Traditional cloud infrastructure is typically made up of virtual machines (VMs)

running on top of a hypervisor. The hypervisor isolates the VMs (which share the
same CPUs) then captures I/O from each VM to ensure they are abstracted from the
hardware. The VM is therefore secure and portable as it sees only a software-
defined NIC (network interface card). The hypervisor can inspect all packets
between the VMs and enables features like IP whitelists and access control
lists.Inspection of packets to and from a VM can eat into the host’s CPU cycles,
however, as the hypervisor performs packet switching, encapsulation and enforces
stateful firewall rules. There is also the risk of noisy neighbors (a VM monopolizing
bandwidth, disk I/O and CPU at expense of its neighbors) and inconsistent
performance.

 
Enter Oracle’s next generation Cloud Infrastructure which places network and I/O
virtualization into the network. ‘Off box’ virtualization means virtualization is no longer
committed into the hypervisor, it’s now engineered into the network outside the
physical box. The control plane, which runs the network, cannot be reached from the
public internet. You have the option of creating an explicit virtual connection which
can be monitored, audited and switched off. New services such as  Security
Monitoring and Analytics enable machine learning-based anomaly detection.

Moving virtualization into the network enables bare-metal capability resulting

in dramatic performance and security gains as the performance overhead
associated with traditional virtualization (in the hypervisor) is eliminated. 

There is also more choice and flexibility with the ability to plug anything (within
reason) into the virtual network. Each option consumes a port on a flat virtual
network. It can be a bare metal host, NVMe (Non-Volatile) storage, a VM, a
container, even an engineered system… all running on a virtual private overlay with
everything within 2 hops reach.
  B
are Metal Compute is more secure than traditional virtualization as there is no
software running on your host – the choice is yours to bring your own (BYO)
hypervisor, OS and install any applications you want to run on your machine.
Nobody (including Oracle) has access to your memory space as bare-metal offers a
level of physical isolation not available using traditional virtualization. You have no
adjacent co-tenants, you can simply encrypt all data on-premise, move it to your
memory space and decrypt.Bare Metal Compute running on a flat, private overlay
network boosts performance in terms of IOPS and bandwidth as everything
(compute, object and block storage) runs inside the same low-latency, high-
performance network fabric.