SAN FRANCISCO — Oracle Chairman and CTO Larry Ellison said the second-generation of his company’s cloud infrastructure uses “Star Wars cyber defenses” to secure customers’ data. That, and lots of robots.
“It required a fundamental re-architecture of our cloud,” he said during the Oracle OpenWorld keynote, adding that these Star Wars defenses will use two key technologies. The first: “impenetrable barriers that block threats from getting into the cloud,” Ellison said. “And then autonomous robots find threats and kill them.”
Ellison has been talking about the company’s autonomous technology for the past year, and the Oracle Autonomous Database took center stage at last year’s OpenWorld. At the time, Ellison also said security needs to be fully autonomous. But he admitted that Oracle’s wasn’t quite there yet.
Over the last 12 months, however, the company’s been quietly overhauling its security strategy. Its goal is to secure all applications and workloads across environments, from on-premises data centers to public clouds using an integrated, platform approach. It also relies heavily on the automation and machine learning capabilities that Oracle has been building into its product portfolio.
Cloud security promises to be a major theme of this year’s conference — former heads of the CIA, National Security Agency, Homeland Security, and British Secret Intelligence Service will join Oracle co-CEO Mark Hurd on stage later this week. And to kick off OpenWorld, Ellison highlighted the company’s bare-metal cloud infrastructure and its built-in security features.
Unleash the Robots
“The primary reason we rearchitected our cloud from the ground up was security,” Ellison said. “We’ve added lots more robots to protect every aspect of the cloud.”
He didn’t provide a lot of technical details (unless Oracle actually has robots patrolling its cloud data centers), but did say it required a complete hardware reconfiguration plus software advances.
It includes artificial intelligence (AI) and machine learning to monitor customers’ cloud infrastructure for compliance and threats, key management and cloud access security broker (CASB) services, a web application firewall (WAF) to protect Oracle-cloud applications and inspect all traffic destined for web apps, Distributed Denial of Service (DDoS) protection, and full physical isolation from other tenants and Oracle.
“We had to add a new network of dedicated, independent computers to basically surround the perimeter of our cloud — these are computers you don’t find in other clouds,” Ellison said. This means Oracle’s cloud control code doesn’t share a server with any customer code, and it’s important because it means customers can’t see — or change — Oracle’s control code.
“It not only protects the perimeter of Oracle’s cloud, these barriers also protect each customer’s zone so threats cannot spread from one customer to another,” Ellison said.
Customers can also choose varying degrees of isolation in Oracle’s cloud. They can have their own bare-metal server running on Oracle’s cloud infrastructure or multiple customer can share bare-metal. And by next year, customers can get the full Oracle Cloud Infrastructure on premises. “We’re willing to build out gen-2 cloud on your data center floor,” Ellison said. “Just for you, identical to what we have in our public cloud, with all the autonomous robots.”