Cloud DNS as everything is managed under the same Google Cloud Platform project, greatly simplifying domain verification and configuration. Finally, we’ve added the ability to transfer third-party domains into Cloud Domains via a simple API, which supports a wide variety of top-level domains. This allows you to consolidate your domain portfolio in one place and utilize APIs for programmatic management. With this API, bulk transfer of your domains into Cloud Domains becomes much simpler. Customers such as M32 Connect are already benefiting from the continued feature innovation of Cloud Domains.  “As a cloud-native ad tech and analytics company, we have to manage massive amounts of domains. Being able to manage them in bulk through APIs and CLI allows us to automate new parts of our infrastructure. Google Cloud helps us improve our time-to-market while reducing human interventions on tedious activities. Cloud Domains is a breath of fresh air!” – Claude Cajolet, Head of Technology Management and Monetization Architecture, M32 Connect To get started with Cloud Domains, read this getting started guide. Then, click over to the Cloud Console and start registering new domains today!Related ArticleIntroducing Cloud Domains: Easily register and manage custom domainsThere’s a new domain registration and management portal that’s tightly integrated with Google Cloud.Read Article
Quelle: Google Cloud Platform

Notary v2 Project Update

Supply chain security is something that has been increasingly important to all of us in the last few years. Almost as important as the global supply chains that are having problems distributing goods around the world! There have been many attacks via the supply chain. This is where some piece of software that you use turns out to be compromised or to contain vulnerabilities that in turn compromises your production environment.

We have written about secure supply chain best practices . Docker is committed to helping you build security into your supply chain, and we are working on more tools to help you with this. We provide Docker Trusted Content, including Docker Official Images and Docker Verified Publisher images for you to use as a  trusted starting point for building your applications.

We have also been heavily involved with many community projects around supply chain security. In particular we are heavily involved in the Notary v2 project in the Cloud Native Computing Foundation (CNCF). We last wrote about this in January. This project is the next generation of the original Notary project that Docker started in 2015 and then donated to the CNCF. Notary (to simplify!) is a project for adding cryptographic signatures to container images so that you can make sure that the image someone produced is the same one that you are using, and that it has not been tampered with on the way.

Over the years we have learned a lot of things about how it is used, and the problems that have hindered wider adoption, and these are part of the community feedback into the design of Notary v2. We are looking to build a signing framework that can be used in every registry, and where signatures can be pushed and pulled with images so that you can identify that an image that you pull from your private on premise registry is the same as the Docker Official Image on Docker Hub, for example. This is one of the many use cases that are important to the community and which Notary v1 did not adequately address. We also want to make it much simpler to use, so we can have signature checks on by default for all users, rather than having opt-in signatures.

Today the project has released an early alpha prototype for further experimentation and for your feedback. Steve Lasker has written a blog post with the details. Check out the demos and please give feedback on whether these workflows fit your use cases, or how we can improve them.

Remember you can give us feedback about any aspect of our products on the Docker public roadmap. We are especially interested in your feedback around supply chain security and what you would like to see; we have had lots of really helpful feedback recently that is helping us work out where to take our products and tools.
The post Notary v2 Project Update appeared first on Docker Blog.