Transcription of Google Infrastructure Security Design Overview
{{id}} {{{paragraph}}}
Google Infrastructure SecurityDesign OverviewMarch 2022 Table of contentsIntroduction3 Secure low-level infrastructure4 Security of physical premises4 Hardware Design and provenance4 Secure boot stack and machine identity4 Secure service deployment5 Service identity, integrity, and isolation6 Inter-service access management6 Encryption of inter-service communication7 Access management of end-user data in Google Workspace7 Secure data storage9 Encryption at rest9 Deletion of data10 Secure internet communication10 Google Front End service10 DoS protection11 User authentication11 Operational security12 Safe software development12 Source code protections12 Keeping employee devices and credentials safe13 Reducing insider risk13 Threat monitoring13 Intrusion detection14 What s next14 This content was last updated in March 2022, and represents the status quo as of the time it waswritten.
WAN traversal hop of customer VM to VM traffic. As described earlier, all control plane WAN traffic within the infrastructure is already encrypted. In the future we plan to take advantage of the hardware-accelerated network encryption discussed earlier to also encrypt inter-VM LAN traffic within the data center.
Domain:
Source:
Link to this page:
Please notify us if you found a problem with this document:
{{id}} {{{paragraph}}}