Generation 2: Ready for Anything

Oracle’s gen 2 cloud infrastructure is secure and ready for all workloads.

By Tom Haunert

January/February 2019

The first wave of cloud technology was great at addressing the needs of startup companies building cloud native apps, but established companies with significant investments in on-premises technology needed a more powerful cloud infrastructure. In 2019, with a more secure, second-generation cloud infrastructure, the time for enterprise technology to “move and improve” from on-premises data centers to the cloud is now.

Oracle Magazine sat down with Kyle York, vice president of product strategy at Oracle Cloud Infrastructure, to talk about generation 2 cloud infrastructure, cloud strategies, security, and more.

Oracle Magazine: At a high level, what is Oracle’s generation 2 cloud infrastructure?

York: One can think of the first-generation cloud as built for cloud native, net-new applications. Gen 2 cloud infrastructure is excellent for those use cases as well, but it also enables enterprises to replace on-premises data centers with a cloud deployment model.

Oracle Cloud Infrastructure is Oracle’s gen 2 cloud infrastructure, and it’s what we’re building and operating today. It’s purpose-built for the enterprise and couldn’t have been built 10 years ago or 5 years ago, from both an architecture and an open-source-capabilities perspective.

Oracle Cloud Infrastructure is available globally, and it has the feature set, the capabilities, and the differentiation to run all the mission-critical, high-volume, high-performance data­bases and workloads for the world’s most demanding enterprises. Oracle Cloud Infrastructure is ready for any and all workloads.

Oracle Magazine: What are the key benefits to businesses using Oracle Cloud Infrastructure?

York: Oracle Cloud Infrastructure enables businesses to take what they’re running in the data center and move it all to the cloud. How Oracle Cloud Infrastructure supports that move and modern cloud-based operations maps to five strategic pillars.

The first pillar is all about protecting existing investments. Businesses may have decades and decades of on-premises technology investments, and they are not just going to throw out all those investments. Part of Oracle Cloud Infrastructure bare metal architecture means businesses can “move and improve” all of their tech investments to the cloud.

The second pillar is security. This includes everything from network architecture and design to partnerships in networking and hardware. Oracle Cloud Infrastructure security encompasses security operations, network operations, and the Oracle products and services running on Oracle Cloud. This kind of shared security and these shared security operations are incredibly important. Data security is a top priority in choosing enterprise infrastructure, and concerns about security are one of the reasons why we think the enterprise has been so slow to move to the cloud sooner, because there hasn’t been a cloud that businesses can trust.

Oracle Cloud Infrastructure enables businesses to take what they’re running in the data center and move it all to the cloud.”

The third strategic pillar is mission-critical performance. It’s important to look at the performance of cloud infrastructure, from the low latency of the network to the compute and the storage. But it’s also important to deliver high performance at the lowest cost. The goal for Oracle Cloud Infrastructure is to have better performance than the rest of the cloud market—based on new architectures, new capabilities, and new technologies—but also deliver the best pricing for that performance so that our customers can more predictably manage costs. This is important for businesses looking at cloud offerings and measuring the cost benefits of their potential cloud solutions. Your cloud infrastructure should scale with your business needs, not run away from them.

The fourth pillar is Oracle’s enterprise expertise, and that includes everything from tooling and support to professional services and our partner ecosystems. We have the ability to help enterprises migrate and operate in the cloud, and we are able to offer enterprise-grade technology to companies of any size, because of the nature of our cloud, which is very scalable and available on demand.

The fifth pillar is openness, and that includes support for open source technology and interoperable standards. Openness makes it easy to move on-premises workloads, manage workloads, and orchestrate different workloads across customers’ premises in a hybrid and multicloud world. We’re also continuing to drive innovations in other areas, such as serverless computing, containers, orchestration, and streaming.

These five core pillars really drive business success and business value, and they’re very deliberate strategic decisions made from day zero in building Oracle Cloud Infrastructure.

Oracle Magazine: What are the security-focused features of Oracle Cloud Infrastructure?

York: Security, as I mentioned, is a strategic pillar and a core principle of Oracle Cloud Infrastructure. It starts with the infrastructure of our data centers, from the way we architect networks to the way we isolate compute environments and network resources. That isolation ensures that no customer can see another customer’s data or traffic or have access to the cloud control plane. Everything’s isolated to ensure the utmost security for customers.

Oracle Cloud Infrastructure isolates all customer traffic in a completely private, flat, three-layer, software-defined overlay network. Our compute isolation provides each customer a dedicated bare metal server where customers can run their own operating system or hypervisors. Customers can also choose to leverage other types of computing resources, such as virtual machines and containers.

Oracle Cloud Infrastructure isolates all customer traffic in a completely private, flat, three-layer, software-defined overlay network.”

Our isolation between the vendor and the customer means that customers deploy their workloads in our compute and storage environments without any of our control code being accessible. It’s a unique isolation mechanism and a first-class principle from the day we launched Oracle Cloud Infrastructure.

We view all security from the core to the edge. That’s from the core of the infrastructure—the data center’s compute, storage, and network—all the way to the edge of the infrastructure. That includes the domain name system (DNS), the global monitoring, and the global data services. But the edge also includes the end user connecting any application or workload. Security from core to edge is the end-to-end visibility and control that customers demand.

At Oracle OpenWorld 2018 in San Francisco, we announced four unique infrastructure security services and features. We launched the cloud infrastructure Web Application Firewall, which protects the edge of your network from malicious traffic, preventing botnet attacks and blocking bad traffic while ensuring that only the good traffic gets into your applications and workloads. The firewall uses machine learning algorithms to train the technology to not let a bad actor who was in yesterday back in today. So it’s whitelisting and it’s blacklisting—it’s a very adept service.

We also announced our distributed-denial-of-service (DDoS) protection. This is all about stopping volumetric and dispersed attacks, which are attacks that “fill the pipes” or send loads of bandwidth at your infrastructure and try to slow down access and/or take down endpoints. Web Application Firewall and DDoS are both edge security services.

The other two infrastructure security services are our Oracle CASB Cloud Service (Oracle Cloud Access Security Broker Cloud Service) and Oracle Cloud Infrastructure Key Management. Oracle CASB Cloud Service is for monitoring and enforcing configurations inside your environment—and ensuring that things don’t break because of human error. It also leverages machine-learning-based behavioral analytics to predict threats. Oracle Cloud Infrastructure Key Management gives customers the ability to control the encryption of their data. We use certified hardware security modules (HSMs) to deliver highly available, isolated, and encrypted data. Oracle CASB Cloud Service and Oracle Cloud Infrastructure Key Management Cloud are both core security services.

Next Steps

LEARN more about Oracle Cloud Infrastructure.

LEARN more about Oracle Cloud Infrastructure security.

TRY Oracle Cloud Infrastructure.

Photography by John Benford/Getty Images