1 Corente Cloud Services Exchange Oracle s Corente Cloud Services Exchange (Corente CSX) is a cloud-based software-defined networking (SDN) solution that enables distributed enterprises to deliver trusted connectivity services to and from any location with less complexity, in significantly less time, and at a greatly reduced cost, when compared to more-traditional approaches. Corente CSX enables organizations to transform their wide area network (WAN) into a costeffective, agile network. KEY FEATURES Delivery of trusted connectivity services to and from any location Stateful firewall services including mutual consent partner brokering as well as advanced network address translation (NAT) and port address translation (PAT) Automated key creation, distribution, and regeneration Application traffic prioritization Network, session, application, and server monitoring, tracking, and reporting Streamlined auditing with compliance monitoring, tracking, and reporting Anytime, anywhere access with remote access, mobile clients Rapid, zero-touch Services Gateway deployment options KEY BENEFITS Eliminate the complexity and fragility of deploying and managing global networks Gain control and visibility of your enterprise network across the cloud Ensure secure, centralized remote management and administration Reduce costs, decrease risk, and scale more easily and more quickly Challenges of Today s Cloud Networks Today s enterprises need to connect with their entire enterprise ecosystem consisting of internal and external customers, independent business units, partners, branches, and franchises. They must securely deliver a growing portfolio of cloud-based applications and services to their ecosystem while providing the same security and trust of internal private networks. However, if enterprises choose to use traditional methods with a dedicated infrastructure of private IP connections, they quickly become encumbered by complex and lengthy setup and management processes. Enterprises are also looking for new ways to deliver application connectivity by leveraging the infrastructure of the public internet. Cloud servers have become easy to manage through virtualization, but WAN service delivery networks are still rigid, difficult, and fragile to manage. Corente CSX Overview Through its patented intellectual property, Corente CSX combines network virtualization with a cloud approach and extends virtualization across the complexity of global IP networks, all the way to the enterprise network edge. By subscribing to Corente CSX, organizations can take the complexity and fragility out of deploying and managing global ecosystem networks. Corente CSX relies on the Oracle-hosted Service Control Point (SCP), which is a centralized service management platform that provides secure policy-based service brokering, mediation, and virtual network orchestration. A component of Corente CSX, the Corente Services Gateway (CSG) is a distributed virtual appliance located at the network edge that provides secure endpoints for virtual private networks over any IP networks with zero-touch installation. A Services Gateway is installed at each branch or partner location, and creates a secure end-to-end connection for application traffic. The Services Gateways also maintain separate out-ofband connections with the SCP database for monitoring, administration, and logging.
2 Services Gateway software can be installed on commodity x86 bare metal hardware, on supported hypervisor virtual machines (VMs), or on local Oracle VM VirtualBox VMs (Windows, Linux, and Solaris) where local applications can be deployed, managed, and monitored. Alternatively, Corente CSX s Virtual Environment is a gateway deployment that allows local applications to be deployed securely and confidently to your customers worldwide by combining the Corente Services Gateway and virtual application hosting servers in a single device. The Virtual Environment provides a method of deploying applications that will run locally on the Services Gateway at the client sites. Rapid, Zero-Touch Deployment The Services Gateway is easily deployed through a fast and automated installation process with no local IT presence required. Services Gateways are typically shipped to any location and installed and configured remotely in less than 30 minutes. Furthermore, automatic software updates and upgrades are provided whenever a new software version is released. Easy-to-Use, Role-Based Administration The App Net Manager service portal in Corente CSX is a web-based application that provides centralized, role-based access to service lifecycle management tools for service subscribers, including provisioning, managing, and monitoring of their global private networks. The network infrastructure including gateway configuration and deployment is managed from a single interface through App Net Manager. In addition, the portal allows administrators to configure system policies; create fine-grained access policies for users, applications, servers, and other network resources; manage all connections through the simplicity of a drag-and-drop user interface; set thresholds for alerts; monitor real-time status of resources; and view historical reports. Figure 1. App Net Manager portal for consolidated service management and monitoring 2 CORENTE CLOUD SERVICES EXCHANGE
3 Robust Security and Partner Brokering Corente CSX s instrumentation and control system automates the management of applications and services from various sources to diverse locations in a verifiably secure, compliant, and reliable manner. Security, encryption, and authentication capabilities include Tunneling. Internet Protocol Security (IPSec) Encapsulating Security Payload (ESP) Authentication. MessageDigest 5 (SHA-2) hash algorithm Encryption. 