Post on 21-Apr-2020
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud Overview and DoD IL5 Direction
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
1) Oracle Cloud Strategy2) Oracle OCI DoD IL5 Statement of Direction3) Oracle OCI Gen 2 Overview4) Oracle Hybrid Cloud5) milCloud® 2.0 6) Oracle Autonomous Cloud7) Oracle Blockchain8) Next Steps
First Presentation Agenda
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Highest, Most ConsistentPerformance
Low, Predictable Pricing
Enterprise Workload Migration
a true enterprise cloud
Oracle Cloud Infrastructure:
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud Infrastructure Strategy
Cloud apps & tools, managed by Oracle, behind your firewall
Integration
Mobile
Business Insight Collaboration
Custom AppsData Mgmt
Tools & services to build, extend, & deploy cloud applications
Analytics
ERP
Data
Modern HR
CX
Supply Chain
Cloud applications to accelerate your business
StorageComputeNetworking
Public cloud built for enterprises, optimized for Oracle Apps & Platform, integrated with open ecosystem
BROAD OPEN ECOSYSTEM
Third party apps, tools, and services to complete solutions
HYBRID
On Premise
Oracle Platforms
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Oracle Supports the Full Range of Strategic IT Options
Solutions for your whole portfolio, including the most critical apps
Replace
with SaaS
Migrate
existing
apps
Migrate and
enhance
existing apps
Migrate and
re-architect
existing apps
Build
all-new
apps
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Pervasive: 27 Oracle Cloud Regions… and Growing
Canada
US EastUS CentralUS WestUS Gov (2)US DOD (3)
UK North/SouthUK Gov
Japan East/West
EU
Brazil
Singapore
China*
Germany
ANZ East/Central
Turkey*
Middle East*
Korea*
India*
*Italics – planned regions | Not all services are available in every region | NetSuite regions: US West, US East, EU, UK North, UK South, Canada
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 8
- ISO 27001 - The ISO/IEC 27000 family of standards helps organizations keep information assets secure.
– Regions: Phoenix (Arizona), Ashburn (Virginia), London (United Kingdom), and Frankfurt (Germany)
– Services covered: Compute, Block Volumes, Object Storage, Networking, Database, Governance, and Load Balancing
• SOC 1, SOC 2 and SOC 3 - System and Organization Controls Report
– Regions: Phoenix (Arizona), Ashburn (Virginia), and Frankfurt (Germany)
– Services covered: Compute, Block Volumes, Object Storage, Networking, Database, Governance, and Load Balancing
• PCI DSS Attestation of Compliance - The Payment Card Industry Data Security Standard
– Services covered: Compute, Networking, Load Balancing, Block Volumes, Object Storage, Archive Storage, File Storage, Data Transfer Service, Database, Exadata, Container Engine for Kubernetes, Registry, FastConnect, and Governance.
• HIPAA Attestation
– Services covered: Compute, Networking, Load Balancing, Block Volumes, Object Storage, Archive Storage, File Storage, Data Transfer, Database, Exadata, FastConnect, and Governance Services.
• Strong security controls to meet GDPR requirements
Verifiably Secure Infrastructure
Third-Party Audit, Certifications and Attestations
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | 9
• Oracle Gen 1 IAAS Government Cloud - Common Controls – FedRAMP HIGH Authorization https://marketplace.fedramp.gov/#/product/government-cloud---common-controls?sort=productName&productNameSearch=oracle
• Oracle Federal Managed Cloud Services(HOSTING) – FedRAMP MODERATE/DoD IL2 and received Provisional Authorization for DoD IL5 https://marketplace.fedramp.gov/#/product/federal-managed-cloud-services?sort=productName&productNameSearch=oracle
• Oracle Service Cloud(DoD) - FedRAMP MODERATE + received Provisional Authorization for DoD IL4 https://marketplace.fedramp.gov/#/product/oracle-service-cloud-dod?sort=productName&productNameSearch=oracle
• USAF MYPERS(2016) One of Air Force’s Most Important Unclassified Systems is Now in the Oracle CloudMyPers, the Air Force’s personnel portal for 1.7 million active duty and retired airmen,https://www.nextgov.com/it-modernization/2016/10/one-air-forces-most-important-unclassified-systems-now-oracle-cloud/132298/
• Oracle Fusion Cloud – FEDRAMP MODERATE READY https://marketplace.fedramp.gov/#/product/fusion-cloud?sort=productName&productNameSearch=oracle
• Oracle Taleo Cloud - FedRAMP MODERATE AUTHORIZED https://marketplace.fedramp.gov/#/product/taleo-cloud---us-government-cloud?sort=productName&productNameSearch=oracle
• Oracle Planning & Budgeting Cloud Service – FEDRAMP LOW IN PROCESS https://marketplace.fedramp.gov/#/product/planning-and-budgeting-cloud-services?sort=productName&productNameSearch=oracle
Verifiably Secure Infrastructure
Past Oracle DoD and FEDRAMP Certifications
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Open. Integrated. Secure. Complete.
