For the past year, Oracle Enterprise Landing Zone v1 has enabled customers like you to rapidly onboard workloads to OCI using industry and Oracle best practice guidance. Building on the success of the Oracle Enterprise Landing Zone v1 (OELZv1), OCI has just released Oracle Enterprise Landing Zone v2 (OELZv2), which provides an updated experience with new and existing features, built on top of a new modular design to scale efficiently as your environment grows. 

Some common use cases for Oracle Enterprise Landing Zone v2 include support to:

• Create a landing zone to connect to other clouds, such as Microsoft Azure, as part of Oracle’s distributed clouds strategy.
• Help with compliance objectives such as CIS Benchmarks 1.2 with the new a set of OCI pre-built policies and guardrails.
• Automate the creation of new accounts, users, and resources on OCI, making it easier to scale the cloud infrastructure as your organization grows.

Oracle Enterprise Landing Zone v2 enables the following benefits:

• Accelerated time to value:  Automates the ability to use Oracle best practices to help secure the cloud environment and comply with industry standards such as CIS Benchmarks 1.2.
• Prescriptive: Contains both OCI and industry best practices guidance.
• More out-of-the-box controls: Includes a set of built-in security controls, such as network segmentation and identity and access management (IAM) policies, that help address security for your OCI environment.
• Enhanced governance: Provides a set of pre-built policies and guardrails that help address compliance requirements such as CIS OCI Benchmarks 1.2 and make it easier to manage and audit the OCI environment.
• Reduce complexity: Provides deployment templates that help eliminate the need to invest a long time to determine security best practices to deploy to a public cloud.
• Automation: Minimizes engineering overhead using the infrastructure-as-code (IaC) approach, which is inherent to landing zones and enables repeatable and stable environments. The automated repeatability helps reduce the risk of manual error and enables easier scaling of multiple landing zones.

So, what's new?

Oracle Enterprise Landing Zone v2 provides numerous updates while also maintaining existing features that are crucial to our customers’ continued success with OCI onboarding.

Here are the v1 features that are also present in this new landing zone:

Now to the good part – what’s new in Oracle Enterprise Landing Zone v2?

Oracle Enterprise Landing Zone v2 has all the features present in OELZ v1 and, in addition, now supports:

Oracle Enterprise Landing Zone Architecture

Following are the newest components of the Oracle Enterprise Landing Zone v2:

• Tenancy: The root of the OCI environment, which is the highest level of organization in the OCI environment. A tenancy contains one or more compartments, and all resources in the OCI environment belong to a tenancy.
• Compartments: Logical groupings of resources within a tenancy. Compartments provide a way to organize and isolate resources in your environment. Resources within a compartment are isolated from resources in other compartments.
• OCI IAM: Enables you to securely manage users, groups, and policies in your OCI environment. This includes creating and managing users, groups, and policies, as well as managing access to resources.
• Virtual Cloud Network (VCN): A virtual version of a traditional network that you can use to connect your on-premises infrastructure to the Oracle Cloud. It provides an isolated, private network space in the Oracle Cloud where you can launch your resources.
• Security Lists and Network Security Groups (NSGs): These are the firewalls that help protect your VCN. Security Lists and NSGs give you granular control over inbound and outbound traffic.
• Dynamic Routing Gateway (DRG): The DRG is a virtual router that provides a path for private network traffic between a VCN and a network outside the region, such as a VCN in another Oracle Cloud Infrastructure region, an on-premises network, or a network in another cloud provider.
• DRG Attachment: This enables you to create a direct network connection between VCNs through a DRG so that resources in one VCN can communicate with resources in another VCN using the Hub & Spoke Architecture.
• Security Automation: This includes a set of pre-built security controls, policies, and guardrails that help to ensure that your OCI environment is secure and compliant with industry standards.
• Automation Tools: This includes Terraform, a popular infrastructure-as-code (IaC) tool, for automating the creation of new accounts, users, and resources on OCI.

These are the main components of Oracle Enterprise Landing Zone v2. The components and configuration may vary depending on your use case and requirements. The following diagram illustrates an Oracle Enterprise Landing Zone v2 reference architecture. 

Try it today

Now that you have had a small taste of the capabilities and features that will be part of Oracle Enterprise Landing Zone v2, go to the repository and start using it.