Skip to main content

Demystifying OCI’s Virtual Cloud Network: A Deep Dive into VCN Architecture (Part 1)

AA Virtual Cloud Network (VCN) is the fundamental building block for networking in Oracle Cloud Infrastructure (OCI). It can be thought of as a virtual version of a traditional network that you’d operate in your own data center. 

Virtual Cloud Network


The benefits of using a VCN include:

  • Isolation– VCNs provide complete isolation from other virtual networks in the cloud. This allows you to have full control over your network environment.
  • Security– VCNs give you control over security through security lists and network security groups. You can restrict access within subnets as well as between subnets.
  • Customization– VCNs allow you to fully customize the network environment. You can define subnets, route tables, gateways, and other components to meet your specific needs.
[ Good Read: Serverless Architecture ]

The key components that make up a VCN include:

  • Subnets– A subnet is a subdivision of a VCN that allows you to group related resources together. Subnets can be either public or private.
  • Route tables– Route tables control the flow of traffic out of a subnet. They specify the destinations that traffic can be routed to.
  • Security lists– Security lists act as virtual firewalls that control ingress and egress traffic at the subnet level.
  • Gateways– Gateways connect your VCN to external networks or other VCNs. Common gateways are internet gateways, NAT gateways, service gateways, and peering gateways.
  • Network security groups– NSGs provide subnet-level and instance-level security through stateful firewall rules. 

By leveraging VCNs and their components, you can create a secure, robust, and customizable network environment tailored to your application and use case requirements.

Oracle VCN Architecture

Creating a Virtual Cloud Network

Log in to your Oracle Cloud account and Choose Networking > VirtualCloud Networks

Choose Networking > VirtualCloud Networks

Click on Start VCN Wizard

Click on Start VCN Wizard

Click VCN with Internet Connectivity then Click Start VCN Wizard

Click VCN with Internet Connectivity then Click Start VCN Wizard

Fill in the details as shown in the below images

VCN Name:                        OCI_HOL_VCN      # Example
Compartment: Demo # Example
VCN CIDR Block: 10.0.0.0/16 # Example
Public Subnet CIDR Block: 10.0.2.0/24 # Example
Private Subnet CIDR Block: 10.0.1.0/24 # Example
Use DNS Hostnames in this VCN: Checked

Then Click Next

Review the details you have filled then click on Create if the details are correct

It will create a VCN with the provided details

Now VCN is created and you can view it by clicking on View Virtual Cloud Network

Congratulations you have created VCN with 1 Public and 1 Private Subnet.

Public Subnets

Public subnets provide resources with access to and from the public internet via an internet gateway. Resources such as web servers, application servers, and load balancers that need to be accessible from the internet should be deployed in public subnets. 

You Can Check More Info About: Virtual Cloud Network.

Comments

Popular posts from this blog

How to Perform Penetration Testing on IoT Devices: Tools & Techniques for Business Security

The Internet of Things (IoT) has transformed our homes and workplaces but at what cost?   With billions of connected devices, hackers have more entry points than ever. IoT penetration testing is your best defense, uncovering vulnerabilities before cybercriminals do. But where do you start? Discover the top tools, techniques, and expert strategies to safeguard your IoT ecosystem. Don’t wait for a breach, stay one step ahead.   Read on to fortify your devices now!  Why IoT Penetration Testing is Critical  IoT devices often lack robust security by design. Many run on outdated firmware, use default credentials, or have unsecured communication channels. A single vulnerable device can expose an entire network.  Real-world examples of IoT vulnerabilities:   Mirai Botnet (2016) : Exploited default credentials in IP cameras and DVRs, launching massive DDoS attacks. Stuxnet (2010): Targeted industrial IoT systems, causing physical damage to nuclear centrifu...

Infrastructure-as-Prompt: How GenAI Is Revolutionizing Cloud Automation

Forget YAML sprawl and CLI incantations. The next frontier in cloud automation isn't about writing more code; it's about telling the cloud what you need. Welcome to the era of Infrastructure-as-Prompt (IaP), where Generative AI is transforming how we provision, manage, and optimize cloud resources. The Problem: IaC's Complexity Ceiling Infrastructure-as-Code (IaC) like Terraform, CloudFormation, or ARM templates revolutionized cloud ops. But it comes with baggage: Steep Learning Curve:  Mastering domain-specific languages and cloud provider nuances takes time. Boilerplate Bloat:  Simple tasks often require verbose, repetitive code. Error-Prone:  Manual coding leads to misconfigurations, security gaps, and drift. Maintenance Overhead:  Keeping templates updated across environments and providers is tedious. The Solution: GenAI as Your Cloud Co-Pilot GenAI models (like GPT-4, Claude, Gemini, or specialized cloud models) understand n...

How Security-First CI/CD Pipelines Help Mitigate Business Risk

Businesses today must adapt quickly, rolling out software updates and new features at an unprecedented pace. To accomplish this, many turn to Continuous Integration and Continuous Delivery (CI/CD) pipelines. However, this pursuit of speed can introduce significant security risks if it's not approached with caution. This is where the concept of DevSecOps comes into play. It’s an essential strategy for organizations aiming to strike the right balance between speed and security. Historically, security has often been an afterthought, resulting in delays and making systems more vulnerable to cyber threats. DevSecOps changes this narrative by embedding security practices within every stage of the software development lifecycle. In this blog, we will delve into the tangible ROI of adopting DevSecOps , highlighting how a security-first mindset in CI/CD not only minimizes business risks but also reduces downtime and leads to measurable cost savings. Additionally, we’ll examine how automatin...