Oracle E-Business suite application reference architecture
To support Oracle E-Business applications (EBS) Access Gateway supports multiple approaches, typically referred to as rapid and classic. In the rapid architecture, so named because it can be implemented in less then a day, an Access Gateway agent interacts with an Oracle database using a Database Connect Descript file (DBC) file created by an Oracle DBA. Using this file and knowledge of EBS application URLs, rapid EBS application integration is quick and easy.
When an integration requires interfacing to Oracle AccessGate, EBS classic is required. With Access Gateway EBS classic, integrations use Oracle AccessGate, an OID/OUD instance, and associated URLs and ports to integrate.
Approach
To deploy Access Gateway to secure applications in an environment described above, it is best to begin deployment of a base architecture and then add specific features as needed. This methodology will allow an organization to begin moving forward in an agile fashion and not become overly bogged down in requirements analysis.
Key steps in determining an overall architecture include:
- Identify how applications are to be integrated with Okta and Access Gateway. Typical integrations include:
- Identify how many users will access the applications and how often. This will help determine how many instances of Access Gateway are required, what number of load balancers are necessary and generally how the architecture components will be distributed.
- Identify which applications should be accessible through Access Gateway from the internet and which should require the user have access to the internal network. Typically this starts as a subset of applications, and expands over time.
Access Gateway EBS architectures
Access Gateway EBS installations can be deployed in any number of possible combinations. Common architecture are:
| EBS internal rapid |
The simplest of all Oracle E-Business architectures, the EBS internal rapid architecture supports accessing an internal use only EBS application. |
| EBS external rapid |
An expansion of the EBS internal rapid architecture, the EBS external rapid architecture, sometimes referred to as a VPN replacement, supports accessing an EBS application from the external internet. |
| EBS external classic external | When Oracle Access Gate and OID/OUD are required the EBS classic architecture can be used. |
Architecture functional area breakdown
Architectures are broken down into the following functional areas:
| External internet | The external internet represents clients that access applications, as well as including your Okta Org. |
| DMZ | The DMZ houses an Access Gateway cluster, and associated components, to allow access to applications from the external internet. |
| Internal | The internal network houses the applications being protected by Access Gateway as well as other components required to make these applications widely available. |