COTS/GOTS, Open
Source & Custom
ApplicationsBuilt for
Government
Defense in Depth
Security &
Compliance
Ashburn, VA
DoD, CAP East
Chicago, IL
DoD State of the Art
Facilities
Oracle US Government Cloud for PaaS & IaaS
In Process
3PAO provider is Schellman
10
Phoenix, AZ
DoD
Santa Clara, CA
CAP West
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
High performance compute, storage, database, edge on the same flexible virtual network
Oracle DoD Cloud Infrastructure Overview
DOD Regions
SERVICES
CO
NN
EC
TIV
ITY
STORAGECOMPUTE DATABASE NETWORK
PHYSICAL NETWORK
VIRTUAL NETWORK
Datacenter
GOVERNANCE
(IAM / APIs)Department A Department B Department C
ORACLE
REGION n
YOUR
DATACENTER
INTERNET
EDGE
Ashburn Phoenix Chicago
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Virtual Network: High-Fidelity Private Networking and Connectivity
Console or API-driven; same 25Gbps network for all core services; <500µs one-way latency between Availability Domains
ORACLE CLOUD REGION
Customer accessthrough the DISN
Deep VCN control: Subnets, routing rules, IP address space, firewall rulesSecure, reliable connectivity: IPSec VPN, FastConnect
BCAP Connection
AVAILABILITY
DOMAIN
VIRTUAL CLOUD NETWORK
Subnet-A Subnet-n
Subnet-B Subnet-n1
Subnet-C Subnet-n2
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
FEDRAMP Moderate In Process(DoD IL2)https://marketplace.fedramp.gov/#/product/oracle-cloud-infrastructure-government-
cloud?sort=productName&productNameSearch=oracle
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Initial DISA IL2 PATO for Two Oracle Government Regions.
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud Infrastructure(OCI) Government(OCI GOV) is our main
Government/DoD Cloud for IAAS/PAASThe following is intended to outline our general product direction. It is intended for information purposes only, and may not be
incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied
upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s
products remains at the sole discretion of Oracle. Dates are subject to change based on GSA FEDRAMP Agency Authorization and
DISA process and timelines.
In a 10 month timeframe Oracle has built 5 dedicated OCI Gov & DoD Cloud regions for
US government workloads in Ashburn, VA, Chicago, IL, Phoenix, AZ. OCI GOV have
attained IL2 PATO and OCI DoD have completed the audits by 3PAO(Schelmman) for IL5,
and our IL5 package is currently under review by DISA. Orderable & Provisionable since
Mar 14, 2019 - Oracle Cloud Infrastructure Services(Audit, Block Storage, Object Storage
Compute, Database, Exadata, Identity and Access Management, Key Management Service
(KMS), Load Balancing, Networking: Virtual Cloud Networks (VCN))
FEDRAMP MODERATE & DoD IL2 by 2nd Half CY 2019 – Gov OCI Data Center 1&2
FEDRAMP HIGH by 2nd Half CY 2019 – Gov OCI Data Center1/2
DoD IL5 PATO by 2nd Half CY 2019 – DoD OCI Data Center 3/4/5
Proprietary & Confidential – Oracle Restricted - Do Not Distribute
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Oracle Cloud Infrastructure Benefits: Best of Both Worlds
Oracle Cloud Infrastructure Benefits
Consistently FastPredictable, fast
performance for serious
workloads, up to 10X faster
than competitors, backed by
performance SLAs
Most VersatileThe only cloud designed for
all workloads, from
Enterprise IT to cloud-
native, reducing operational
overhead
Comprehensive
ControlManage apps with the tools
you know without
retraining, while increasing
agility
Optimized for OracleOnly cloud with Oracle RAC and Exadata
performance and reliability. Automated
migration tools for Oracle Applications.
