Oracle Cloud Isolated Region– A Solution Dedicated to Defence

Sponsored article*

Col. (ret) Tomasz Kondracki highlighted the uniqueness of Oracle Cloud Isolated Region in the context of the ongoing digital transformation of the battlefield, where rapid access to information and real-time analysis and decision-making are key to maintaining an edge over adversaries. With its experience in the defence sector and advanced cloud technologies, Oracle plays a critical role in helping defence organizations achieve these goals.

Interview with Col. Tomasz Kondracki and Adam O’Brien, Oracle

CyberDefence24: Colonel, Oracle Cloud is increasingly being mentioned in the context of defence. Can you tell us about some of the solutions you offer, and specifically about Oracle Cloud Isolated Region?  

Tomasz Kondracki, Oracle: As they grapple with the need to analyze and act on intelligence faster than ever, defence organizations require access to advanced cloud capabilities. But one size does not fit all. We offer several (solutions) Distributed Cloud Services | Oracle and deployment options to meet diverse customer requirements - from multi-tenancy public clouds to dedicated clouds that can be deployed in a customer’s own data center. Defence organizations increasingly need to work in sovereign and/or isolated environments, so we are seeing growing demand for solutions such as our Oracle Cloud Isolated Region.

This is a full-featured, air-gapped hyperscale cloud that offers the same services as our public regions and is designed to securely and predictably run classified, mission-critical workloads.

What features and capabilities set Oracle Cloud Isolated Region apart?

Firstly, Oracle Cloud Isolated Region is a hyperscale cloud that operates completely independently of the Internet, eliminating the risk of unauthorized external access. Communication is conducted exclusively through encrypted devices connected to classified networks owned by the customer or Oracle. Only authorized, onsite personnel can operate these regions from in-country Cloud Network Operations Centers (CNOCs).

Secondly, security comes first. Data is encrypted by default, and users can decide whether to use their own encryption mechanisms or Oracle’s. Oracle employs a „zero trust” security architecture, meaning that all data is encrypted both at-rest and in transit, and no user or process has default access to the system. All code that Oracle deploys in the Oracle Cloud Isolated Region is secure, and Oracle teams do not have access to customer data.

Another important aspect of the solution is its deployment flexibility. It can be deployed in a compact format, with a footprint as small as 100 m². This keeps costs at a minimum and enables implementation in as little as 12 months, making it viable even for smaller defence budgets and providing the fastest time to mission.

Oracle Cloud Isolated Region also helps address defence organizations« data sovereignty requirements. The Isolated Regions can be located either at the customer’s site or in dedicated data centers, helping address regulatory compliance related to data security and sovereignty. Customers maintain full control over their data and security requirements.

Lastly, even though it is disconnected from the Internet, Oracle Cloud Isolated Region offers the exact same services—across IaaS, PaaS and SaaS—as our public cloud regions, providing scalability, flexibility, and advanced features such as AI and data analytics.

This sounds impressive, but when we discuss security, a comprehensive approach-from hardware delivery to software updates-is required. How do you address these demands?

Adam O’Brien, Oracle: Oracle partners closely with the customer to address security requirements across the product supply chain, as we have done for over four decades. The key is that Oracle designs the technology, software, and hardware, managing the supply chain from end to end. We deliver software updates through a phased approach, implementing them first in our public cloud regions, followed by our OCI Dedicated Regions, Government Clouds and, only after additional testing, in our Isolated Regions. This gives us more time to identify and mitigate potential issues before the implementation of the updates. There is no room for compromise.

Combat activities have their own unique characteristics. For example, sometimes they need to operate in environments with limited or no network connectivity. How do you ensure sufficient levels of service availability in these environments?

Our solution is a comprehensive one, ranging from constructing a data center (if one doesn’t exist) to deploying edge devices such as OCI Roving Edge Infrastructure (portable) and OCI Roving Edge Station (containerized). These devices extend the cloud environment of the Isolated Region or core data center to enable services at the edge of networks and in disconnected locations, allowing faster processing close to the data source. They deliver the same services as other Oracle Cloud deployment options, with the ability to run fully disconnected and then sync with the core or other edge devices once connectivity is restored. We’ve thought of everything, or at least tried to. Security is foundational to our entire offering.

In terms of balancing high availability and disaster recovery, it all comes down to the underlying architecture. Regardless of deployment model, Oracle Cloud is unique in that it is able to provide high availability and disaster recovery with only two regions, each with one availability domain.

Let’s discuss today’s critical emerging workloads for defence organizations, such as AI. How does Oracle Cloud Isolated Region support the development and utilization of AI capabilities for modern warfare?

Tomasz Kondracki, Oracle: Governments and defence organizations are actively testing AI capabilities in mission environments now. We are helping them accelerate AI adoption by providing scalable infrastructure and access to GPUs, as well as AI expertise and capabilities across our product stack. Our distributed cloud—including Oracle Cloud Isolated Region—helps customers achieve AI sovereignty with increased control over where they run AI workloads and how they manage and operate their data and infrastructure. This opens the possibilities of AI to defence organizations that otherwise face major challenges in migrating to the cloud.

In addition, our partnerships with technology leaders such as Palantir, Anduril, and Rafael enable military organizations to access cutting-edge AI tools to support their missions.

Adam, in your opinion, how does AI change the approach to cybersecurity? Is AI a revolution or an evolution of existing security solutions?

Adam O’Brien, Oracle: AI isn’t new to Oracle. It’s been embeddeded in our technology for years. For example in the Oracle Cloud, our operating system and database are autonomous. Human labor is no longer needed to configure, patch, or manage the system. That’s important because if you remove human labor, you’ve removed the possibility of human error and human mischief. These two human factors are generally the biggest contributors to security breaches.

This has been an excellent discussion. Colonel, could you provide a brief summary?

Tomasz Kondracki, Oracle: Oracle Cloud Isolated Region is the ideal solution for organizations requiring sovereign, secure, and flexible cloud environments that support critical missions in the era of digital transformation. Additionally, Oracle enables defence organizations to quickly implement and expand innovative technologies that are essential for modern operations in the digital battlefield. Governments in the U.S., U.K., and Australia, as well as the U.S. Department of Defence, have placed their trust in us.

Thank you for the invitation to the CyberEXPERT conference; being a partner of ECSC is an honor. 

Thank you for the conversation.