Enable Cloud Guard to Maintain a Strong Security Posture in OCI for no Additional Cost

Gartner expects most enterprise data centers to move to the cloud by 2025. And that 99% of security failures will be the result of customer configuration errors, which can be combated by implementing and enforcing policies on cloud ownership, responsibility, and risk acceptance.

For a successful cloud migration, customers should follow a life cycle approach to cloud governance and put in place central management and monitoring plans to cover the inherent complexity of multi-cloud use.

Oracle Cloud Guard provides a unified view of your security posture across all Oracle Cloud Infrastructure (OCI) clients. Cloud Guard identifies new threats, detects misconfigured OCI resources, identifies any insecure activity across tenants, exposes malicious threat activities, and provides security administrators the visibility to triage and resolve cloud security issues.

What Is Oracle Cloud Guard?

Cloud Guard examines your OCI resources for security weaknesses related to configuration and monitors your operators and users for risky activities.

The advantages of enabling Cloud Guard:

  • Monitor and detect security violations
  • Detect and remediate threats
  • Protect customer tenancies
  • Automatically remediate security problems
  • Obtain a comprehensive view of risk posture
  • Its free to enable

Planning for Cloud Guard

You can enable Cloud Guard and begin monitoring your environment immediately. But as a best practice, you should first plan how Cloud Guard functionality will be mapped onto your environment before you enable and configure Cloud Guard.

All you need to do is specify a single target that maps to the top-level compartment in your OCI branch that you want to monitor.

Cloud Guard will do the rest, not letting anything that represents a potential security risk go undetected.

Cloud Guard Terminology

Detector Recipe!

Accessing a detector recipe from the Detector Recipes page allows for varied rule configurations. Carefully review your business need and configure the detector rules specifically for each compartment. Note, you must define separate targets for each compartment.

  • OCI Configuration Detector Rules
  • OCI Activity Detector Rules
  • OCI Threat Detector Rules

All compartments will be impacted by the target configuration. The detector and responder rule settings for a target apply to the top-level compartment assigned to that target and to any subordinate compartments below it in the compartment hierarchy.

Choose Your Reporting Region Carefully

Carefully consider these consequences when choosing of your reporting region.

How to Enable OCI Cloud Guard

  • Log in to the OCI Console as the Oracle Cloud Guard user you created in Prerequisites in the “Creating the Cloud Guard User and Group” section.
  • Open the navigation menu and click Identity & Security.
  • On the Cloud Guard page, click the Enable Cloud Guard button at the top right.

Do I Need to Pay for Cloud Guard?

No, Cloud Guard is a free service available with OCI.

Ready to Implement Cloud Guard in OCI? Syntax Can Help.

Syntax has 40+ years of Oracle ERP experience and over 25 years of providing cloud and managed services for Oracle E-Business Suite and JD Edwards applications. We provide automation-driven, best-of-breed private and public cloud offerings on Amazon Web Services (AWS), Microsoft Azure, and OCI, as well as our own purpose-built enterprise data centers.

Discover how we can improve the efficiency and effectiveness of your Oracle ERP environment.