Cloud Load Balancing enhancements improve security and distributed application support

At Google Cloud Next ‘23 , the Cloud Networking Load Balancing team announced multiple enhancements that unlock new use cases and increase your value when using Google Cloud Load Balancing. The four of the marquee features we introduced are: mTLS support adds client-side authentication during TLS negotiation on global external Application Load Balancers. This capability allows the server to verify the client’s identity in the same way that the client verifies the server’s identity during standard TLS authentication. Thus, mTLS provides an additional security layer that helps protect against man-in-the-middle attacks and other threats.

Service Extensions callouts allow users to customize the data-plane processing of select load balancers with user-created or third-party applications. This customization empowers customers to add new capabilities and optimize how traffic is handled for their Google Cloud workloads, which improves the user experience. Cross-region internal Application Cloud Load Balancer supports global backends! In other words, the internal load balancer can now distribute load to backends spread globally. Further, global access is built-in, that is clients from any region can access the internal Application Load Balancers.

This capability introduces a new level of flexibility when it comes to architecting the hosting of backends or the location of clients. Cross-project service referencing with global external Application Load Balancers allows organizations to configure Application Load Balancers to route traffic to hundreds of services distributed across multiple different projects. Cross-project service referencing relies on Shared VPC, which allows the connecting of resources from multiple projects to a common Virtual Private Cloud (VPC) network so that they can securely and efficiently communicate with one another.