Your company has deployed an application on Compute Engine. The application is accessible by clients on port 587. You need to balance the load between the different instances running the application. The connection should be secured using TLS, and terminated by the Load Balancer.
What type of Load Balancing should you use?
For an application running on Compute Engine and accessible by clients on port 587, you need a load balancer that supports secure TLS connections and can terminate these connections at the Load Balancer before forwarding the traffic to the backend instances. SSL Proxy Load Balancing is designed for this purpose, as it handles SSL (TLS) traffic and terminates the SSL connections at the load balancing layer. Therefore, SSL Proxy Load Balancing is the correct choice for balancing the load between instances while securing the connections using TLS.
Although both TCP Proxy LB and SSL Proxy LB support port 587 but only SSL Proxy LB support TLS. Hence 'D' is the right answer.
Answer D https://cloud.google.com/load-balancing/docs/ssl - SSL Proxy Load Balancing is a reverse proxy load balancer that distributes SSL traffic coming from the internet to virtual machine (VM) instances in your Google Cloud VPC network. When using SSL Proxy Load Balancing for your SSL traffic, user SSL (TLS) connections are terminated at the load balancing layer, and then proxied to the closest available backend instances by using either SSL (recommended) or TCP.
Agreed with smart123. Ans is D https://cloud.google.com/load-balancing/docs/choosing-load-balancer#flow_chart
D is the answer. SSL Proxy LoadBalancer supports TLS.
We can use an HTTPS load balancer and change the backend services port to 587 .| HTTPS load balacer will also work
accessible by client on port 587 is the power word. Agree with D
"D" Although port 587 is SMTP (mail) which is an Application Layer protocol, and one might think an Application Layer (HTTPs) Load balancer is needed, according to Google docs, Application Layer LBs offload TLS at GFE which may or may not be the LB. Only the Network Proxy LB confirms TLS offloading at LB layer. Also, as a general rule, they recommend Network Proxy LB for TLS Offloading: "..As a general rule, you'd choose an Application Load Balancer when you need a flexible feature set for your applications with HTTP(S) traffic. You'd choose a proxy Network Load Balancer to implement TLS offload.." References: https://cloud.google.com/load-balancing/docs/choosing-load-balancer#flow_chart https://cloud.google.com/load-balancing/docs/https#control-tls-termination
Ans - D
Ans : D
Answer: D
Answer D. SSL Proxy Load Balancing https://cloud.google.com/load-balancing/docs/ssl