



Secure data center connection to the cloud

Discover how SQORUS successfully connected a datacenter to the cloud, guaranteeing optimal security and performance. A case study in hybrid infrastructure without compromise.

The challenge

Implementation of network architecture with IPSec VPN on OCI

Our customer, a company in the financial sector, needed to interconnect its on-premises datacenter to Oracle Cloud Infrastructure (OCI), while ensuring strict isolation between production and development environments. It was essential to guarantee an encrypted connection and reduce interconnection costs without compromising latency.

Background & objectives

Design a modular, highly available OCI network



The customer operated a hybrid environment with mission-critical applications residing both on-premises and in the cloud.

Its infrastructure had to meet the following requirements

Secure connectivity with the on-premises datacenter.
Strict isolation between production and development environments.
Optimized performance and reduced latency.
Scalability of the architecture to support future extensions.

The objectives of this implementation were:

Deploy an IPSec VPN to secure the connection between OCI and the on-premise infrastructure.
Implement a VCN Peering to interconnect production and development VCNs, while maintaining isolation of sensitive flows.
Ensure network redundancy and resilience using OCI best practices.

The SQORUS solution

A high-performance, secure OCI network architecture

SQORUS has designed an optimized hybrid network infrastructure, based on Oracle Cloud Infrastructure network services.

IPSec VPN connection

Interconnection

Automation

Performance & Security

Setting up an IPSec VPN connection

Deployment of a Dynamic Routing Gateway (DRG) to interconnect the on-premises network and OCI.
Configuration of a redundant IPSec VPN with two active/passive tunnels to ensure service continuity.
Use of AES-256 encryption and pre-shared key authentication for optimum security.
Supervision of VPN tunnels with OCI Monitoring to anticipate possible service interruptions.

VCN interconnection via VCN Peering

Separation of environments: a separate VCN for production and another for development.
Implementation of a Local Peering Gateway (LPG) to interconnect VCNs without public exposure.
Strict filtering of inter-VCN traffic with Network Security Groups (NSGs) and Security Lists to control communications.

High availability and automation

High-availability load balancer to distribute traffic to critical applications.
Distribution of critical resources (e.g. bastion, NAT Gateway) over two Availability Domains (ADs) to guarantee resilience.
Automated deployment of VCNs, DRGs and security rules via Terraform, and Ansible scripts to configure on-premises firewalls and dynamic routes.

Optimizing performance and security

High-availability load balancer to distribute traffic to critical applications.
Distribution of resources across multiple Availability Domains (ADs) to guarantee resilience.
Automated deployment of security rules and network configurations with Terraform.

The results

Secure, high-performance connectivity for the enterprise

Thanks to this optimized network architecture, the customer was able to benefit from the following advantages:

50% reduction in latency between on-premise and OCI infrastructures.
Enhanced security through end-to-end encryption and strict access controls.
High availability with full redundancy on VPN connections.
Optimized costs by reducing dependence on expensive private links.



Methodology

SQORUS best practices for a resilient OCI network

Use a separate VCN for each environment (production, development, test) to ensure isolation of sensitive flows.

Set up active monitoring of IPSec VPN tunnels to anticipate possible interruptions.

Automate network deployment with Terraform to guarantee reproducible and secure configurations.

Configure granular security rules via Security Lists and NSGs to limit attack surfaces.

The SQORUS choice

Why our customer chose SQORUS for this project



Expertise

Team of certified OCI architects, specialized in hybrid and multi-cloud architectures.

Industry references (finance, healthcare, public sector) in compliance.



Support

Proven methodology including network penetration tests and pre-migration security audits.

Close collaboration with the customer’s network teams for skills transfer.



Oracle Partner

Privileged access to OCI product roadmaps and priority technical support.

Participation in programs for new network and security features in Oracle Cloud Infrastructure.

Contact SQORUS for your financial data security project

Adopting OCI’s network services enables companies to ensure secure hybrid connectivity while optimizing performance and costs. At SQORUS, we turn these technologies into real-world solutions, as demonstrated by this case study: a robust, flexible network architecture that meets the most stringent security requirements.

Contact SQORUS

They trust us