Upload
others
View
2
Download
0
Embed Size (px)
Citation preview
Oracle: Identity-Centric Security for the Modern Cloud Era
Luca MartelliDirector Identity and Security SolutionsOracle EMEA
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Safe Harbor Statement
The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.
Oracle Public 2
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Employees PartnersConsumers
Digital Disruption – Changing Changed World
Oracle Public 3
ON PREMISES PUBLIC CLOUD
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Your Sensitive Data is Already in the Cloud
Oracle Public 4
2016 Cloud Security Research Report, Crowd Research Partner
79%Of enterprises are actively deploying cloud solutions in public, private, or hybrid cloud environments
% of Enterprises Deploying
Copyright © 2014 Oracle and/or its affiliates. All rights reserved. |Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 5
Workloads are Everywhere Cloud is not just SaaS. Workloads are moving
rapidly to PaaS and IaaS
71% of large enterprise will shift some workloads to cloud by 2018
Enterprises plan to use an average of 6 clouds to run their workloads
2016 McKinsey, 2016 Right Scale
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Modern Security Attacks Are…
Oracle Confidential
Not carried out by humans
(they are automated)
Not confined to network(they begin outside)
Not static(they adapt)
IS YOUR SOC READY?
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Traditional SOC Challenges
Oracle Confidential
Manual processes(too many alerts, no context)
Static protection(not adaptive)
Focused within perimeter(not external data/apps)
IS YOUR SOC INTELLIGENT?
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Users are the new perimeter
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Oracle Public 10
Threatintelligence
Oracle Identity SOC
CASB UEBA
Identity Management
SIEM
Automated remediation
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Oracle Public 11
Security Cloud Services: Enabling Faster and More Secure Cloud Adoption
Identity Cloud Service
ComplianceCloud Service
Security Monitoring & AnalyticsCloud Service
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
API Platform Cloud Service
Hybrid Data Security Protection: Database Security
CASB Cloud Service (Palerra)
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Oracle Public 12
Identity Cloud Service
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Modern App SecurityCentralized authentication, authorization, user management and self-service based on latest standards
Hybrid IdentityManage user identities for both cloud and on-premises applications with enterprise-grade hybrid deployments
Secure Defense In-depthGain layers of defense with identity hosted as an Oracle Public Cloud (OPC) service and integrated with cloud security fabric
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Introducing Identity Cloud Service
Oracle Confidential – Internal 13
Identity Cloud Service
So wareasaService
InfrastructureasaService
Pla ormasaService
3rd Party Cloud Services
• Cloud-Native Multi-tenant platform on the Oracle Cloud
• Manage Users
– Sync identities, SSO, Federation
• Manage Applications
– Integrate using open standards
• Manage Policies
– Protect Applications using strong access control policies
On-Premises Applications
On-premises IAM
SAML
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 14
Hybrid Identity• Application security for cloud and
on-premises workloads
• Access Certification, Audit and Compliance for Cloud Apps using Oracle Identity Governance
• Move app policies to the cloud as apps and workloads begin moving to the cloud
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
CASBEMM
UEBA
Oracle Public 15
Identity as a Security Service
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
IDCS
Threat Networks
SIEM
Reputation Services
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Oracle Public 16
CASB Cloud Service“Cloud Access Security Broker”
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
DiscoverContinuous visibility into cloud risk covering sanctioned and unsanctioned SaaS, PaaS, and custom applications on IaaS
SecureAutomated controls covering users, data, content, applications, settings, and infrastructure with actionable intelligence
MonitorContinuous monitoring of user activity and security configurations identifying threats and compliance risks
RespondAutomate incident management and remediation through native features as well as integration with existing solutions
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Securing Clouds: Iaas Paas Saas
My mission-critical apps need deep
monitoring and governance!
17
I need broad visibility into all apps in
use!
Visibility Compliance Data Security Threat Protection
CASB
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Modern Cloud Security with Innovative CASB Solution
DISCOVER MONITORSECURE
• Shadow IT
•Risk Assessment
• Indicators of Compromise
•Data
•Compliance
• Security Controls Provisioning
•Actionable Threat Intelligence
•Activities
•Configuration
• Transactions
•Content
•Policies
RESPOND
•Automated Incident Response
• Integration with IT Service Management Systems
*
CLOUD WORKLOAD SECURITYCLOUD ACCESS SECURITY
7Oracle Public
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Oracle’s Palerra: The only CASB to be deployed in <5 minutes
19
Visibility Compliance Data Security Threat Protection
CASBIaaS PaaS SaaS
Direct Cloud Service Access
MOBILE USERS AND DEVICES
ENTERPRISE
INSIDE PERIMETER
SIEMIDaaSNGFW
DLPMDM
Enterprise Security
Integration
API Access
19
Ad
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. |Oracle Public 20
API Platform Cloud Service
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
Build - create APIs on top of existing services to enable access to data formerly locked inside your legacy apps and data stores.
