Category: Uncategorized
-
ZPR part 2 – implementation considerations
In the last entry I tried to explain how Zero Trust Packet Routing (ZPR) contrasted with Security Lists (SCL) and Network Security Groups (NSG). In this entry, I wanted to take a closer look at ZPR and what is required to implement in an OCI tenancy. That encompasses the IAM policies required, ZPR required components…
-
Zero Trust Packet Routing – What is it?
OCI has made zero trust packet routing (ZPR) generally available. There was quite a bit of buzz around the new feature during Oracle Cloud World. In conversation with some of my colleagues, there seemed to be a lack of consensus on what exactly the new feature is and what it can do. Now that I…
-
DR Considerations on OCI
Disaster Recovery (DR) planning is an essential part of a successful cloud strategy. Unplanned outages and data loss can have catastrophic effects on business operations. By implementing a solid disaster recovery plan, customers can ensure that their systems remain operational and that data is consistently backed up and retrievable, minimizing potential downtime and loss. Whether…
-
Migrating VMware to the Cloud
VMware migrations to cloud service provider (CSP) VMware services have been a recent focus of mine. There are generally two drivers for migrating VMware to the cloud. 1. A requirement to get out of a data center in a limited timeframe and 2. the acquisition and subsequent change to subscription-based licensing. I am actively working…
-
Careful what you advertise!
I was recently asked by a colleague if I would do a post on how to avoid potential issues with route advertisement via OCI’s Dynamic Routing Gateway. I will do my best not to make this post too technical. I have witnessed two occasions where an implementation has advertised a wrong route and caused a…
-
OCI Organization Management
Tenancy and the number required is a topic that customers bring up early in the design process. In my experience, customers already have footprints in AWS or Azure. Customers naturally start applying lessons learned or design processes they have from the other cloud service providers (i.e., AWS uses multiple accounts, Azure uses multiple subscriptions). What…
-
OCI Compartment Guide pt 4 of 4
To wrap up this series, let’s take a look at how introducing OCI tagging can benefit both the compartment design and streamline the network design. OCI introduced the tag-based policy concept around March of 2020. It allows customers to use tags for authorization to deployed resources. At the time of the introduction, my initial thought…
Cloud Architecture Blog 