192-bit Advanced Encryption Standard (AES) Key exchange. Internet Key Exchange (IKE) protocol Key generation. Public/private key pairs (1,024-bit RSA keys) with immediate revocation Other key security capabilities include an integrated Public Key Infrastructure (PKI) certificate authority; peer-to-peer authenticated connections; perfect forward secrecy; access policy control; and a programmable, managed, stateful firewall. Corente CSX s partner brokering capability provides mutual consent-based control and management of the complex trust relationships between extranet partners. Each extranet partner is given independent administrative control of their own partner connections and can completely shield visibility into the network infrastructures of other extranet partners. Furthermore, partner connections can quickly be set up or taken down. Network Visibility and Control Service Gateways create end-to-end connections and inspect every session they handle so that noninvasive monitoring is performed on all traffic in real time. This enables Corente CSX to provide robust monitoring, alerting, and reporting capabilities. Corente CSX provides 24/7 monitoring of application, server, gateway, and network status, with a variety of configurable alerts and reports as well as complete audit trails of all administrative changes and connections by remote users. Corente CSX also tracks and logs every application session in Syslog format to provide customers the detailed audited usage and access logs required for security audits and Sarbanes-Oxley regulatory compliance. Automated Connectivity Services Corente CSX provides automatic detection, mediation, and notification of IP address conflicts. Corente CSX s advanced NAT and PAT abilities combine with its firewall policy management so new sites can be added quickly without renumbering subnetworks or the networks of any existing sites. Furthermore, with quality of service (QoS) management, Corente CSX allows real-time monitoring of application performance. Additionally, QoS thresholds can be used to prioritize your applications based on your needs. 3 CORENTE CLOUD SERVICES EXCHANGE
4 Anytime, Anywhere Access to Your Network Corente CSX s Remote Access Clients provide subscriber users with remote, mobile access to their global applications through the Services Gateway. Application users can access global applications through the Windows, Secure Sockets Layer (SSL), and mobile (ios or Android) Remote Access Clients. Business Continuity Corente CSX enables high-availability configuration of each Services Gateway for the dynamic rerouting of traffic to a designated failover WAN as well as to a backup data center or hosting facility. Services Gateway hardware failover can also be configured where two machines are connected to allow the secondary machine to take over when the primary machine fails. Oracle s World-Class Support Oracle Support provides essential support services including 24/7 technical assistance, proactive support resources, and product updates. With global coverage of development engineers and customer support specialists, Oracle delivers complete, dependable, fully integrated support services. Oracle s one-stop online technical support portal, My Oracle Support, offers a wealth of resources for Corente CSX customers including search knowledge, as well as the ability to log and track service requests, sign up for alerts, view product health recommendations, and much more. 4 CORENTE CLOUD SERVICES EXCHANGE
5 TABLE 1. KEY FUNCTIONALITY AND TECHNICAL SPECIFICATIONS Management portal Application services Server and IP device services Security services Service Policy Definition, Provisioning, and Activation Authenticated, role-based administration Automated policy-checking and distribution Configuration management Automated software updates and upgrades Application Prioritization Application data center failover Session logs Availability, CPU, disk and swap space Authentication and Encryption Automated key creation, distribution, and regeneration Client- and server-side digital certificates with synchronous PKI SHA-2 data authentication Instant key revocation 192-bit AES encryption with worldwide export approval Perfect forward secrecy IPSec ESP tunnel mode Restricted tunnel backhaul internet access Split tunneling direct internet access Availability, bandwidth, jitter, latency, and loss Firewall Services Partner brokering services with mutual consent Advanced NAT and PAT abilities Automated rule generation/configuration Stateful packet inspection Fine-grained access control by site/application/ user/protocol Extranets Mutual consent security trust model Instant synchronous certificate revocation Connectivity services Minimum hardware requirements (x86) Automated IP Address Management Static or dynamic addressing Dynamic Host Configuration Protocol (DHCP) client and server Domain name service (DNS) NAT, proxy, firewall, and internet connection sharing (ICS) device transversal Inbound and outbound NAT and ICS Automatic remapping of overlapping LAN addresses Secure name service (SNS) Routing BGP, RIPv2, OSPF, and PPPoE CPU 1.5 GHz Intel-based i7 or better with Virtualization Technology (VT) Disk 100 GB SATA No RAID drives High Availability Hardware failover Data center failover WAN failover Availability, bandwidth, jitter, latency, and loss Remote Access Windows client SSL client Mobile client (ios, Android) Network Peer configuration 1 Integrated Ethernet Inline configuration 2 Integrated Ethernet DMZ configuration 3 Integrated Ethernet Memory 8 GB RAM Performance 250 MB/sec throughput CONTACT US For more information about Oracle s Corente Cloud Services Exchange, visit oracle.com or call ORACLE1 to speak to an Oracle representative. CONNECT WITH US blogs.oracle.com/oracle facebook.com/oracle twitter.com/oracle oracle.com 5 CORENTE CLOUD SERVICES EXCHANGE Copyright 2014, Oracle and/or its affiliates. All rights reserved. This document is provided for information purposes only, and the contents hereof are subject to change without notice. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether expressed orally or implied in law, including implied warranties and conditions of merchantability or fitness for a particular purpose. We specifically disclaim any liability with respect to this document, and no contractual obligations are formed either directly or indirectly by this document. This document may not be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without our prior written permission. Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners. Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group. 0914
An Oracle White Paper August 2013 What Is an Enterprise Session Border Controller? Introduction... 1 Redefining Enterprise Communications... 2 E-SBCs Protect and Control IP Communications... 3 E-SBCs Do
General Overview What is Oracle s Virtual Compute Appliance? Oracle s Virtual Compute Appliance is an integrated, wire once, software-defined infrastructure system designed for rapid deployment of both
An Oracle White Paper July 2013 Oracle Enterprise Operations Monitor: Real-Time Voice over Internet Protocol Monitoring and Troubleshooting Introduction... 1 Overview... 2 Key Functions and Features...
