2.3. SGD Gateway Requirements and Support

This section describes the supported platforms and requirements for the SGD Gateway.

2.3.1. Supported Installation Platforms for the SGD Gateway

The supported installation platforms for the SGD Gateway host are shown in the following table.

Operating System

Supported Versions

Oracle Solaris on SPARC platforms

At least Oracle Solaris 10 10/09

Oracle Solaris on x86 platforms

At least Oracle Solaris 10 10/09

Oracle Linux (32-bit and 64-bit)

5.5, 5.6, 5.7

Oracle products certified on Oracle Linux are also certified and supported on Red Hat Enterprise Linux due to implicit compatibility between both distributions. Oracle does not run any additional testing on Red Hat Enterprise Linux products.

By default, the SGD Gateway is configured to support a maximum of 100 simultaneous HTTP connections and 512 simultaneous Adaptive Internet Protocol (AIP) connections. The JVM memory size is optimized for this number of connections. Appendix C of the Oracle Secure Global Desktop 4.6 Gateway Administration Guide has details of how to tune the Gateway for the expected number of users.

2.3.1.1. Virtualization Support

The supported installation platforms for the SGD Gateway are supported on a Type 1 (bare metal) hypervisor or a Type 2 (hosted) hypervisor, for example Oracle VM VirtualBox, VMWare, or Oracle VM Server for SPARC (previously called Sun Logical Domains or LDoms).

On Oracle Solaris 10, installation in zones is not supported.

2.3.1.2. Retirements to Supported Gateway Installation Platforms

The following table shows the SGD Gateway installation platforms that have been retired.

SGD Version

Platforms No Longer Supported

4.60

OpenSolaris (all versions)

Red Hat Enterprise Linux 5.0 to 5.4

Solaris 10 OS up to, and including, 5/09

SUSE Linux Enterprise Server 10

4.50

Not applicable

2.3.2. SGD Server Requirements for the SGD Gateway

The following requirements apply for the SGD servers used with the SGD Gateway:

  • Secure mode. By default, the SGD Gateway uses secure connections to SGD servers. You must enable secure connections on your SGD servers. Firewall forwarding must not be enabled.

  • Integrated mode. SGD Clients must not be configured to access the SGD servers in Integrated mode.

  • SGD version. The SGD servers must be running at least version 4.5 of SGD. It is best to use version 4.6 of the Gateway with version 4.6 of SGD.

  • Clock synchronization. It is important that the system clocks on the SGD servers and the SGD Gateway are in synchronization. Use Network Time Protocol (NTP) software, or the rdate command, to ensure that the clocks are synchronized.

2.3.3. Apache Web Server

The Apache web server supplied with the SGD Gateway is Apache version 2.2.17. It includes the standard Apache modules for reverse proxying and load balancing. The modules are installed as Dynamic Shared Object (DSO) modules.

2.3.4. Supported Cipher Suites for SSL Connections

The SGD Gateway supports the following cipher suites for SSL connections:

  • SSL_RSA_WITH_RC4_128_MD5

  • SSL_RSA_WITH_RC4_128_SHA

  • TLS_RSA_WITH_AES_128_CBC_SHA

  • TLS_RSA_WITH_AES_256_CBC_SHA

  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA

  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA

  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA

  • TLS_DHE_DSS_WITH_AES_256_CBC_SHA

  • SSL_RSA_WITH_3DES_EDE_CBC_SHA

  • SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA

  • SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA

  • SSL_RSA_WITH_DES_CBC_SHA

  • SSL_DHE_RSA_WITH_DES_CBC_SHA

  • SSL_DHE_DSS_WITH_DES_CBC_SHA

  • SSL_RSA_EXPORT_WITH_RC4_40_MD5

  • SSL_RSA_EXPORT_WITH_DES40_CBC_SHA

  • SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA

  • SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA