Network Intelligence Center

Google Cloud Network Intelligence Center is a network monitoring, verification, and optimization platform that provides visibility into your GCP network topology, connectivity, and performance. It helps you understand, troubleshoot, and optimize your cloud network.

Key Modules:

1. Network Topology - Visualize your VPC network topology including VMs, load balancers, VPNs, and peered networks in an interactive graph.

2. Connectivity Tests - Verify network connectivity between endpoints and diagnose the reason for blocked traffic without sending actual packets.

3. Performance Dashboard - Monitor packet loss, latency, and throughput metrics across your GCP network in real time.

4. Firewall Insights - Analyze firewall rule usage to identify overly permissive rules, shadowed rules, and unused rules.

5. Network Analyzer - Automatically detects misconfigurations and suboptimal configurations in your network.

The below example shows how to run a connectivity test using gcloud CLI.

It gives the following output,

Connectivity Test: vm-to-vm-test
Result: REACHABLE
Path:
  Source VM (10.128.0.2) ->
  VPC Firewall [allow-internal: ALLOWED] ->
  Destination VM (10.132.0.3:8080)
Latency: 1.2ms

Connectivity Test: ext-to-vm-test
Result: UNREACHABLE
Drop Cause: FIREWALL_RULE
Blocking Rule: default-deny-ingress

Key Use Cases:

Troubleshooting - Quickly identify why two services cannot communicate without generating actual traffic.

Security auditing - Use Firewall Insights to find and remove overly permissive or unused firewall rules.

Compliance - Verify network segmentation and isolation for regulatory requirements.