Predictable SavingsSimple & flexible pricing for all services,
providing savings of up to 50% over other
providers
Public Cloud Benefits
• Adding capacity takes minutes
• Only pay for what you use
• Minimize data center costs
On-premises Benefits
• Raw iron performance
• Dedicated hardware
• Governance and control
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |Copyright © 2017, Oracle and/or its affiliates. All rights reserved. | 17
Enterprise IaaS Architecture (Gen2 Cloud)
• Industry’s first Bare Metal Cloud Services w/ support for key enterprise applications
• Fast, flat network: massive interconnect bandwidth with no resource over-subscription
• Off-Box Network Virtualization (runs directly on hardware, not hypervisor)
• Robust security, tenant isolation & governance
• Flexibility and Control (Bare Metal and VMs share the same APIs)
OPEN ECOSYSTEM
Third party applications, tools, and services
CLOUD NATIVE APPLICATIONS
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
High Performance Cloud Services: Compute, Storage, Database
• Low latency, high bandwidth networks
• Highly configurable virtual networking, load balancing, firewalls, DNS
• Superfast and predictable compute, database, and storage
VIRTUAL NETWORK
PHYSICAL NETWORK
STORAGENVMe, Block, Object, Archive
Hundreds of thousands to
millions of I/O per second
COMPUTEBare metal, GPUs, VMs, Containers
X7: 52 cores, 768 GB RAM, 51 TB NVMe, Millions of IOPS
DATABASEBare metal, VMs, RAC, Exadata
Thousands to millions of transactions per second
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Announcing the first end-to-end SLA’s for cloud infrastructure
AVAILABILITY Covered
PERFORMANCE Covered
MANAGEABILITY Covered
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Enterprise Grade Cloud Leadership• Extreme & Predictable Performance, Reliability, & Security
• Enterprise Level Features and New Technologies
• Missions depend on Oracle HW & SW today
• Low risk migration from traditional to Cloud
• Flexible deployment – Capacity where you need it
• Complete Cloud Offering – IaaS, PaaS, & SaaS
• Avoid hidden costs, lock-in, variable performance,
and other risks of alternative cloud offerings
72+ Million Weekly Active Users
62+ BillionTransactions per Day
118,000+ Enterprise Cloud
Tenants
Why consider Oracle Cloud for the Department of Defense
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
“We were seeing 75% utilization and 60X
performance improvements over other
cloud providers”
Extreme Cloud Performance and Consistency
Navindra Yadav,
founder, Cisco Tetration
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Data Guard, GoldenGate–Minimal downtime maintenance,
upgrades, migrations
Active Data Guard– Data Protection, DR
– Query Offload
GoldenGate– Active-active replication
– Heterogeneous
Active Standby Site
RMAN, Oracle Secure Backup,
Zero Data Loss Recovery Appliance– Backup to disk, tape or cloud
Enterprise Manager Cloud Control– Site Guard, Coordinated Site Failover
Real Application Clusters (RAC)– Scalability
– Server HA
ASM– Local storage protection
Production Site
Flashback– Human error
correction
Enterprise Ready: Oracle Maximum Availability Architecture
28
Application
Continuity– Application HA
Global Data Services – Service Failover / Load Balancing
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Shared Responsibility Model
• Security is a shared responsibility between the customer and the cloud provider
• The cloud provider is responsible for the security “of” the cloud and customers are responsible for their security “on” the cloud
Confidential – Highly Restricted
Responsibility Customer Oracle Cloud Infrastructure
Identity and Access Management Protect credentials and manage access Provide effective and easy-to-use identity management,
authentication, authorization, and auditing solutions
Workload Security Patch apps and OS, configure OS, and protect against
malware and network attacks
Secure images and make it simple for customers to bring
existing third-party security solutions
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Shared Responsibility Model (cont’d)
Confidential – Highly Restricted
Responsibility Customer Oracle Cloud Infrastructure
Data Classification and Compliance Correctly classify and label data and meet compliance
requirements; audit solutions to meet compliance
requirements
Provide compliance reports for underlying infrastructure
Host Infrastructure Security Securely configure and manage compute (virtual hosts,
containers), storage (object, local storage, block
volumes), and platform services (database
configuration)
Ensure that the service is optimally configured and
secured, including hypervisor security and the
configuration of the permissions and network access
controls required to ensure that hosts can communicate
correctly and that devices are able to attach or mount the
correct storage devices
Network Security Securely configure network elements such as virtual
networking, load balancing, DNS, and gateways
Provide secure network infrastructure
