No results found

Your search did not match any results.

We suggest you try the following to help find what you're looking for:

  • Check the spelling of your keyword search.
  • Use synonyms for the keyword you typed, for example, try “application” instead of “software.”
  • Try one of the popular searches shown below.
  • Start a new search.

 

Trending Questions

Isolated Network Virtualization

Oracle Cloud Infrastructure—second-generation public cloud

First-generation clouds

First-generation clouds

In first-generation cloud offerings, if a successful attack compromises an instance and subsequently a hypervisor, there are no barriers if the attacker attempts to modify information on the network. This is because the networking is being managed by the same hypervisor that has been compromised: a VM escape gaining access to the underlying hypervisor also has access to the network. This can lead to several threats to the hosts on the network and could potentially expose private tenant data.

Second-generation clouds

Second-generation clouds

Oracle Cloud Infrastructure is different from first-generation clouds (most public clouds) because of the use of our custom-designed SmartNIC to isolate and virtualize the network, which enables greater external control of host network functionality. This SmartNIC is isolated by hardware and software from the host, preventing a compromised instance from modifying it. These layers increase the level of difficulty an attacker faces as well as the cost in tools and time that are required for a bad actor to be successful.

Attack and prevention

Attack and prevention

At a high level, the network traversal attack described above would be prevented by Oracle Gen 2 Cloud. The compromised host would have no access to the network configuration or be able to bypass the virtual cloud network security enforcement mechanisms throughout Oracle Cloud.