Technology Implementation
The technology implementation pillar focuses on transforming your governance and security model into a cloud environment that is deployed to meet your organization's needs.
You technically implement your organization's goals by deploying a landing zone. A landing zone is a cloud environment that is built from an automated template. The landing zone serves as the foundation for your cloud deployment. For more details on what landing zones are and how they operate, see Landing Zones Overview.
How Do I Decide Which Landing Zone to Use?
Oracle Cloud Infrastructure (OCI) provides multiple landing zone implementations that you can choose from.
OCI Core Landing Zone: Provides a generic blueprint provisioning the services you need to get started for a secure, scalable, and resilient OCI tenancy. The OCI Core Landing Zone is Center for Internet Security (CIS)-compliant, provides support for complex architectures such as multitenancy and multicloud, and supports third party integrations such as firewall and security information and event management (SIEM).
The OCI Core Landing Zone unifies the previous CIS Landing Zone and OCI Enterprise Landing Zone (OELZ) in a single, standardized solution.
OCI Operating Entities Landing Zone: Provides a set of open assets and best practices to simplify onboarding and running OCI for your organization and each functional division identified as an operating entity (OE). The Operating Entities Landing Zone provides blueprints that include designs and declarative infrastructure as code (IaC), reducing design and implementation timelines, associated costs, and efforts while enabling a future-proof OCI with complete security and scalability. For more information on the Operating Entities Landing Zone, see the landing zone GitHub repository.
OCI Secure Cloud Computing Architecture (SCCA) Landing Zone: Supports SCCA for the U.S. Department of Defense. Organizations can choose between Mission Owner or Managed SCCA Broker landing zone options.
OCI Zero Trust Landing Zone: Deploys a secure architecture that supports Zero Trust requirements described by National Institute of Standards and Technology (NIST), Cybersecurity and Infrastructure Security Agency (CISA), and (UK) National Cyber Security Centre (NCSC) as documented in Oracle Zero Trust Cloud Adoption and Approaching Zero Trust Security with Oracle Cloud Infrastructure.
In addition to the CIS Benchmarks, the Zero Trust Landing Zone implements several additional services including Zero-trust Packet Routing (ZPR), Access Governance, and the ability to plug in your preferred third-party Zero Trust Network Access (ZTNA) solution (such as Fortinet, Palo Alto Networks, and so on). For more information on the OCI Zero Trust Landing Zone, see the GitHub repository.
OCI Multicloud Landing Zones (OMCLZ): Provides Terraform modules, templates, examples, and tutorials to accelerate the deployment of OCI Multicloud services at Microsoft Azure and Google Cloud, letting you extend your landing zones in Azure and Google with OCI.
- OMCLZ For Azure: Offers AzureRM-based Terraform modules with AzAPI-based Azure Verified Modules (AVM) for Oracle, providing reference implementation for both Terraform options on Azure. It also includes Terraform templates for provisioning of Oracle Exadata Database end-to-end, covering Exadata infrastructure, VM cluster, DB Home, and Container Database across Azure and OCI.
- OMCLZ For Google Cloud: Provides Terraform modules, templates, examples, and tutorials to automate the deployment of Oracle Database@Google Cloud. It covers use cases such as provisioning Autonomous Database (ADB-S), client VM with SQL*Plus, and using ADB-S as a vector database for Retrieval-Augmented Generation (RAG)-based chatbots, with more to come.
Deploying in OCI Using Expert Guidance from Oracle Architecture Center
After you create the landing zone, you can migrate existing on-premises data center solutions or create new cloud native solutions that address your business goals. This process can be a challenging task. The Oracle Architecture Center simplifies complex implementations by providing vetted design patterns, reference architectures, solution playbooks, and deployment code.
Design, develop, and implement your cloud, hybrid, and on-premises workloads with guidance from Oracle architects, developers, and other experts versed in Oracle technologies and solutions.
Designing for Extreme Reliability, High Availability, and Disaster Recovery
When you design your technology implementation, consider adding high availability (HA) to your systems to ensure that they have the maximum potential for uptime and accessibility. Also consider using a well-architected disaster recovery (DR) plan to recover quickly from disasters and continue to provide services to your users. Use the following principles for high availability and disaster recovery to design a cloud architecture for extreme reliability: