Oracle Cloud Infrastructure FastConnect now allows two major methods to encrypt traffic between your data center and Oracle Cloud Infrastructure: IPSec over FastConnect and MACsec Encryption. Something very important for customers and brings yet another layer of security, making an environment even safer.
Benefits of Site-to-Site VPN over FastConnect
The added functionality of Site-to-Site VPN over FastConnect offers the following features and benefits:
- Combined benefits of FastConnect and IPsec: With Site-to-Site VPN over FastConnect, you can take advantage of the benefits of dedicated connectivity provided to you by FastConnect while encrypting your traffic with industry standard IPsec. FastConnect offers a dedicated, private, high bandwidth circuit with consistent and predictable network performance, and Site-to-Site VPN provides data confidentiality, integrity, and authentication for your traffic. Combining the two into a single solution allows you to maintain high-performance connectivity between dependent applications in the cloud with no re-architecture.
- FastConnect partner virtual circuits: FastConnect partners offer optimal performance and connectivity costs savings along with on-demand provisioning. With Site-to-Site VPN over FastConnect, customers who prefer to use FastConnect partners now have an OCI-native encryption solution for both Layer 2 and Layer 3 partner virtual circuits.
- Flexibility: Enable IPsec encryption for any existing or new FastConnect private peering virtual circuits. Configure one or more tunnels over the same virtual circuit and utilize the granular routing policy control offered by the enhanced DRG to control how traffic is routed over these tunnels or unencrypted over the same virtual circuit.
- OCI-managed service: Before the release of Site-to-Site VPN over FastConnect, if you needed IPsec encryption over FastConnect, you were required to either manage a third-party network virtual appliance to terminate IPsec VPN tunnels in your virtual cloud network (VCN) or by combining the two services manually using FastConnect public peering to reach the OCI Site-to-Site VPN public IP endpoint. Now, you can gain all the benefits of a Site-to-Site VPN managed service over FastConnect with simple to use provisioning through the Oracle Cloud Console, API, CLI, and Terraform.
- Compliance: Encrypt your OCI traffic to help address regulatory compliance objectives, such as FIPS, HIPAA, or PCI. Adhere to internal best practice configuration standards with flexibility in tunnel provisioning allowing for network segmentation of traffic to reduce your attack surface area.
Next article, I will demonstrate how we configure FastConnect with IPSec.
See you soon in other articles.
Stay tuned by following us on Twitter @aontalba and Linkedin.
Disclaimer: “The postings on this site are my own and do not necessarily represent my current employer positions, strategies, or opinions. The information here was edited to be useful for general purpose, specific data, and identifications was removed to allow reaching a generic audience and to be useful.”