What type of networking design should an electric vehicle manufacturer company use on Google Cloud Platform (GCP) to centralize control over networking resources like firewall rules, subnets, and routes, and allow on-premises resources access back to GCP resources through a private VPN connection while enabling the network security team to control the networking resources?