Oracle Cloud Infrastructure (OCI) Zero Trust Packet Routing(即将正式发布)支持独立于底层网络架构进行网络安全策略管理,可有效防止针对数据的非授权访问。它允许安全管理员使用易于理解、基于意图的策略语言来明确定义数据访问路径。未获得显式许可的流量将禁止通过网络,从而在增强安全性的同时简化安全、网络和审计团队工作。
OCI Zero Trust Packet Routing 支持企业为资源设置安全属性,编写自然语言策略,进而基于待访问的资源和数据服务来管理网络流量。它的诞生与 2023 年的一项行业倡议密不可分,该倡议吸引了 Applied Invention 以及其他组织共同参与,旨在开发一个新的开放性 Zero Trust Packet Routing (ZPR) 标准。ZPR 能够帮助企业有效防范网络配置错误这一最常见的安全问题。OCI 是第一个实施了 Zero Trust Packet Routing 的云技术平台。
OCI ZPR 相比传统解决方案能够阻止潜在数据渗漏攻击(即使来自授权用户)路径,尽可能减小攻击面,增强数据安全性。
一些攻击者可以在短短几分钟内推测出凭证,攻陷数据库,而 OCI ZPR 仅凭一行策略就能防止数据库暴露在风险下。
OCI ZPR 通过为数据源应用明确的策略和安全标签来提供可见性,能够简化审计和合规工作。
观看视频,听 OCI 首席技术架构师 Pradeep Vincent 与您分享 OCI Zero Trust Packet Routing 架构将如何帮助您防范数据泄露。
“Traditional security tools try to protect sensitive data by blocking access, but history shows it is almost impossible to anticipate all the ways a hacker might attempt to infiltrate a network.With Zero Trust Packet Routing, the network does not allow any data to move through the network without explicit permission.Organizations using Oracle Cloud Infrastructure can now take advantage of this to better safeguard their data.Oracle is the first to offer this new level of security, and we’re hopeful other cloud platforms will follow.”
Danny Hillis
Applied Invention 联合创始人
“As public clouds emerged, enterprises had the opportunity to redefine how they address network security.However, they carried over most of the same concepts that tightly coupled security and network configuration.A single mistake in a highly complex cloud network can result in exposure.OCI Zero Trust Packet Routing enables organizations to decouple network configuration from security, helping to eliminate the effects of human network configuration errors.This new standard driven by Oracle flips this all too often checkbox item on its head to provide an innovative solution for organizations that simplifies compliance efforts, reduces the burden on security teams, and ultimately strengthens security.”
Philip Bues
IDC 云安全性高级研究经理
注:为免疑义,本网页所用以下术语专指以下含义: