The News: Oracle is expanding the built-in security services and capabilities of Oracle Cloud Infrastructure (OCI) to help customers protect their cloud applications and data against emerging threats. Five new capabilities round out OCI’s existing security offering, including a new built-in and cloud-native firewall service and enhancements to Oracle Cloud Guard and Oracle Security Zones. These new capabilities target ensuring that organizations can secure their cloud deployments and applications with simple, prescriptive, and integrated services that in most cases, do not require additional investment. Read the Oracle Press Release here.
Analyst Take: OCI is expanding its cloud security capabilities to meet growing enterprise demand for multiple layers of protection that can help identify and rout emerging threats and security breaches swiftly. The new capabilities include:
I see the five new security capabilities, including especially OCI Network Firewall, providing the cloud security differentiation needed to accelerate overall OCI sales and marketing cycles. Among the five new security capabilities, it is my understanding only the OCI Network Firewall requires additional investment and, as such, merits additional assessment.
For instance, through OCI Network Firewall’s flexible policy enforcement users can apply granular security rules on outbound, inbound (north-south), and lateral (east-west) traffic to both network and application workloads. The solution can be transparently inserted in the traffic path using virtual cloud network (VCN) routing rules and composed with other network functions such as OCI gateways and VCN subnets for security enforcement across arbitrary network topologies.
OCI Network Firewall also offers machine learning-powered capabilities to protect OCI workloads and flexibly consume on OCI. As an OCI native firewall-as-a-service, the solution enables customers to use firewall features without needing to manage and configure additional security infrastructure. The firewall inspects every request including transport layer security (TLS) encrypted traffic that traverses it and can enforce actions such as reject, drop, allow, intrusion detection, or prevention based on the user configured firewall policy rules.
With the OCI partnership, Palo Alto Networks gains a new feather in its marketing cap by enabling OCI to overcome the limitations of using physical firewalls to deliver consistent protection across entire networks and cloud fabrics. Palo Alto NGWFs already have a track record at enabling hyperscalers, such as AWS, to deliver an essential component of cloud security on an automated and integrated basis to organizations throughout their entire network including headquarters, office campuses, mobile and remote workforces, branch office, and data centers. Now OCI also counters the ability of AWS to use the Palo Alto NGFW technology as a cloud security differentiator.
From my view, additional key differentiators include Oracle Security Zone policies, which can act as security guardrails for resources and define allowable configurations, in contrast to people predicated IAM permission. Also, Oracle Cloud Guard Fusion Applications Detector provides pre-configured and customized configurations, promoted as “recipes,” to observe potential security violations in the applications. Since the recipes bundle best practices and lessons learned on a dynamic basis, I anticipate that the feature can make a difference at easing ecosystem-wide adoption of new OCI security capabilities.
Overall, I believe the five new OCI security capabilities fulfill ever-increasing organizational demand for cloud security solutions that improve the threat detection and prevention of their cloud applications and data across OCI. Plus, OCI now offers new security capabilities that counter and differentiate against the existing cloud security capabilities of key cloud rivals AWS, Azure, and Google Cloud. Let the competition intensify.
Disclosure: Futurum Research is a research and advisory firm that engages or has engaged in research, analysis, and advisory services with many technology companies, including those mentioned in this article. The author does not hold any equity positions with any company mentioned in this article.
Analysis and opinions expressed herein are specific to the analyst individually and data and other information that might have been provided for validation, not those of Futurum Research as a whole.
Oracle Exadata Cloud Infrastructure X9M Raises the Cloud Database Market Stakes
Oracle MySQL HeatWave: Teaching the Competition a Lesson in ML
Oracle Unleashes Multi-VM Autonomous Database on Exadata Cloud@Customer to Transform Data Management
The original version of this article was first published on Futurum Research.
In this guest contribution from Steve Vonder Haar, Senior Analyst with Wainhouse, a Futurum Group…
In this guest contribution from Craig Durr, Senior Analyst with Wainhouse, a Futurum Group Company,…
Futurum's Daniel Newman dives into the recent announcement coming out of Micron, that they will…
Futurum analyst Michael Diamond recaps the Amazon Devices and Services event and reviews some of…
Futurum senior analyst Steven Dickens provides his take on the latest announcements coming out of…
Futurum’s Ron Westfall and Daniel Newman examine Micron’s financial results for the fourth quarter 2022…