Oracle is strengthening the built-in security services of OCI to help users protect their cloud applications and data against emerging threats.
Oracle is strengthening the built-in security services Oracle Cloud Infrastructure (OCI) to help users protect their cloud applications and data against emerging threats. A new built-in and cloud-native firewall service and enhancements to Oracle Cloud Guard and Oracle Security Zones are among the five new capabilities round out OCI’s already comprehensive security offering. These advancements will help enterprises protect their cloud deployments and applications with easy, prescriptive, and integrated services that do not require additional investment in most circumstances.
As businesses from various sectors, from financial services to retail, move mission-critical workloads to the cloud, they must protect themselves from security flaws both inside and beyond the firewall, which are leading to increasing data breaches and exposure. For example, Gartner estimates that “through 2023, at least 99 percent of cloud security failures will be the customer’s fault.” To meet this challenge, cloud users and administrators must now understand how cloud security services function, how to configure them properly, and how to keep their cloud deployments up to date.
Kapil Makhija, Vice President -Technology Cloud, Oracle India said “At Oracle, our decades of success in managing customers’ most mission critical workloads is a testament of our security-first commitment. In India as well, we understand that defending data against any threat can be a challenge for many customers who are still accepting cloud. Therefore, we regularly collaborate with all our customers to help them ensure that a no compromise security culture is developed especially in the current ever evolving threat landscape.”
He added “We believe that our Indian customers will be able to leverage the benefits of the newly announced innovations and further fortify their data, be aligned with their regulatory requirements, and prevent any security breaches. Also, in continuation to our commitment towards ensuring cloud economics, the new capabilities are focussed towards being cost effective and efficient.”
OCI Security – New Capabilities
To help OCI customers meet regulatory compliance requirements, stay on top of security threats and concerns, and prevent security-related outages, Oracle has made security a foundational and built-in feature of OCI. Oracle is beefing up its cloud security capabilities, adding numerous layers of defense to help quickly identify and eliminate emerging threats and security breaches. The following are some of new capabilities:
OCI Network Firewall: A new cloud-native, managed firewall solution powered by Palo Alto Networks VM-Series Next-Generation Firewall technology (NGFW) provides centralized protection against cyberattacks across OCI.
Custom URL filtering, Intrusion Prevention and Detection (IDS/IPS), and TLS inspection for inbound, outbound, and lateral traffic to customer workloads hosted on OCI. With OCI Network Firewall, customers can quickly turn on and secure their applications and cloud environment with firewall features and scale their security across their cloud deployment, are some of the features provided by firewall for security controls, threat prevention, and mitigation. Customers can swiftly turn on and secure their applications and cloud environment with firewall features, as well as scale their security across their cloud deployment, with OCI Network Firewall. The OCI Network Firewall is provided as a turn-key offering, allowing users to use the firewall right away without having to configure or manage additional security infrastructure.
Oracle Threat Intelligence Service: Gathers threat intelligence data from several sources and manages this data to provide actionable guidance for threat detection and prevention in Oracle Cloud Guard and other OCI services. Oracle’s own unique telemetry, open-source feeds such as abuse.ch and Tor exit relays are some of the insights provided by this service along third-party partners, such as CrowdStrike.
Oracle Cloud Guard Threat Detector: Identifies misconfigured resources, insecure activity across customer environments, and potential malicious threat activities. It provides security administrators visibility into triage and resolve cloud security issues. To successfully scale the security operations center, security discrepancies can be resolved automatically with out-of-the-box Cloud Guard security recipes.
Oracle Security Zones: To ensure cloud resources stay secure and prevent security misconfigurations, Security Zone policies can be applied to various cloud infrastructure types (e.g., network, compute, storage, database, etc). Users can determine which policies are appropriate for their requirements by defining custom security zone policy sets. Security Zone policies are enforced by OCI as an integrated platform feature that supports a growing number of adjacent OCI Security services. Security Zone policies, unlike IAM permissions, which are associated with people, operate as security guardrails for resources and define allowable configurations.