Your search did not match any results.
We suggest you try the following to help find what you’re looking for:
In first-generation cloud offerings, if a successful attack compromises an instance and subsequently a hypervisor, there are no barriers if the attacker attempts to modify information on the network. This is because the networking is being managed by the same hypervisor that has been compromised: a VM escape gaining access to the underlying hypervisor also has access to the network. This can lead to several threats to the hosts on the network and could potentially expose private tenant data.
Oracle Cloud Infrastructure is different from first-generation clouds (most public clouds) because of the use of our custom-designed SmartNIC to isolate and virtualize the network, which enables greater external control of host network functionality. This SmartNIC is isolated by hardware and software from the host, preventing a compromised instance from modifying it. These layers increase the level of difficulty an attacker faces as well as the cost in tools and time that are required for a bad actor to be successful.
At a high level, the network traversal attack described above would be prevented by Oracle Gen 2 Cloud. The compromised host would have no access to the network configuration or be able to bypass the virtual cloud network security enforcement mechanisms throughout Oracle Cloud.