Client and End-Point Protection Secure all clients and endpoints that are used to access
Oracle Cloud Infrastructure services
Not applicable
Physical Security Not applicable Protect the global infrastructure (hardware, software,
networking, and facilities) that runs all of the services in
Oracle Cloud Infrastructure
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Data Encryption
Security Controls
Visibility
Secure Hybrid Cloud
Meet compliance requirements regarding data encryption, cryptographic algorithms, and key management
Effective and easy-to-use security management to constrain access and segregate operational responsibilities
Provide log data and security analytics for auditing and monitoring actions on customer assets
Enable customers to use their existing security assets | Integrate with on-premise security solutions | Support for third-party security solutions
Customer Isolation Full isolation from other tenants and Oracle’s staff, and between a tenant’s workloads
High AvailabilityFault-independent data centers that enable high-availability scale-out architectures
and are resilient against attacks
The 7 Pillars of a Trusted Enterprise Cloud Platform
Verifiably Secure Infrastructure
Transparency about processes and internal security controls | Third-party audits and certifications | Customer pen-testing and vulnerability scanning | Jointly
demonstrated compliance
1
2
3
4
5
6
7
31
Security needs and why they matter
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Data Encryption
Security Controls
Visibility
Secure Hybrid Cloud
Customer Isolation
High Availability
Oracle Cloud Infrastructure Security Capabilities at a Glance
Verifiably Secure Infrastructure
1
2
3
4
5
6
7
32
Mapping security needs to Oracle technologies
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Hybrid Cloud
On Premises Oracle CloudSame Architecture
Same Software
Same Skills
Hybrid Cloud
Oracle Database
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Exadata Database MachinePerformance, Availability and Security
Best Platform for Oracle Databases on-premises and in the Cloud
Enabled by:
• Single-vendor accountability
• Exclusive focus on databases
• Deep hardware and software integration
• Revolutionary approach to storage
34
IT Modernization: Leverage the most advanced engineered system on the market
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Spectacular Customer Results
“Performance improved 17x with no
changes to our application”
— Jim Duffy, BNP Paribas
Global banking group,
headquartered in Paris
“Turkcell’s(leading mobile phone operator of Turkey) 250 TB
DB is now only 27 TB with Exadata Compression” — Ferhat
Sengonul, Turkcell
“Softbank(Large Japanese telecommunications & Internet corporation)
created a warehouse up to 8x faster while reducing costs 50%” — Keiichiro
Shimizu, Softbank
© 2011 Oracle Corporation
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Exadata Cloud: Choice of Deployment Models
36
Core ExadataPlatform
In Customer Data Centers
Exadata Cloud at Customer (ExaCC)
In Oracle Data Centers
Exadata Cloud Service (ExaCS)
Cloud Automation
Flexible Subscription
Model
Oracle-Managed Exadata
Infrastructure
Cloud Security and Hardening
Network Isolation
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Cloud Infrastructure (IaaS): Choice of Subscription Models
37
In Customer Data Centers
Private Cloud at Customer (PCC)
In Oracle Data Centers
Oracle Cloud Infrastructure (OCI)
Cloud Automation
Flexible Subscription
Model
Oracle-Managed
Cloud Infrastructure
Cloud Security and Hardening
Network IsolationNetwork
+Compute
+ Storage
+Cloud Provisioningand Management
Public CloudPublic Cloud
MISSION
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Bring Your Own License (BYOL)
Eliminates software costs
Exadata Speed with Self-Optimizing DB
Reduces runtime costs +IL5 DOD Private Cloud
Meets Your SLAs and RTO/RPO+
milCloud® 2.0 and Exadata Lowers Risk
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. | Confidential – Oracle Internal/Restricted/Highly Restricted 39
Example Layouts – iAAS for Exadata - milCloud® 2.0
DB1/RAC VM 1
DB1/DG VM 3
DB1/RAC VM 2
Data Guard
DB1/RAC VM 1,2,3
DB3 VM 1
DB4 VM 1
DB2/RAC VM 1
DB2/RAC VM 2
DB5 VM 1
DB2/RAC VM 1,2
DB3 VM 1
DB4 VM 1
DB5 VM 1
DB1 requires Gold service level – Backup/HA/DR
DB2 required Silver service level – Backup/HA
DB3,4,5 required Bronze service level – Backup
Mix and Match service levels between Data centerAgency can use any DB options for which they have licenses
OKC AL
Tape
Local
Backup
Tape
Local
Backup
DB6/RAC VM 1,2,3,4
DB6 requires Platinum service level – Backup/HA/DR
DB6/RAC VM 1
DB6/RAC VM 3
DB6/RAC VM 3
DB6/RAC VM 4
Data Guard
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Reduce RisksAvoid breach costs, reputational damage, and revenue losses
Focus on InnovationShift resources to higher value tasks, accelerate productivity and time to insights
Oracle Autonomous Database
Reduce CostsReduce admin costs up to 80%; dynamically adjust resources, save up to 70%
40Copyright © 2019, Oracle and/or its affiliates. All rights reserved.
