The image shows an OCI region that contains a Transit Provider Network Boundary. The OCI region contains an Edge Network with incoming traffic from multiple sources.
Hostile traffic and clean traffic originating from the untrusted network flows into the OCI region Edge Network. Router countermeasures for individual hosts are applied only during attacks. Excess traffic is routed away from the region when the transit provider capacity is at risk of being exceeded.
Customer configurable protection (ACLs/WAF) from multiple internal hosts.
Detection and mitigation platforms are physically located in every OCI public region, with redundant management systems located globally.