Help
FortiWeb Cloud Getting Started Resources
yonghao
New Contributor

Created on ‎08-27-2024 02:44 PM

[GCP] Networking architecture to have GCP project level network bandwidth for massive projects

Hello, I am design a system on GCP to add GCP project level egress network bandwidth for our data plane projects (>10k) projects.

 

Detailed requirement & context:

1: we managed 10k+ GCP projects and want to apply egress network bandwidth on project level. E.g. 2 GCE VMs + 5 dataproc nodes + Google Lifescience API VMs share the same network bandwidth (2MB/s).

2: We want to minimize the cost. We know there is a solution that can be deploy a FortiGateon on each of those projects, but the cost would be large.

3: The number of projects will grow. We have new users coming to us every day and they will get new project.

 

A rough idea on my mind:

Setup shared VPC/VPC peering then route all traffic from those data plane projects to our central control plane(another GCP project). Then host fortigate on our controll plane. Then use fortigate to apply a network bandwidth on GCP project level. Now I am now stuck there. I know there is ip based traffic shaping on fortigate but I don't think there is one ip per project solution on GCP. 

 

Any idea are appreciated! 

76
0 Kudos
0 REPLIES 0
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.