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
9i9i
Automatic Query Rewrite
Automatic Undo Management
10g10g
Automatic Memory Management
Automatic Segment Space Mgmt
Automatic Statistics Gathering
Automatic Storage Management
Automatic Workload Repository
Automatic Diagnostic Monitor
11g11g
Automatic SQL Tuning
Automatic Workload Capture/Replay
Automatic SQL Plan Management
Automatic Capture of SQL Monitor
Automatic Data Optimization 12c12c
Autonomous Health Framework
Automatic Diagnostic Framework
Automatic Refresh of Clones18c18c
Automatic Columnar Flash
Automatic IM population
Automatic Application Continuity
Oracle has invested thousands of engineer years automating and optimizing database
Journey to Autonomous Database
41Copyright © 2019, Oracle and/or its affiliates. All rights reserved.
19c19c
Automatic Indexing
Performance Improvements
• 14X performance increase over
other cloud environments
• Loaded 500M rows of data in
less than three minutes —
up to 15X faster
• Transitioning 20,000+ data
administrators to data
professionals
Copyright © 2019, Oracle and/or its affiliates. All rights reserved. 42
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Understanding Blockchain
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. 43
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Blockchain= Cryptographically-Secure Tamper-Evident Distributed Ledger
44
• Public (a.k.a. “Permissionless”)
– Anyone can join the network and have a
copy of the ledger, e.g.,: Bitcoin, Ethereum, Libra
– Typically involves computer resource intensive mining
process to add blocks cryptographically
– Consensus models based on computationally expensive
algorithms requiring the processing power of many nodes to ensure security
– Most likely includes tokens
• Permissioned
– Closed ecosystem: members are invited to join and keep a copy of the ledger
– Who members are in the real (legal) world is known (to at least the operators of the blockchain, but not necessarily all participants)
– Consensus protocols depend on knowing who the members are for greater scalability
– Most likely doesn’t include tokens
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Oracle Blockchain Platform (Cloud and/or On-Premises)
45
Food Provenance & Conflict Minerals
Maritime Shipping
Franchise Network
Customs & Excise Trade
Migration & Refugees
Lifecycle & Benefits
HealthRecords
PatientMonitoring
Anti-counterfeit drugs tracking
Supply Chain Use Cases
Public Sector Use Cases
Heath Care and Pharma Use Cases
Cross-border Funds Transfer
International Loyalty Programs
Bank Guarantee
Financial Services Use Cases
Securely, reliably extend business processes and accelerate B2B transactions
Customers
150+
A Number of Production Blockchain Networks
400+Trials
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Training Centralhttps://cloud.oracle.com/en_US/iaas/training
Blogshttps://blogs.oracle.com/cloud-infrastructure/
On Demand video Traininghttps://cloud.oracle.com/iaas/training/service-intro
Documentationhttps://docs.cloud.oracle.com/iaas/Content/home.htm
Copyright © 2018, Oracle and/or its affiliates. All rights reserved. |
Build Your Path To Cloud
1. Review your use cases and environment with Oracle
2. Take a test drive of the Oracle Cloud
3. Discuss what your new Oracle Cloud might look like (performance, cost, architecture)
Cloud.Oracle.com/IaaS
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. |