Oracle Strengthens Organizations' Cloud Security Posture by Separating Network Security from Network Architecture
Oracle has introduced Oracle Cloud Infrastructure Zero Trust Packet Routing (OCI ZPR), a groundbreaking security feature integrated into the OCI network fabric. This innovation separates network security from network architecture, addressing a major vulnerability in cloud security. OCI ZPR allows organizations to:
1. Set security attributes on resources
2. Write natural language policies to limit network traffic
3. Safeguard against network misconfigurations
Key benefits include improved security posture, streamlined compliance, and simplified security management. OCI is the first cloud provider to implement this new standard, which aims to prevent data breaches resulting from human error and unauthorized access based solely on compromised credentials.
Oracle ha introdotto Oracle Cloud Infrastructure Zero Trust Packet Routing (OCI ZPR), una funzionalità di sicurezza rivoluzionaria integrata nel tessuto della rete OCI. Questa innovazione separa la sicurezza della rete dall'architettura della rete, affrontando una vulnerabilità significativa nella sicurezza del cloud. OCI ZPR consente alle organizzazioni di:
1. Impostare attributi di sicurezza sulle risorse
2. Scrivere politiche in linguaggio naturale per limitare il traffico di rete
3. Proteggere da configurazioni errate della rete
I benefici principali includono un miglioramento della posizione di sicurezza, un'evoluzione della conformità e una semplificazione della gestione della sicurezza. OCI è il primo fornitore di cloud a implementare questo nuovo standard, che mira a prevenire violazioni dei dati dovute a errori umani e accessi non autorizzati basati esclusivamente su credenziali compromesse.
Oracle ha introducido Oracle Cloud Infrastructure Zero Trust Packet Routing (OCI ZPR), una característica de seguridad innovadora integrada en la infraestructura de red de OCI. Esta innovación separa la seguridad de la red de la arquitectura de red, abordando una vulnerabilidad importante en la seguridad en la nube. OCI ZPR permite a las organizaciones:
1. Establecer atributos de seguridad en los recursos
2. Redactar políticas en lenguaje natural para limitar el tráfico de red
3. Protegerse contra configuraciones incorrectas de la red
Los beneficios clave incluyen una mayor postura de seguridad, un cumplimiento más ágil y una gestión de seguridad simplificada. OCI es el primer proveedor de nube en implementar este nuevo estándar, que busca prevenir brechas de datos resultantes de errores humanos y accesos no autorizados basados únicamente en credenciales comprometidas.
오라클이 오라클 클라우드 인프라 제로 트러스트 패킷 라우팅(OCI ZPR)을 도입했습니다. 이는 OCI 네트워크 구조에 통합된 혁신적인 보안 기능입니다. 이 혁신은 네트워크 보안을 네트워크 아키텍처와 분리하여 클라우드 보안의 주요 취약점을 해결합니다. OCI ZPR은 조직이 다음을 수행할 수 있도록 합니다:
1. 리소스에 대한 보안 속성 설정
2. 네트워크 트래픽을 제한하는 자연어 정책 작성
3. 네트워크 잘못 구성으로부터 보호
주요 이점으로는 보안 태세 개선, 간소화된 컴플라이언스 및 간단한 보안 관리가 있습니다. OCI는 인간의 오류와 손상된 자격 증명에 기반한 무단 접근으로 인한 데이터 유출을 방지하는 것을 목표로 하는 이 새로운 표준을 구현한 첫 번째 클라우드 제공업체입니다.
Oracle a présenté Oracle Cloud Infrastructure Zero Trust Packet Routing (OCI ZPR), une fonctionnalité de sécurité révolutionnaire intégrée dans le tissu réseau de l'OCI. Cette innovation dissocie la sécurité réseau de l'architecture réseau, répondant ainsi à une vulnérabilité majeure de la sécurité des clouds. OCI ZPR permet aux organisations de :
1. Définir des attributs de sécurité pour les ressources
2. Rédiger des politiques en langage naturel pour limiter le trafic réseau
3. Se protéger contre les erreurs de configuration réseau
Les avantages clés incluent une posture de sécurité améliorée, une conformité rationalisée et une gestion de la sécurité simplifiée. OCI est le premier fournisseur de cloud à mettre en œuvre cette nouvelle norme, qui vise à prévenir les violations de données résultant d'erreurs humaines et d'accès non autorisés basés uniquement sur des identifiants compromis.
