This section describes the supported platforms and requirements for the SGD Gateway.
The supported installation platforms for the SGD Gateway host are shown in the following table.
Operating System | Supported Versions |
---|---|
Oracle Solaris on SPARC platforms | Solaris 10 8/11 (update 10) Solaris 11 |
Oracle Solaris on x86 platforms | Solaris 10 8/11 (update 10) Solaris 11 |
Oracle Linux (32-bit and 64-bit) | 5.7 5.8 6.2 6.3 |
For up to date information on supported installation platforms, see knowledge document ID 1416796.1 on My Oracle Support (MOS).
Oracle products certified on Oracle Linux are also certified and supported on Red Hat Enterprise Linux due to implicit compatibility between both distributions. Oracle does not run any additional testing on Red Hat Enterprise Linux products.
By default, the SGD Gateway is configured to support a maximum of 100 simultaneous HTTP connections and 512 simultaneous Adaptive Internet Protocol (AIP) connections. The JVM memory size is optimized for this number of connections. Appendix C of the Oracle Secure Global Desktop Gateway Administration Guide has details of how to tune the Gateway for the expected number of users.
SGD is supported and can be installed in an Oracle virtualized environment. If you encounter a problem when using an unsupported virtualization environment, you may be asked to demonstrate the issue on a non-virtualized operating system to ensure the problem is not related to the virtualization product.
On Oracle Solaris platforms, installation in zones is supported. The SGD Gateway can be installed either in the global zone, or in one or more non-global zones. Installation in both the global zone and a non-global zone is not supported.
The following table shows the SGD Gateway installation platforms that have been retired.
SGD Version | Platforms No Longer Supported |
---|---|
4.71 | No changes from 4.70 |
4.70 | Oracle Solaris 10 up to, and including, 9/10 (update 9) Red Hat Enterprise Linux 5.5 Oracle Enterprise Linux 5.5 |
The following requirements apply for the SGD servers used with the SGD Gateway:
Secure mode. By default, the SGD Gateway uses secure connections to SGD servers. You must enable secure connections on your SGD servers. Firewall forwarding must not be enabled.
In a standard installation, an SGD server is configured automatically to use secure connections.
SGD version. It is best to use version 4.7 of SGD with version 4.7 of the Gateway. Use the latest version of the Gateway, where possible.
Clock synchronization. It is important that the system clocks on the SGD servers and the SGD Gateway are in synchronization. Use Network Time Protocol (NTP) software, or the rdate command, to ensure that the clocks are synchronized.
The Apache web server supplied with the SGD Gateway is Apache version 2.2.25. It includes the standard Apache modules for reverse proxying and load balancing. The modules are installed as Dynamic Shared Object (DSO) modules.
The SGD Gateway includes Java Runtime Environment (JRE) version 1.6.0_65.
SSL support for the SGD Gateway is provided by the Java Runtime Environment (JRE) supplied with the Gateway. See the Java Platform documentation for more details.
The SGD Gateway supports Privacy Enhanced Mail (PEM) Base 64-encoded X.509 certificates. These certificates have the following structure:
-----BEGIN CERTIFICATE-----
...certificate
...
-----END CERTIFICATE-----
The SGD Gateway supports the use of external hardware SSL accelerators, with additional configuration.
By default, the SGD Gateway is configured to support the following high grade cipher suites for SSL connections:
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_256_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
The following cipher suites are also supported, but must be configured by the user as shown in the Oracle Secure Global Desktop Gateway Administration Guide.
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA