This image shows the reference architecture for deploying OCI Vulnerability Scanning OCI Vulnerability Scanning.

The image shows an Oracle Cloud Region, comprised of a single availability domain (labeled Availability Domain 1), which itself contains two fault domains (labeled Fault Domain 1 and Fault Domain 2). These components are all within a virtual cloud network and divided into three comparments:
  • Compartment A, which contains a load balancer tier with an active load balancer in Fault Domain 1 and a standby load balancer in Fault Domain 2. The active and standby load balancers are connected across the fault domains by a dotted line.
  • Compartment B, which contains a web VM tier, with active web servers in each fault domain. Each web server is connected from the active load balancer in Compartment A by downward arrows.
  • Compartment C, which contains a database VM tier with an active database VM in Fault Domain 1 and a standby database VM in Fault Domain 2. The active database VM is connected to both web servers in Compartment B by bidirectional arrows and to the standby database VM by an unidirectional arrow.

End users access the VCN trhough an internet gateway, which directs them to the load balance tier. Outside the region, a scanning recipe identifies the scanning targets and and feeds this data to both Compartment B (the web VMs) and Compartment C (the database VMs).

The availability domain produces OCI Vulnerability Scanning results which feeds events and logging components within the region. The results also feed Cloud Guard, within a separate Cloud Guard Global Reporting Region.

User outside both region can set up and view reports from the OCI Vulnerability Scanning results or set up detectors and view scanning problems through Cloud Guard, within the Cloud Guard Global Reporting Region.