Oracle hat Oracle Cloud Infrastructure Zero Trust Packet Routing (OCI ZPR) eingeführt, eine bahnbrechende Sicherheitsfunktion, die in das OCI-Netzwerk integriert ist. Diese Innovation trennt Netzwerksicherheit von Netzwerkarchitektur und adressiert eine große Verwundbarkeit in der Cloud-Sicherheit. OCI ZPR ermöglicht es Organisationen:
1. Sicherheitsattribute für Ressourcen festzulegen
2. Richtlinien in natürlicher Sprache zu verfassen, um den Datenverkehr im Netzwerk zu beschränken
3. Sich gegen Netzwerkfehlkonfigurationen abzusichern
Die wichtigsten Vorteile sind verbesserte Sicherheitslage, vereinfachte Compliance und eine vereinfachte Sicherheitsverwaltung. OCI ist der erste Cloud-Anbieter, der diesen neuen Standard implementiert, der darauf abzielt, Datenverletzungen aufgrund menschlicher Fehler und unbefugten Zugriffs zu verhindern, die ausschließlich auf kompromittierten Anmeldeinformationen beruhen.
- First cloud provider to implement Zero Trust Packet Routing (ZPR)
- Improves security posture by restricting access to sensitive data
- Streamlines compliance processes with easily demonstrable security controls
- Simplifies security management through attribute-based access restrictions
- None.
Insights
Oracle's introduction of Zero Trust Packet Routing (ZPR) in OCI marks a significant shift in cloud security paradigms. By decoupling network security from architecture, it addresses a critical vulnerability in traditional approaches. This innovation could substantially reduce the risk of data breaches caused by misconfigurations, a common Achilles' heel in cloud environments.
The ability to set security attributes on resources and write natural language policies is a game-changer for simplifying complex security management. It empowers security teams to enforce granular access controls without deep networking expertise, potentially lowering the barrier to implementing robust security measures. However, the effectiveness of this approach will heavily depend on the ease of policy creation and the system's ability to translate natural language into precise security rules.
Oracle's implementation of ZPR positions OCI as a pioneer in cloud security innovation. This move could significantly enhance Oracle's competitive edge in the cloud market, especially among security-conscious enterprises and regulated industries. The potential for streamlined compliance and simplified security management could be a strong selling point for OCI, potentially driving increased adoption.
However, the true impact will depend on how quickly other major cloud providers adopt similar technologies. If ZPR becomes an industry standard, Oracle's first-mover advantage may be short-lived. Nonetheless, this development demonstrates Oracle's commitment to security innovation, which could bolster its reputation in the enterprise cloud market and potentially lead to increased market share in the long term.
The introduction of ZPR in OCI addresses a critical pain point in IT operations: the complexity of maintaining security in ever-changing cloud environments. By separating security policies from network configuration, ZPR could significantly reduce the workload on IT teams and minimize human errors that often lead to security breaches.
This approach aligns well with the principles of Infrastructure as Code (IaC) and could enhance the efficiency of DevSecOps practices. However, organizations will need to invest in training and potentially restructure their IT operations to fully leverage this new paradigm. The transition may pose challenges, but the long-term benefits in terms of reduced operational overhead and improved security posture could be substantial for enterprises heavily invested in cloud infrastructure.
OCI Zero Trust Packet Routing enables organizations to decouple network configuration from network security to help prevent data breaches that result from human error
"As public clouds emerged, enterprises had the opportunity to redefine how they address network security," said Philip Bues, senior research manager, cloud security, IDC. "However, they carried over most of the same concepts that tightly coupled security and network configuration. A single mistake in a highly complex cloud network can result in exposure. OCI Zero Trust Packet Routing enables organizations to decouple network configuration from security, helping to eliminate the effects of human network configuration errors. This new standard driven by Oracle flips this all too often checkbox item on its head to provide an innovative solution for organizations that simplifies compliance efforts, reduces the burden on security teams, and ultimately strengthens security."
