Announcing Oracle Cloud Infrastructure Data Transfer Service for Data Export

Gail Truman
Principal Product Manager

Sometimes you need to copy or move vast amounts of data out of the cloud faster than you can do it over the internet. Perhaps you have media content or processed datasets that you need to send to a customer or a business partner’s site. Or, a disaster disrupted your business, and you need to recover cloud-stored data and have it delivered to your on-premises location. Maybe you’re in a regulated industry that mandates you have “exit management” practices in place for service providers, including the expedient return of your data to your on-premises sites.

Now, you can do all that securely with the Oracle Cloud Infrastructure Data Transfer service, which has been extended to offer both import and export services through the Oracle-supplied Data Transfer Appliance. You make a request, and we send you a storage appliance with your data encrypted on it. You send it back after you’ve copied your data. It’s that simple.

Screenshot of the Oracle Cloud Infrastructure Console showing the new Object Storage menu options: Data Transfer Import and Data Transfer Export.

Who Can Use It?

If you’ve established an Oracle Cloud Infrastructure tenancy by using Universal Credits—Monthly Flex, you’re eligible to use the Data Transfer Appliance to import or export your data.

How It Works

Here’s how the process works, in 10 steps.

1. Request Entitlement to Use the Service

Customers don’t want random people in their organization ordering appliances, so you need to request access to this service. We call this step “entitlement.” It’s a one-click process that sends the Terms and Conditions document to the buyer of your tenancy for a signature.

Screenshot showing a request for Data Transfer Appliance Entitlement.

2. Set Up Notifications

To help key people in your organization know when important events are triggered, such as when an export job is created and when Oracle ships the export appliance, you set up some notifications for them to receive.

3. Create a Manifest

To tell Oracle what objects (files) you want to download from your Object Storage bucket to the appliance, you generate a manifest. If you want only certain object names included in the export job, you can use boundary parameters that specify the prefix, start, or end of names.

4. Create an Export Job

The export job identifies two main items:

  • The Object Storage bucket that contains the data that you want exported
  • Where to send the export appliance

Screenshot showing the Create Export Job dialog box in the console.

For each export job, you can export up to 150 TB of data from the same bucket. If you need to export more than 150 TB, or if you need to export from more than one bucket, you can create more export jobs and request more appliances. (Ensure that your tenancy service limits are set appropriately before you request multiple transfer appliances.)

Screenshot that shows a list of export jobs on the the Data Transfer Exports page of the console.

5. Establish IAM Policies

Adding Oracle Cloud Infrastructure IAM policy language to your tenancy temporarily grants Oracle read-only access to the bucket where your data resides. The Data Transfer service provides these policies to make it easy to configure. This access is revoked after your data has been downloaded to the appliance.

6. Request the Export Appliance

Now you’re ready to request that an appliance containing your data is delivered to the address that you provided in the export job.

Screenshot showing the Request Data Transfer Appliance dialog box.

After Oracle receives and approves your request, your data is ready for Oracle to start the export process.

7. Secure Your Data, Copy It, and Ship It

Obviously, data transfers need to be secure. Let’s talk about how we do that.

The appliance is protected with AES-256-bit encryption for all data written to or read from the data export appliance. This encryption ensures that data is never stored “in the clear.”

Oracle encrypts the appliance before downloading the data to it. Access to the encryption key is controlled by IAM policies. All of this means that if your appliance is intercepted during shipment, unauthorized parties can’t access your data.

8. Receive and Set Up the Appliance

The 2U form-factor-sized Data Transfer Appliance that contains your data in its encrypted format is shipped to you in a ruggedized, wheeled shipping case. Both the appliance and the case are tamper-proof and tamper-evident. A security tag with a unique number is used to prevent—and indicate—unauthorized opening of the case. Furthermore, the appliance itself is welded shut with only the serial port and network ports exposed.

Pictire of a ruggedized shipping case for the Data Transfer Appliance.

Picture showing the Data Transfer Appliance itself, which is 2U form factor.

After you receive the appliance, you connect it to your local network.

9. Copy the Data

Using a laptop connected to the serial port of the appliance, you run a command to configure the appliance to your local network. Using the Oracle Cloud Infrastructure CLI from your local network, you can unlock the appliance.

You can then mount the NFS dataset on the appliance, and use standard Linux commands (for example, cp and rsync) to copy your data to your own systems.

10. Return the Appliance

You have a full month to copy your data from the appliance and send it back in its case. If you need more time, you can open a Support Request to ask for more. Before you return the appliance, delete all your data from the appliance and use the provided shipping label and security tie for the return shipment. After Oracle receives the appliance, we follow the NIST SP 800-88 standards to ensure that all your data has been fully wiped from the appliance.

More Information

For more information about data export, see the Data Transfer FAQ and the online documentation, or leave me a comment. For pricing information, see the pricing page.

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.