beautypg.com

Network configuration, Network routing, Proxy servers – Google Networking Best Practices for Large Deployments User Manual

Page 10: Other services, Network routing proxy servers other services

background image

10

Networking Best Practices for Large Deployments

Network Configuration

The following recommendations describe network configurations that will help provide your
users with the best experience with Google Apps. These recommendations increase network
availability and performance, and can reduce costs by simplifying the network equipment
required to reach Google Apps.

Network Routing

To achieve the best performance with network connections to Google Apps:

Route network traffic to the Internet as close to the end user as possible, in terms of
geography and network topology.

Focus on addressing latency issues over bandwidth requirements. Above a minimum
bandwidth level, bandwidth considerations are generally less significant for Google Apps.

Open your firewalls to the ports that Google Apps services use. For details, see “Google
Protocols” on page 21.

Avoid using specific IPv4 addresses to permit access to Google Apps. See “Google IPv4
Addresses” on page 19.

Consider traffic prioritization if you are using a hub-and-spoke network topology or if your
network has multiple locations with a single network egress point.

For more information about network routing, see “Network Addressing and Protocols” on
page 19 and “Network Routing” on page 22.

Proxy Servers

Avoid routing Google Apps data through a proxy that inspects the content of HTTP traffic,
because this will reduce performance, and a great deal of Google Apps content is dynamic
or encrypted.

Keep your proxy servers in a location that is close to your users and their Internet egress
point, in terms of both geography and network topology.

If you need to filter web traffic by URI, consider using a PAC configuration file on the
client’s desktop, since URIs in encrypted HTTP traffic are not visible to the proxy.

If you are using a proxy server that supports SSL Terminations, you can set up your proxy
server to inspect Google Apps content while relaying the secure connection.

For more information about setting up proxy servers, see “Proxy Servers” on page 24.

Other Services

Use a DNS resolver in a location that is close to the user, in terms of both geography and
network topology. Using DNS resolvers located in remote network locations will greatly
slow down connections to Google Apps.

See also other documents in the category Google Software: