Despite a slow start several years ago, Oracle has refashioned itself into a cloud builder, rapidly expanding its Oracle Cloud Infrastructure to make it among the top second-tier providers, although still well behind the likes of Amazon Web Services, Microsoft Azure, and Google Cloud. The longtime database and middleware giant and maker of other enterprise software is so invested in this shift that it changed the name of its major user and developer conference from Oracle OpenWorld to Oracle CloudWorld, with the most recent one running last week.
Throughout the show, Oracle presented a heady mix of cloud-related moves – including announcing or expanding partnerships with its larger rivals – and efforts to infuse everything it’s doing with AI, from introducing OCI generative AI agents in its Oracle Database 23ai to making Meta’s latest Llama 3.1 open large language model available in its managed services.
So it was no surprise that when founder Larry Ellison – now the company’s chairman and chief technology officer – took the stage for his keynote address, the focus was about the continued integration of AI into its cloud operations. In particular, Ellison sees AI as the key to protecting the cloud infrastructure Oracle has spent so much time and money on building and the applications and data that it contains. Doing so means automating as much as possible and removing the human element – from users to developers to database administrators – out of the mix.
That includes everything from moving beyond passwords for authentication to greatly expanding the use of the vendor’s Oracle Autonomous Database.
“We could do a better job of protecting our data if the database system that is managing that data is fully autonomous,” Ellison said, relating a story about an unnamed large bank losing its credit card data due to a programmer’s error. “Almost all cyberattacks begin the same way, with human error. The Oracle Autonomous Database has a robot DBA. The robot DBA automates everything. Human beings don’t configure the database. Robots configure the system. It is fully self-driving. It configures itself. It decides. It encrypts everything. It backs itself up. If you have to recover from a backup, it does that fully automatically. There are no human beings involved in backup. There are no human beings involved in recovery. A new version of Oracle comes, the software automatically gets updated. There’s a security patch, it’s available. It automatically patches itself. … If a bunch of processors go down, the system keeps running. Who keeps it running? It does that automatically. There are no human beings involved.”
For you history buffs out there, this automation is not new, even if it is new to Oracle. The AS/400, announced by IBM in 1988, had an integrated (and unnamed for many years) relational database at the heart of the platform, and it was expressly created to not require DBAs and was self-managed and auto-tuned – one of the reasons why the AS/400 vanquished other platform providers from mid-sized companies and is still kicking around more than three and a half decades later.
Protecting The Cloud
With AI, the same automation can be applied to cybersecurity for cloud networks, Ellison said. Oracle has moved many of its applications to the Autonomous Database and has plans to migrate even more, with all of them having been moved by sometime next year. The company also is aggressively moving to biometrics for user identification rather than passwords and is introducing new security tools in hopes of thwarting attacks.
Enterprises continue to migrate workloads into the public cloud. About 46 percent of enterprises say they already have some in the cloud and 8 percent adding that they will plan to move more in the coming months. In addition, 48 percent say they have data stored in the public cloud. There are some workloads coming back from the cloud to on-premises infrastructures – being “repatriated” – for reasons ranging from costs to regulatory compliance, but the trend is toward the cloud is growing. And as organizations keep more of their business in the cloud, threat groups will follow.
Check Point found that in the past year, 61 percent of organizations were hit by a cloud security problem this year, with 21 percent resulting in data breaches. Unsurprisingly, cloud security spending also is growing, from more than $2 billion this year to an expected $6.6 billion by 2029.
Automation Is The Thing
Oracle is approaching the problems with a multi-prong approach, according to Ellison. All databases will become autonomous databases, and all applications will be on them. As seen below, many – including the Cerner Millenium Health application and the upcoming versions of Fusion CX Sales and Marketing – are on them now, with more coming next year.
Oracle also is generating more code via its AI-enhanced APEX code generator tool, thus automating the application-building process to not only make it 10X faster but also to reduce vulnerabilities in the software that developers inadvertently may put in, he said. With the integration of AI capabilities into APEX, “computer program is writing the code. It will not make that mistake. It will not generate a vulnerability that you have to fix later on.”
Central to what Oracle is doing is the incorporation of the zero trust packet routing (ZPR) approach to security into the network fabric of OCI and combining it with its Gen2 cloud security package. ZPR is a technology that was developed by Applied Invention and has been on Oracle’s radar for more than a year as a tool for solving what Ellison called the “very, very complicated problem” of network security.
Separating Network Configuration And Security
“When you configure a network, there are two competing goals,” he said, pointing to the need to make it highly performant with high bandwidth and a lot of pathways while also making it secure. “The solution to the problem is you really have to separate network security from network configuration. Don’t worry about two things. Worry about one thing. Worry about making it fast and reliable. Then let’s build an all new system that’s responsible for network security. That all new system will authorize certain paths through the network for certain users in certain services, look at certain data and only authorized paths are allowed and no other paths will be allowed.”
The idea behind ZPR is that organizations can write their security policies in a way that security intent is created at the network level, so traffic that isn’t allowed by the policies will be held at the network level. It will improve an enterprise’s security posture by restricting access to sensitive data and keeping it from being exfiltrated by bad actors, ensure that the necessary security controls are in place – a key part of any security audits – and make security management easier.
Oracle will have a code generator to enforce ZPR, with robots on the network inspecting billions of packets every second, he said.
“You can change your configuration,” he said. “You can add ports. You can do all sorts of things and ZPR will automatically regenerate new robots to make sure that your data is still protected. You suddenly get a much simpler configuration. There are none of these subnets. You don’t have to worry about security when you’re configuring your network. You just worry about performance and reliability.”
The entire security program for the cloud network is stored in a single database in the ZPR language that is used to generate the robots.
“If we’re going to do a really good job of defending our networks, defending our computer systems and stopping data theft, preventing identity theft, all of those things, we need to exploit the most advanced technologies to defend ourselves,” Ellison said. “Those advanced technologies are artificial intelligence.”
Be the first to comment