The SGD Gateway comes included (at no additional cost) with purchase of Oracle Secure Global Desktop. The SGD Gateway is a proxy server designed to be deployed in a demilitarized zone (DMZ), which in turn connects to an array of Oracle Secure Global Desktop servers located on the internal network of an organization. Additionally, all connections can be authenticated in the DMZ before any connections are made to the Oracle Secure Global Desktop servers in the array. Connections between client devices and SGD Gateway use port 443. Hence, this does not require administrators to obtain additional approvals for use of non-standard ports in the DMZ.
The SGD Gateway consists of the following components:
- Routing proxy: A Java technology-based application that routes Adaptive Internet Protocol (AIP) data connections to an Oracle Secure Global Desktop server. Keystores in the routing proxy contain the certificates and private keys used to secure connections for the SGD Gateway. The routing proxy uses routing tokens to manage AIP connections. A routing token is a signed, encrypted message that identifies the origin and destination Oracle Secure Global Desktop server for a route.
- Reverse proxy: An Apache web server, configured to operate in reverse proxy mode. The reverse proxy also performs load balancing of HTTP connections.