"Traditional security tools try to protect sensitive data by blocking access, but history shows it is almost impossible to anticipate all the ways a hacker might attempt to infiltrate a network," said Danny Hillis, co-founder, Applied Invention. "With Zero Trust Packet Routing, the network does not allow any data to move through the network without explicit permission. Organizations using Oracle Cloud Infrastructure can now take advantage of this to better safeguard their data. Oracle is the first to offer this new level of security, and we're hopeful other cloud platforms will follow."
The new ZPR standard was needed as an organization's network architecture changes each time an application is launched, a new instance is scaled up, or additional database servers are added. Using a traditional network architecture-based security approach is time-consuming due to the sheer complexity of securing and auditing the configuration points. In addition, responsibility is transferred to network teams to implement security requirements, which can result in human error.
OCI Zero Trust Packet Routing helps address these challenges by separating network security from network architecture and enabling organizations to write security policies to enforce security intent at the network layer. This means traffic not explicitly allowed by policy will be restricted at the network level. As a result, organizations can:
- Improve security posture: Security teams can restrict access to sensitive data to a specific path, such as request origination host, network segment, or target data service. This helps reduce the attack surface area and safeguard against data exfiltration based on compromised credentials alone.
- Streamline compliance: Security teams can quickly and easily prove to auditors that the necessary security controls are in place to meet compliance requirements by limiting access to a single, authorized path with natural language policies.
- Simplify security management: Security teams can restrict access to sensitive data based on security attributes. Once a security attribute is set on data, security controls are automatically enforced based on the policies in place. This minimizes the need to deploy network-layer security rules based on characteristics such as IP addresses and ports.
"Though cloud network security has evolved over the last two decades, organizations are still increasingly vulnerable to unauthorized access and exfiltration of sensitive data due to security controls heavily reliant on user credentials," said Jae Evans, global chief information officer and executive vice president, Oracle. "OCI Zero Trust Packet Routing enables organizations to set security attributes on specific resources and then blocks traffic to those resources at the network level, making data security easier to understand, manage, and audit. It changes the paradigm of security in the cloud to protect organizations from malicious actors and the business-altering consequences of data breaches."
Additional Resources
- Read the technical blog
- Watch the OCI ZPR First Principles video
- Learn more about OCI Zero Trust Packet Routing
- Learn more about OCI Security
About Oracle
Oracle offers integrated suites of applications plus secure, autonomous infrastructure in the Oracle Cloud. For more information about Oracle (NYSE: ORCL), please visit us at oracle.com.
About Oracle CloudWorld
CloudWorld is where our customers and partners can see the latest innovations in cloud technology, discover methods for getting the most business value from AI today, and explore ways to increase productivity and efficiency through automation. You'll learn from experts and your peers who build and use the applications, cloud infrastructure, databases, developer tools, and AI services that help solve complex business challenges in every industry. Join us to develop new skills and see new capabilities in action. Register now at oracle.com/cloudworld or follow the news and conversation at oracle.com/news and linkedin.com/company/oracle.
Trademarks
Oracle, Java, MySQL and NetSuite are registered trademarks of Oracle Corporation. NetSuite was the first cloud company—ushering in the new era of cloud computing.
View original content to download multimedia:https://www.prnewswire.com/news-releases/oracle-strengthens-organizations-cloud-security-posture-by-separating-network-security-from-network-architecture-302243043.html
SOURCE Oracle
FAQ
What is Oracle Cloud Infrastructure Zero Trust Packet Routing (OCI ZPR)?
How does OCI ZPR improve an organization's security posture?
What advantages does OCI ZPR offer for compliance and security management?
When did Oracle (ORCL) announce the availability of OCI Zero Trust Packet Routing?
