Oracle Solaris 11 Continuous Innovation

Joost Pronk van Hoogeveen Martin Müller

Product Management Oracle Solaris Engineering

The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, timing, and pricing of any features or functionality described for Oracle’s products may change and remains at the sole discretion of Oracle Corporation.

Statements in this presentation relating to Oracle’s future plans, expectations, beliefs, intentions and prospects are “forward-looking statements” and are subject to material risks and uncertainties. A detailed discussion of these factors and other risks that affect our business is contained in Oracle’s Securities and Exchange Commission (SEC) filings, including our most recent reports on Form 10-K and Form 10-Q under the heading “Risk Factors.” These filings are available on the SEC’s website or on Oracle’s website at http://www.oracle.com/investor. All information in this presentation is current as of September 2019 and Oracle undertakes no duty to update any statement in light of new information or future events.

Mature business critical applications Delivering critical services Costly and difficult to replace

Aging infrastructure Increasing security risk Complex, bespoke management Lack of real-time insight Lack of capacity Increasingly difficult and expensive to maintain

Consistent Simple Secure Save money Save time Reduce Risk

Engineered for Investment Protection and Innovation

Until at least 2034

Focus on delivery in Updates Focus on delivery in SRUs 2010 2012 2014 2016 2018 2020 2022 2024 2026 2028

Oracle Solaris 11 Oracle Solaris 11.2 Oracle Solaris 11.4

Oracle Solaris 11.1 Oracle Solaris 11.3

• Grouping features for larger distinct releases • Release features when ready • Drives requalification and migration plans • Part of continuous flow of SRUs • Customers need to wait for finished features • Quick delivery of features and fixes

The foundation for ongoing Solaris innovation

• 15 monthly Support Repository Updates (SRUs) delivered to date – More than 200 security fixes – More than 275 enhancements, including: • X8 Platform; Oracle VM Server for SPARC v3.6.1; automatic boot environment naming, Memory Reservation Pools, Solaris WebUI Database Statistics sheet, SCAT 5.5.5, legacy compatibility libraries, SSD BearCove Plus, LEO-B HDD, enhancements to ps(1), prstat(1) and truss(1), additional Linux libc compatibility functions • Updates to many popular Open Source components, including Apache Tomcat, OpenLDAP, LLVM/Clang, BIND, rsync, git, PHP, Rust, Django, MySQL, Apache Web Server, OpenSSL, Erlang, ruby, Python, git, OpenSSH, dnsmasq, mercurial, PTP, NTP, etc. – And many other important security, availability and functional fixes

Observavility Security & Compliance • StatsStore & WebUI • Multi-node Compliance • Stats/Faults/Audits in one location • CVE reports • Database Stats Sheet • Application Sandboxes • REST API • Per-file Auditing

Virtualization Data Management • Single Step Evacuation • ZFS Device Removal • Archive Dehydration • Resumable Send Streams • OCI support • Storage I/O Limits • Memory Pools • Scheduled ZFS Scrubs

Oracle Solaris System Web Interface

View Real-time and historical data • Essential statistics collected continuously • Additional data acquired on demand • Correlation with administrative actions and faults • Integration with Oracle Database V$SYSTEM_EVENT & V$SYSSTAT Lightweight intuitive web UI • Designed for minimal overhead • No Agents to install

Observability — StatsStore, WebUI, Oracle Database & DAX

Full up-to-date insight in security status • Central collection and analysis • Updated every SRU Know exactly which vulnerabilities need to be addressed Added Spectre and Meltdown fixes and compliance checks in SRUs • Indicating which CVE’s are applicable

Oracle Solaris Security Certifications: • Oracle OpenSSL FIPS Object Module • FIPS 140-2 Certificate #3335, 7/18/19 • Oracle Solaris Kernel Cryptographic Framework (kCF) & Oracle Solaris Userland Cryptographic Framework (uCF) • Implementation Under Test 7/10/2019 • Common Criteria • New evaluation in progress

