This section describes the following SGD Gateway
deployment scenarios:
This section describes the configuration tasks for a basic
deployment of the SGD Gateway.
A basic deployment uses a single SGD Gateway, as
shown in Figure 2.1, “Basic Deployment Using a Single SGD Gateway”.
Configuring a basic deployment involves configuring the
connections shown in
Table 2.1, “Connections For a Basic Deployment of the SGD Gateway”.
Table 2.1. Connections For a Basic Deployment of the SGD Gateway
Connection
|
Configuration Steps
|
---|
Client device to SGD Gateway
| |
SGD Gateway to SGD servers
|
Enable SGD security services for the
array.
The SGD servers must be running in
secure mode. Firewall forwarding must not be
enabled.
In a standard installation, an SGD
server is configured automatically to use secure
connections. See "Secure Connections to
SGD Servers" in Chapter 1 of the
Oracle Secure Global Desktop Administration Guide for Release 4.7 if you need
information on how to secure an SGD
server.
On the SGD Gateway, install security
certificates for the SGD servers.
Use the gateway server command
to import CA certificates and SSL certificates for
the SGD servers in the array into the
SGD Gateway keystore.
See
Section 2.2.2.1, “How to Install SGD Server Certificates”.
Set up the SGD servers in the array
to use the SGD Gateway.
Install the SGD Gateway certificate
on the SGD array, and use the
tarantella gateway add command
to register the SGD Gateway with the
SGD array.
See
Section 2.2.2.2, “How to Install SGD Gateway Certificates on the
SGD Array”.
Configure which SGD Client
connections can use the SGD Gateway.
See Section 2.2.2.3, “How to Configure SGD Client Connections”.
|
2.1.2. Load-Balanced Deployment
This section describes the configuration tasks for a
load-balanced deployment of the SGD Gateway.
A load-balanced deployment uses multiple SGD
Gateways and a load balancer as the network entry point, as
shown in Figure 2.2, “Network Deployment Using Multiple SGD Gateways and a Load
Balancer”.
Configuring a load-balanced deployment involves configuring the
connections shown in
Table 2.2, “Connections For a Load-Balanced Deployment of the SGD
Gateway”.
Table 2.2. Connections For a Load-Balanced Deployment of the SGD
Gateway
Connection
|
Configuration tasks
|
---|
Client device to load balancer
|
Enable incoming connections from client devices.
Typically, this uses TCP port 443.
See your load balancer documentation for details
of how to do this.
(Optional) On the load balancer, install the SSL
certificate used by the SGD Gateways
for client connections.
See your load balancer documentation for details
of how to do this.
|
Load balancer to SGD Gateway
| |
SGD Gateway to SGD servers
|
Enable SGD security services for the
SGD array.
The SGD servers must be running in
secure mode. Firewall forwarding must not be
enabled.
In a standard installation, an SGD
server is configured automatically to use secure
connections. See "Secure Connections to
SGD Servers" in Chapter 1 of the
Oracle Secure Global Desktop Administration Guide for Release 4.7 if you need
information on how to secure an SGD
server.
On the SGD Gateway, install security
certificates for the SGD servers.
Use the gateway server command
to import CA certificates and SSL certificates for
the SGD servers in the array into the
SGD Gateway keystore.
See
Section 2.2.2.1, “How to Install SGD Server Certificates”.
Set up the SGD servers in the array
to use the SGD Gateways.
Install SGD Gateway certificates on
the SGD array, and use the
tarantella gateway add command
to register the SGD Gateways with the
SGD array.
See
Section 2.2.2.2, “How to Install SGD Gateway Certificates on the
SGD Array”.
Configure which SGD Client
connections can use the SGD Gateways.
See Section 2.2.2.3, “How to Configure SGD Client Connections”.
|