Introduction Lift and shift of Oracle Applications from on premise to Oracle Cloud Infrastructure requires careful planning and enterprises want the same or...
Introduction Lift and shift of Oracle Applications from on premise to Oracle Cloud Infrastructure requires careful planning and enterprises want the same or higher level of security when moving their workloads to the cloud. OCI provides a number of features for securing application deployments/network and administrative access to these deployments. Check out the OCI security best practices white paper available here...
Introduction Lift and shift of Oracle Applications from on premise to Oracle Cloud Infrastructure requires careful planning and enterprises want the same or higher level of security when moving their...
Customers can use Oracle CASB Cloud Service (hereafter referred to as CASB) to monitor and gain deeper visibility into their OCI environments to protect against...
Customers can use Oracle CASB Cloud Service (hereafter referred to as CASB) to monitor and gain deeper visibility into their OCI environments to protect against security threats. CASB supports security monitoring of a rich set of cloud applications. This link describes the set of applications that CASB can monitor and how to prepare them for monitoring. This post is focused on OCI as a target application for CASB. CASB provides some capabilities out-of-the box for all the...
Customers can use Oracle CASB Cloud Service (hereafter referred to as CASB) to monitor and gain deeper visibility into their OCI environments to protect against security threats. CASB...
OCI provides a load balancing service which can be leveraged to distribute incoming traffic from clients amongst a set of servers. A simple example can...
OCI provides a load balancing service which can be leveraged to distribute incoming traffic from clients amongst a set of servers. A simple example can illustrate this feature. I have two compute instances in OCI running Apache HTTP Server. The Apaches are listening on port 80 for incoming requests. I have defined a Load Balancer in OCI which routes traffic to these two Backend servers. The Load Balancer accepts http requests over port 80 as shown in the figure above. From...
OCI provides a load balancing service which can be leveraged to distribute incoming traffic from clients amongst a set of servers. A simple example can illustrate this feature. I have two compute...
Introduction Compartments are a powerful feature in Oracle Cloud Infrastructure (OCI) for security isolation and access control. They accomplish that by...
Introduction Compartments are a powerful feature in Oracle Cloud Infrastructure (OCI) for security isolation and access control. They accomplish that by providing a global logical namespace where policies can be enforced, as folders in a file system. By being global, they stretch out to all OCI regions within a given tenancy. Through policy enforcement, they deliver the right access level according to the parameters defined by the organization for resource management and...
Introduction Compartments are a powerful feature in Oracle Cloud Infrastructure (OCI) for security isolation and access control. They accomplish that by providing a global logical namespace...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just a couple of weeks ago I happened upon a real world use case for it and had a chance to put IDCS' Device Code support to actual use. In most cases when you log into a Unix server over SSH you should be using a key pair - you upload your public key to the server and then the ssh client uses your private key to prove to...
In a blog post a couple of months ago I described how the OAuth Device flow works and gave some general and hypothetical examples of when you might use it. Just a couple of weeks ago I happened upon a...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is fully standards-compliant and implements various standards like SAML (Security Assertion Markup Language), OAuth, OIDC (OpenID Connect), etc. Those standards help customers integrate with other products implementing that same standard. One use case that I came across, a few times recently, is...
.cb11w1 ul li, .cb11w1 ol li { line-height: 1.4em; color: #404040 } Overview IDCS (Identity Cloud Service) is Oracle's next-gen Identity solution built in the cloud for the cloud. It is...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you can just run "oci session authenticate" and the CLI will open your browser and push you through a (much) simpler process that basically amounts to just logging in and clicking yes. If you use the CLI directly on your laptop this works swimmingly. But what if you want to run the CLI...
The OCI team just announced the ability for federated users to use the CLI. The TL;DR description of the feature is that users don't have to create a key pair and upload it into OCI. Instead you...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can detect risk, anomalies and potential security violations. In OCI, the target of CASB monitoring is a compartment. Once an OCI compartment is configured in CASB, out-of-box baseline monitoring kicks in to find security anomalies. However, policies still need to be configured to...
Introduction Oracle CASB Cloud Service is used for security monitoring the cloud footprint of SaaS, PaaS and IaaS components. CASB, when configured to monitor Oracle Cloud Infrastructure (OCI), can...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications to create a new Application 2: Select Confidential Application because we're creating a 3-legged app 3: Fill in the first screen Only name is required, and if you aren't sure what the other fields mean that's all you should enter. 4: Configure the App IDCS supports basically all...
Where is the simple "shake 'n' bake" / step by step guide to creating a 3-legged, Authorization Code flow OAuth client in IDCS? Right here. 1: From the Dashboard in IDCS click the + under Applications...
