I hope you have noticed that huge news at OCI Release Notes. In February 2020 OCI global footprint has grown significantly with three new regions (Amsterdam in the Netherlands, Jeddah in Saudi Arabia and Melbourne in Australia). I am located in Europe so immediately I have requested the subscription of Amsterdam DC. So now in my tenancy, I have Frankfurt and Amsterdam regions ready to be utilized. Given this fact, it was obvious for me, I can try to set up some extension to my previous lesson, lesson 8. I could convert local VCN peering in the same region into a remote VCN peering configuration. In this new setup, my BackendServer, with all necessary cloud infrastructure, would be deployed in Amsterdam. And I have done it. So now we have brand new lesson 9 for which code is available here. There is also video, ready for you, ready to be watched! 🙂 As always I am asking kindly for subscribing to our YouTube channel. Believe me, I am planning to record more and more stuff and publish it here in a form of blog post and video blog on YT 🙂
What is the topic for today? Network security of your OCI cloud infrastructure! Honestly speaking always an important topic, right? The basics of Network Security Groups (NSG), for the first time I have described in this blog post. Recently I have found in OCI Release Notes, that OCI File Storage Services supports now NSG. Immediately I have checked Terraform OCI Provider, just to confirm my favorite automation runtime also supports it. And guess what? Terraform OCI Provider in version 3.55.0 fully covers this feature. That is really amazing! Just one week later, after OCI release, Terraform Provider codebase has been updated! That is why I have decided to test it and add this stuff to my Terraform+OCI tutorial as a lesson 5a. I hope you will find it interesting! If it is true I really encourage you to subscribe to our YouTube Channel 🙂 One more thing – File Storage Service UDP and TCP ports for NSGs and Security Lists have been documented here.
Security is the primary concern for every enterprise today, as traditional firewalls monitoring ports are not sufficient to keep up the pace with the advanced hackers. To protect from intelligent and malicious threats, we need modern and advanced tools to protect web applications. In this video, we will explore Oracle cloud infrastructure’s Web Application Firewall (WAF), how it can protect the web applications from Cross-Site Scripting(XSS), SQL injection and other OWASP-defined vulnerabilities. Then, we will see how WAF can be created using Terraform scripts available from the Github.
Yes, OCI is changing very quickly! 🙂 Everyone, who follows OCI release notes, knows that. Oracle Cloud Gen2 is updated with new features even a couple of times every single month. It shouldn’t surprise you. That is how the modern cloud world works now. 🙂 In my Terraform+OCI short course, I was using security lists, but last summer in July 2019, in OCI new security feature, has been released – it has been called Network Security Groups (NSG). This new feature seems to be very popular in other cloud vendors configuration, so frankly speaking, it was rather obvious for me that OCI should embrace NSG, sooner or later. And now it is there in OCI and NSG concept is supported by Terraform OCI Provider (version >= 3.33.0) as well. NSG concept is more advanced and more elastic then Security Lists, mostly because it can be implemented on the VNIC level. It means you can still use Security List on the subnet level and then create some specific NSG for particular machines nested in this subnet. Security Lists and Network Security Groups work together as an union, is that right? 🙂 I guess you should check it up as fast as possible. 🙂 Here is a brand new video I have recorded for you. 🙂