OCI Zero Trust Packet Routing enables
organizations to decouple network configuration from network
security to help prevent data breaches that result from human
error
LAS
VEGAS, Sept. 10, 2024 /PRNewswire/ -- Oracle
CloudWorld -- Oracle today announced the availability of Oracle
Cloud Infrastructure Zero Trust Packet Routing which is built
into the network fabric of Oracle Cloud Infrastructure (OCI). This
helps to curtail any unauthorized access to data by separating
network security from the underlying architecture. Based on the
2023 initiative to develop a new open standard with Applied
Invention and other organizations, OCI Zero Trust Packet Routing
enables organizations to set security attributes on resources and
write natural language policies that limit network traffic based on
the resources and data services accessed. As a result,
organizations can safeguard themselves from one of the most common
causes of compromise—network misconfigurations. OCI is the first
cloud provider to implement Zero Trust Packet Routing (ZPR) into
its platform.
"As public clouds emerged, enterprises had the opportunity to
redefine how they address network security," said Philip Bues, senior research manager, cloud
security, IDC. "However, they carried over most of the same
concepts that tightly coupled security and network configuration. A
single mistake in a highly complex cloud network can result in
exposure. OCI Zero Trust Packet Routing enables organizations to
decouple network configuration from security, helping to eliminate
the effects of human network configuration errors. This new
standard driven by Oracle flips this all too often checkbox item on
its head to provide an innovative solution for organizations that
simplifies compliance efforts, reduces the burden on security
teams, and ultimately strengthens security."
"Traditional security tools try to protect sensitive data by
blocking access, but history shows it is almost impossible to
anticipate all the ways a hacker might attempt to infiltrate a
network," said Danny Hillis,
co-founder, Applied Invention. "With Zero Trust Packet Routing, the
network does not allow any data to move through the network without
explicit permission. Organizations using Oracle Cloud
Infrastructure can now take advantage of this to better safeguard
their data. Oracle is the first to offer this new level of
security, and we're hopeful other cloud platforms will follow."
The new ZPR standard was needed as an organization's network
architecture changes each time an application is launched, a new
instance is scaled up, or additional database servers are added.
Using a traditional network architecture-based security approach is
time-consuming due to the sheer complexity of securing and auditing
the configuration points. In addition, responsibility is
transferred to network teams to implement security requirements,
which can result in human error.
OCI Zero Trust Packet Routing helps address these challenges by
separating network security from network architecture and enabling
organizations to write security policies to enforce security intent
at the network layer. This means traffic not explicitly allowed by
policy will be restricted at the network level. As a result,
organizations can:
- Improve security posture: Security teams can restrict
access to sensitive data to a specific path, such as request
origination host, network segment, or target data service. This
helps reduce the attack surface area and safeguard against data
exfiltration based on compromised credentials alone.
- Streamline compliance: Security teams can quickly and
easily prove to auditors that the necessary security controls are
in place to meet compliance requirements by limiting access to a
single, authorized path with natural language policies.
- Simplify security management: Security teams can
restrict access to sensitive data based on security attributes.
Once a security attribute is set on data, security controls are
automatically enforced based on the policies in place. This
minimizes the need to deploy network-layer security rules based on
characteristics such as IP addresses and ports.
"Though cloud network security has evolved over the last two
decades, organizations are still increasingly vulnerable to
unauthorized access and exfiltration of sensitive data due to
security controls heavily reliant on user credentials," said
Jae Evans, global chief information
officer and executive vice president, Oracle. "OCI Zero Trust
Packet Routing enables organizations to set security attributes on
specific resources and then blocks traffic to those
resources at the network level, making data security easier to
understand, manage, and audit. It changes the paradigm of
security in the cloud to protect organizations from malicious
actors and the business-altering consequences of data
breaches."
Additional Resources
- Read the technical blog
- Watch the OCI ZPR First Principles video
- Learn more about OCI Zero Trust Packet Routing
- Learn more about OCI Security
About Oracle
Oracle offers integrated suites of
applications plus secure, autonomous infrastructure in the Oracle
Cloud. For more information about Oracle (NYSE: ORCL), please visit
us at oracle.com.
About Oracle CloudWorld
CloudWorld is where our
customers and partners can see the latest innovations in cloud
technology, discover methods for getting the most business value
from AI today, and explore ways to increase productivity and
efficiency through automation. You'll learn from experts and your
peers who build and use the applications, cloud infrastructure,
databases, developer tools, and AI services that help solve complex
business challenges in every industry. Join us to develop new
skills and see new capabilities in action. Register now at
oracle.com/cloudworld or follow the news and conversation
at oracle.com/news and linkedin.com/company/oracle.
Trademarks
Oracle, Java, MySQL and NetSuite are
registered trademarks of Oracle Corporation. NetSuite was the first
cloud company—ushering in the new era of cloud computing.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/oracle-strengthens-organizations-cloud-security-posture-by-separating-network-security-from-network-architecture-302243043.html
SOURCE Oracle