“By enforcing policies that are based on the authenticated identity and attributes of both the communicated data and the communicators, ZPR can be implemented as a virtual network on top of IP. Aiding adoption and implementation ease is that enterprises can adopt ZPR using standard IP on both software and hardware, alongside not requiring any modifications to existing applications and networks.”
Why Oracle says ZPR is needed
The new ZPR standard was needed, Oracle explained, because an organization’s network architecture changes each time an application is launched, a new instance is scaled up, or additional database servers are added. Using a traditional network architecture-based security approach is time-consuming due to the sheer complexity of securing and auditing the configuration points, the company said. In addition, responsibility is transferred to network teams to implement security requirements, which can result in human error.
“Though cloud network security has evolved over the last two decades, organizations are still increasingly vulnerable to unauthorized access and exfiltration of sensitive data due to security controls heavily reliant on user credentials,” Jae Evans, Oracle’s global chief information officer and executive vice president, said during the announcement. “OCI Zero Trust Packet Routing enables organizations to set security attributes on specific resources and then blocks traffic to those resources at the network level, making data security easier to understand, manage, and audit. It changes the paradigm of security in the cloud to protect organizations from malicious actors and the business-altering consequences of data breaches.”