'We don't trust you' Oracle's Larry Ellison tells customers, spruiks Gen 2 Cloud
- 24 October, 2018 03:59
Keeping up the tradition of the last few years, Larry Ellison's opening keynote at Oracle's annual OpenWorld conference was littered with catchy soundbites as well as barbed criticisms of rival cloud providers, in particular Amazon Web Services.
The latter got in the way somewhat of the Oracle co-founder and CTO's actual announcement: the company's second generation cloud, or Gen 2 Cloud for short.
The release has been many years in the making, Ellison said, and "required a fundamental re-architecture of our cloud".
“The design goal of Oracle’s Gen 2 Cloud is one secure platform to run everything," Ellison told the audience at the San Francisco event on Monday morning. "It’s easy to say, very hard to do, to build a secure cloud."
The aim of the overhaul is to improve security by means of separating customer data in the cloud from Oracle's cloud control computing.
The shared model of other providers, which up until now had been Oracle's too, leaves them open to user code being able to access cloud control code: a significant vulnerability, Ellison claimed.
"That means you better trust your customers, you better trust all your customers. If you’re going to let your customers inject code, if you’re going to let customers share that computer – the computer you use to control the cloud – and those customers are smart, they can look at your cloud control code, they can change your cloud control code; they can move from one computer to the other, they can look at other customers' data, they can schedule the other customers’ data [to be] exfiltrated out of the cloud some place else," Ellison explained.
"No offence, we don't trust you" he later joked.
Oracle's architecture puts up an "impenetrable barrier" thanks to a dedicated network of cloud control computers. Those computers 'protect cloud perimeter and customer zones' and no customers access is given to cloud control computers or memory, knocking out a “fundamental problem with the architecture of the cloud”.
By comparison, according to Ellison, Amazon Web Services runs “AWS cloud control code” on the same machines as customer data and code.
That meant there was potential for malicious actors to become customers then “change the Amazon code and hack the system,” Ellison said.
"Other clouds have been around for a long time, they were not really designed for the enterprise," he added.
Whether there is such a thing as an 'impenetrable barrier' and how significant a vulnerability having cloud control code on the same systems of customer data is not obvious. Most of the notable data breaches namechecked by Ellison in his keynote, namely Facebook, Google, AWS and The Pentagon, were not done by this means, as far as is known.
Analyst Doug Henschen of Constellationr said on Twitter: "It’s a set of features I’d want under the hood, but I’m not interested in hearing about them. Generating FUD about rival clouds."
Adding to the “Star Wars cyber defence” of Gen 2 Cloud are a battalion of autonomous robots to "kill threats" that don't rely on any human input for the most part, Ellison continued.
The situation had now changed, he added, from 'our people versus their robots' to 'our robots versus their robots'.
“We’ve used a lot of the latest artificial intelligence and machine learning to find threats. You’re not fighting with both hands tied behind your back anymore,” he said.
The marquee product enabled by Oracle's Gen 2 Cloud is its Autonomous Database which the company pitches as "the industry’s first and only self-driving database".
The database – really a database-as-a-service product – uses machine learning to automatically upgrade, patch, and tune as it's runs; and automates security updates with no downtime window required. Oracle says it completely "eliminates human labor, human error, and manual tuning".
Given as much as 75 per cent of the total cost of database management goes towards human labour, according to IDC, the benefits of automating the management is significant.
"Although most modern relational database management systems, including Oracle Database, have developed many features and functions that are designed to lessen the burden of these activities, it remains the case that, at the highest level of size, complexity, and performance criticality, meeting the SLA for the database requires a set of skills generally regarded as something of a black art," IDC said in a February report on the product.
"Oracle Autonomous Database delivers major benefits to customers in two forms: labour savings by automating database tuning and problem detection and reduced downtime due to unplanned outages and software/system maintenance," the report stated.
Despite the considerable benefits, and Oracle's first mover status, Ellison instead focused the Autonomous Database portion of the keynote on AWS. Much like the promotional materials for the product – a wonky painting of a red car – it may have come off as a little juvenile.
AWS' semi-autonomous database, Ellison said, was no match for Oracle's autonomous one.
"That's like a semi-autonomous car, you get in, drive it... and you die," he said. Oracle Autonomous Database meanwhile "really is self driving. No one's going to die."
In the second half of the keynote, select benchmarks tests were run comparing Oracle Autonomous Database against Amazon Relational Database Service (RDS), Amazon Aurora, and Amazon Redshift, in which, unsurprisingly Oracle came off better.
"We're done, they're not done, they've got a long way to go," Ellison said as the Oracle's red dial turned faster than AWS' yellow one.
"We're at 20 per cent they're only at one – oh they got two per cent, damn it," he said on the next test.
There were some new deployment options announced for Oracle Autonomous Database, including dedicated Exadata Cloud Infrastructure for workload isolation and Cloud at Customer, Oracle's product for customers who can't move to public cloud due to regulatory restrictions.
Ellison also spruiked the ease of migration to Gen 2 Cloud: "Every generation, we want to protect your investment in data and applications, and make it easy to lift that stuff up and take full advantage of the next generation," he said.
That too came with another potshot at AWS, with Ellison saying AWS charged many times more than Oracle to move data out of its cloud.
"Funny I didn’t know data in the same pipe costs more depending on which direction it’s going," he said.
As analyst Henschen summarised: "Very us-or-them. Why not foster openness to wherever customers want and let best cloud win?"
The author travelled to Oracle OpenWorld as a guest of Oracle.