Secure – Assign standard security & threat protection to APIs with no coding, including OAuth 2.0, IP filtering, and rate limiting.
Deploy - Choose Cloud or on-premises gateway deployment with the ease of a single-click.
Publish - Browse a comprehensive list of proven APIs from Oracle, the community, and your own organization.
Consume - Register third-party apps easily to allow them the same seamless API utilization as pre-loaded Oracle SaaS APIs.
Monitor - View operational API metrics on a single dashboard to take action quickly.
Copyright © 2015, Oracle and/or its affiliates. All rights reserved. |
In a Digital World, APIs are Doors of the Digital World
Social
Financial
HealthProductivity
Transportation
How do you control who enters your system?
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Confidential – Internal/Restricted/Highly Restricted
Architecture of API Platform Cloud Service
{APIs, Policies}
Periodic outbound Request
Oracle Cloud
DeveloperPortal
API Managers/Implementers/Gateway Administrators
API Platform Cloud Service
Identity Cloud Service
{Analytics}
Oracle Cloud
Amazon, Azure, other
clouds
On Premises
{request}
{response}
{request}
{response}
Firewalls/Load-balancers
Services
GatewaysApplications
Gateways can run anywhere….
Apiary.io
API Designers
API Consumers
ManagerPortal
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | 23
Oracle is currently reviewing the existing Apiary product roadmap and will be providing guidance to customers in accordance withOracle’s standard product communication policies. Any resulting features and timing of release of such features as determined byOracle’s review of Apiary’s product roadmap are at the sole discretion of Oracle. All product roadmap information, whether communicated by Apiary or by Oracle, does not represent a commitment to deliver any material, code, or functionality, and shouldnot be relied upon in making purchasing decisions. It is intended for information purposes only, and may not be incorporated into any contract.
Cautionary Statement Regarding Forward-Looking StatementsThis document contains certain forward-looking statements about Oracle and Apiary, including statements that involve risks and uncertainties concerning Oracle’s proposed acquisition of Apiary, anticipated customer benefits and general business outlook. When used in this document, the words “anticipates”, “can”, “will”, “look forward to”, “expected” and similar expressions and any other statements that are not historical facts are intended to identify those assertions as forward-looking statements. Any such statement may be influenced by a variety of factors, many of which are beyond the control of Oracle or Apiary, that could cause actual outcomes and results to be materially different from those projected, described, expressed or implied in this document due to a number of risks and uncertainties. Potential risks and uncertainties include, among others, the possibility that the transaction will not close or that the closing may be delayed, the anticipated synergies of the combined companies may not be achieved after closing, the combined operations may not be successfully integrated in a timely manner, if at all, general economic conditions in regions in which either company does business may deteriorate and/or Oracle or Apiary may be adversely affected by other economic, business, and/or competitive factors. Accordingly, no assurances can be given that any of the events anticipated by the forward-looking statements will transpire or occur, or if any of them do so, what impact they will have on the results of operations or financial condition of Oracle or Apiary. You are cautioned to not place undue reliance on forward-looking statements, which speak only as of the date of this document. Neither Oracle nor Apiary is under any duty to update any of the information in this document.
Oracle Buys Apiary
Copyright © 2017, Oracle and/or its affiliates. All rights reserved. 24
Oracle + Apiary will Help Companies Leverage APIs to Provide Innovative Services that Interconnect the Digital Economy
* Pending
Combination will deliver a comprehensive cloud platform to create and manage APIs
• Design APIs for innovation and create new business outcomes
• Ensure security for digital assets with policy driven APIs
• Gain visibility and insight to understand how to use existing IP for business goals
• Improve agility to meet customer demand rapidly via new innovative services
Analyze
MonetizeConsume
Secure
Govern
Design
Oracle
Apiary
API Integration Cloud
*
Copyright © 2017, Oracle and/or its affiliates. All rights reserved.Oracle Public 25
Security Cloud Services: Enabling Faster and More Secure Cloud Adoption
Identity Cloud Service
ComplianceCloud Service
Security Monitoring & AnalyticsCloud Service
Oracle PublicCopyright © 2016, Oracle and/or its affiliates. All rights reserved. |
API Platform Cloud Service
Hybrid Data Security Protection: Database Security
CASB Cloud Service (Palerra)
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 26
For More Information
Blogs.oracle.com/OracleIDM
@OracleSecurity /Oraclesecurity
• Learn about Security Cloud Services @ cloud.oracle.com/paas
• Learn about Identity Cloud Service @ oracle.com/IdentityCloud
• Watch for new service announcements @ oracle.com/security
Copyright © 2016, Oracle and/or its affiliates. All rights reserved. | Oracle Public 27