Table 1 Compilers and Interpreters Software Oracle Solaris 11.3 Versions Oracle Solaris 11.4 Versions gcc 3.4, 4.5, 4.7, 4.8 4.9, 5.5 Oracle Solaris incudes more Java 7, 8 8 than 1500 regularly updated Python 2.6, 2.7, 3.4 2.7, 3.4, 3.5 open source and 3rd party Perl 5.8, 5.12 5.22, 5.26 packages., with 157 packages 5.6 (removed in SRU9) , 7.1, 7.3 PHP 5.3, 5.6 (SRU10) updated through SRU11 Ruby Table 2 Developer and DevOps Tools1.9, 2.1 2.3 2.3 (SRU5), 2.6 (SRU9) TCL/TK Software 8.5 Oracle Solaris 11.3 Versions 8.6 Oracle Solaris 11.4 Versions LLVM/Clang MySQL – 5.1, 5.5, 5.6 3.8 5.5, 5.6, 5.7 Go Git – 1.7 1.7 2.15 (replaced by 2.19 in SRU6) GDB 7.6 8.0 Mercurial 3.4 4.1 Puppet Table 4 Network Services and 3.6Clients 5.5 Cmake Software 2.8 Oracle Solaris 11.3 Versions3.9 Oracle Solaris 11.4 Versions Oracle Instant Client Apache HTTPD – 2.2, 2.4 12.2, 18.3 (SRU3) 2.4 Tomcat 6.0, 8.0 8.5 85% of Oracle Solaris SSH SunSSH, OpenSSH 6.5 OpenSSH 7.6 (7.7 as of SRU6) Samba 3.6 4.7 (4.9 as of SRU6) security vulnerabilities Postfix 2.11 3.2 in the last 2 years are ISC BIND 9.6 9.10 associated with firewall IPfilter, PF OpenBSD 5.5 Packet Filter (PF) bundled software Kerberos Sun fork 1.15 Wireshark 1.12 2.4

Deploy compute capacity where & how needed • Application Sandboxes • Containers (Zones), Virtual Machines (Kernel Zones and Logical Domains) Easy device management • Virtual device isolation • Online device add and remove Simple migration and orchestration • One-step evacuate/restore • Enforce Inter-VM application dependencies

Copyright © 2019 Oracle and/or its affiliates. Migration Tools / Encryption Efficiency Convert existing ZFS Filesystems Space overhead reduced Convert filesystems and snapshots Encryption requires no more extra • Full ZFS context is migrated blocks Send/receive from unencrypted to >300% reduction for small files encrypted to new filesystem • Big impact in RAID Z and RAID 1 scenarios • Migrate data on the same devices

Copyright © 2019 Oracle and/or its affiliates. Oracle Solaris REST Interface • Layered on top of Remote Administration Daemon (RAD) • Gives access to all RAD modules • Strong security • Using https over TLS • Uses RBAC access rules • Agentless management • Connect and collect centrally • Use your favorite DevOps or System Management tools

Systems Management through REST — Collect Configuration and Stats, Administrate and Control

Confidential – © 2019 Preserving your Solaris 10 investment Extended support for Solaris 10 now available through January 2024 Minimize your exposure by using Solaris 10 Containers on Solaris 11 • Easily deploy a flash archive from any Solaris 10 system in a branded zone; upgrading the legacy system to S10U9 is no longer required* • blog on modernization via Containers Access to patches for critical issues • Quarterly updates including kernel fixes and key 3rd party component updates • Recently updated components include automount, CDE, Filesystem, Java SE, Apache HTTP, Apache Portable Runtime, BIND, ImageMagik, NTP, libxml2, Apache Tomcat, OpenSSL, SunSSH, GNU tar, RCP, Python, DHCP Client, LDOMS IO, Zsh Shell, RSYNC, Studio C++ libraries, tCsh, ant * From 11.4 SRU7

V2V V2V

Control Solaris Zone Domain Solaris 9 Zone Oracle Solaris 10 Oracle Solaris 10 Oracle Solaris 10 Solaris 10 Zone Solaris 10 Zone

Oracle Solaris 11 Control Domain Solaris 9 Zone

Oracle Solaris 11 Oracle Solaris 10 Oracle Solaris 10 Oracle Solaris 10 P2V

Environment Migration Application Migration

Least Preferred Good Compromise Best Option • Oracle Solaris 10 LDom Oracle Solaris 10 Zone • Oracle Solaris 11 • Little change needed Easy conversion • Biggest change • Still Full Oracle Solaris Oracle Solaris 11 Kernel • Full Oracle Solaris 11 10 Kernel only stack

Control Domain Solaris 10 Zone Solaris 10 Zone Solaris 11 Zone Solaris 11 Zone

Oracle Solaris 11 Oracle Solaris 10 Oracle Solaris 11 Oracle Solaris 11

Oracle Cloud Infrastructure • Bare Metal Compute • Virtual Machine Compute Support Included • pkg access to support repo • Technical Support Solaris Images now available in Cloud Marketplace

Copyright © 2019 Oracle and/or its affiliates. Oracle Solaris meets the Challenge Long Term Investment Protection Consistent management • 20+ year history of Guaranteed • Oracle Enterprise Manager Ops Center Application Binary Compatibility • Integrates with popular DevOps tools • Support for Oracle Solaris 11 through at least 2034 Real time observability Secure, up to date Platform • Integrated auditing • Dynamic tracing • Security in Silicon • Stats Store & Web Dashboard • Integrated compliance tools • More than 1500 regularly updated widely Room for growth used open source packages • SPARC performance and integrated • Easy-to-apply update stream virtualization for the largest workloads

Joost Pronk van Hoogeveen Martin Müller

Product Management Oracle Solaris Engineering