An Oracle White Paper May 2013 Oracle Audit Vault and Database Firewall 12.1 Sizing Best Practices Introduction... 1 Component Overview... 2 Sizing Hardware Requirements... 3 Audit Vault Server Sizing...
Oracle Hyperion Financial Close Management Oracle Hyperion Financial Close Management is built for centralized, webbased management of period-end close activities across the extended financial close cycle.
VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility
Oracle Database Backup To Cloud: Amazon Simple Storage Service (S3) ORACLE WHITE PAPER JULY 2015 Introduction 1 Why Backup to Cloud Storage? 2 Oracle Secure Backup Cloud Module 3 Complete Data Security
PeopleSoft HelpDesk An organization s corporate help desk is the lifeline of the company, ensuring the systems and facilities that employees need to do their jobs are running smoothly at all times. The
An Oracle White Paper May 2010 Oracle Cloud Computing 1 Executive Overview Cloud computing is a significant advancement in the delivery of information technology and services. By providing on demand access
An Oracle White Paper January 2012 Oracle Database Firewall Introduction... 2 Oracle Database Firewall Overview... 3 Oracle Database Firewall... 3 White List for Positive Security Enforcement... 4 Black
ORACLE PRODUCT DATA HUB THE SOURCE OF CLEAN PRODUCT DATA FOR YOUR ENTERPRISE. KEY FEATURES Out-of-the-box support for Enterprise Product Record Proven, scalable industry data models Integrated best-in-class
See What's Coming in Oracle Service Cloud May 2015 Capabilities and Benefits - Release Content Document ORACLE SERVICE CLOUD MAY RELEASE OVERVIEW This latest release of Oracle Service Cloud provides significant
An Oracle White Paper May, 2012 Deploying a Highly Available Enterprise Manager 12c Cloud Control Product Overview... 2 Introduction... 2 Cloud Control Architecture... 3 Implementation of a Level 3 MAA
An Oracle White Paper June 2013 Comparing Session Border Controllers to Firewalls with SIP Application Layer Gateways in Enterprise Voice over IP and Unified Communications Scenarios Introduction Voice
An Oracle White Paper March 2013 Load Testing Best Practices for Oracle E- Business Suite using Oracle Application Testing Suite Executive Overview... 1 Introduction... 1 Oracle Load Testing Setup... 2
An Oracle White Paper February 2013 Schneider National Implements Next - Generation IT Infrastructure Introduction Schneider National, Inc., a leading provider of truckload, logistics, and intermodal services,
An Oracle White Paper February 2014 Centralized vs. Distributed SIP Trunking: Making an Informed Decision Executive Overview Businesses across the globe are migrating from TDM access services to SIP trunks
Siebel Security Guide Siebel Innovation Pack 2013 Version 8.1/8.2 September 2013 Copyright 2005, 2013 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided
An Oracle White Paper June, 2013 Enterprise Manager 12c Cloud Control Executive Overview... 2 Introduction... 2 Business Application Performance Monitoring... 3 Business Application... 4 User Experience
An Oracle White Paper June 2013 Oracle Real Application Clusters One Node Executive Overview... 1 Oracle RAC One Node 12c Overview... 2 Best In-Class Oracle Database Availability... 5 Better Oracle Database
Data Sheet Cisco Wide Area Application Services Version 4.0 Cisco Wide Area Application Services (WAAS) is a powerful new application acceleration and WAN optimization solution that enables branch office
Symantec Backup Exec 12 for Windows Small Business Server Premium and Standard Editions Comprehensive data protection and system recovery for Microsoft Windows Small Business Server Today s small businesses
Symantec Backup Exec 11d for Windows Servers The Gold Standard in Windows Data Recovery Key benefits Trusted and reliable Eliminates backup windows Enables faster backups Recovers individual files, Exchange
ORACLE HEALTH SCIENCES INFORM: COMPREHENSIVE CLINICAL DATA CAPTURE AND MANAGEMENT CLOUD KEY BENEFITS Accelerate clinical trial timelines while reducing trial cost and risk Collect and deliver higher-quality
McAfee NGFW Reference Guide for Firewall/VPN Role 5.7 NGFW Engine in the Firewall/VPN Role Legal Information The use of the products described in these materials is subject to the then current end-user
IBM Software Thought Leadership White Paper June 2012 Enable and protect business-ready cloud infrastructures IBM Tivoli Storage Manager and Front-safe Portal enable security-rich, cloud-based data protection