2.1 SGD Server Requirements and Support

2.1.1 Supported Installation Platforms for SGD

Table 2.1, “Supported Installation Platforms for SGD” lists the supported installation platforms for SGD.

Table 2.1 Supported Installation Platforms for SGD

Operating System	Supported Versions
Oracle Solaris on SPARC platforms	Solaris 10 [at least version 8/11 (update 10)] Solaris 11 Trusted Extensions versions of the above
Oracle Solaris on x86 platforms	Solaris 10 [at least version 8/11 (update 10)] Solaris 11 Trusted Extensions versions of the above
Oracle Linux (64-bit only)	5 (at least version 5.8) 6 (at least version 6.2) 7 (at least version 7.0)

Operating System

Supported Versions

Oracle Solaris on SPARC platforms

Solaris 10 [at least version 8/11 (update 10)]

Solaris 11

Trusted Extensions versions of the above

Oracle Solaris on x86 platforms

Solaris 10 [at least version 8/11 (update 10)]

Solaris 11

Trusted Extensions versions of the above

Oracle Linux (64-bit only)

5 (at least version 5.8)

6 (at least version 6.2)

7 (at least version 7.0)

Note

This table shows the installation platforms that Oracle has tested with this release of SGD. For up to date information on supported platforms, see knowledge document ID 1416796.1 on My Oracle Support (MOS).

Oracle products certified on Oracle Linux are also certified and supported on Red Hat Enterprise Linux due to implicit compatibility between both distributions. Oracle does not run any additional testing on Red Hat Enterprise Linux products.

2.1.1.1 Virtualization Support

SGD is supported and can be installed in an Oracle virtualized environment. If you encounter a problem when using an unsupported virtualization environment, you may be asked to demonstrate the issue on a non-virtualized operating system to ensure the problem is not related to the virtualization product.

Installation in zones is supported for Oracle Solaris platforms. SGD can be installed either in the global zone, or in one or more non-global zones. Installation in both the global zone and a non-global zone is not supported.

On Oracle Solaris Trusted Extensions platforms, you must install SGD in a labeled zone. Do not install SGD in the global zone.

2.1.1.2 Network Requirements

IPv6 network addresses are not supported for the SGD host.

IPv6 network addresses are supported for deployments using the SGD Gateway. See Network Requirements in the Oracle Secure Global Desktop Gateway Administration Guide.

See the Oracle Secure Global Desktop Installation Guide for details of network requirements for SGD.

2.1.2 Supported Upgrade Paths

Upgrades to version 5.4 of SGD are only supported from the following versions:

Oracle Secure Global Desktop Software version 5.3
Oracle Secure Global Desktop Software version 5.2
Oracle Secure Global Desktop Software version 5.1
Oracle Secure Global Desktop Software version 5.0
Oracle Secure Global Desktop Software version 4.71
Oracle Secure Global Desktop Software version 4.63

If you want to upgrade from any other version of SGD, contact Oracle Support.

2.1.3 Third Party Components for SGD

SGD includes the following third party components:

Java technology. This release of SGD includes Java 8 update 161.

SGD web server components. The SGD web server consists of an Apache web server and a Tomcat JavaServer Pages (JSP) technology container preconfigured for use with SGD.

The SGD web server consists of several components. The following table lists the web server component versions for this release of SGD.

Component Name	Version
`Apache HTTP Server`	2.4.29
`OpenSSL`	1.0.2n
`Apache Tomcat`	7.0.82

The Apache web server includes all the standard Apache modules as shared objects.

The minimum Java Virtual Machine (JVM) software heap size for the Tomcat JSP technology container is 256 megabytes.

2.1.4 Supported Authentication Mechanisms

The following are the supported mechanisms for authenticating users to SGD:

Lightweight Directory Access Protocol (LDAP) version 3
Microsoft Active Directory
Network Information Service (NIS)
RSA SecurID
Oracle Access Manager
Web server authentication (HTTP/HTTPS Basic Authentication), including public key infrastructure (PKI) client certificates

2.1.4.1 Supported Versions of Active Directory

Active Directory authentication and LDAP authentication are supported on the following versions of Active Directory:

Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows Server 2016

2.1.4.2 Supported LDAP Directories

SGD supports version 3 of the standard LDAP protocol. You can use LDAP authentication with any LDAP version 3-compliant directory server. However, SGD only supports the following directory servers:

Oracle Unified Directory 11gR1 (11.1.1.x), 11gR2 (11.1.2.x)
Oracle Internet Directory 11gR1 (11.1.1.x), 11gR2 (11.1.2.x)
Oracle Directory Server Enterprise Edition 11gR1 (11.1.1.x)
Microsoft Active Directory, as shown in Section 2.1.4.1, “Supported Versions of Active Directory”

Other directory servers may work, but are not supported.

2.1.4.3 Supported Versions of SecurID

SGD has been tested with version 8.1 of RSA Authentication Manager.

SGD supports system-generated PINs and user-created PINs.

2.1.4.4 Supported Versions of Oracle Identity Management

SGD works with the following versions of Oracle Identity Management:

Oracle Identity Management 11gR2 (11.1.2.x)

2.1.5 SSL Support

SGD supports TLS versions 1.0, 1.1, and 1.2

SGD supports Privacy Enhanced Mail (PEM) Base 64-encoded X.509 certificates.

SGD supports the Subject Alternative Name (subjectAltName) extension for SSL certificates. SGD also supports the use of the * wildcard for the first part of the domain name, for example *.example.com.

SGD includes support for a number of Certificate Authorities (CAs). The /opt/tarantella/etc/data/cacerts.txt file contains the X.500 Distinguished Names (DNs) and MD5 signatures of all the CA certificates that SGD supports. Additional configuration is required to support SSL certificates signed by an unsupported CA. Intermediate CAs are supported, but additional configuration may be required if any of the certificates in the chain are signed by an unsupported CA.

SGD supports the use of external hardware SSL accelerators, with additional configuration.

By default, SGD uses Oracle approved cipher suites.

Other cipher suites may be configured, as described in the Oracle Secure Global Desktop Administration Guide. You can use any cipher suite that is supported by the version of OpenSSL supplied with SGD.

2.1.6 Printing Support

SGD supports two types of printing: PDF printing and Printer-Direct printing.

For PDF printing, SGD uses Ghostscript to convert print jobs into PDF files. Your Ghostscript distribution must include the ps2pdf program. For best results, install the latest version of Ghostscript on the SGD host.

SGD supports Printer-Direct printing to PostScript, Printer Command Language (PCL), and text-only printers attached to the user's client device. The SGD tta_print_converter script performs any conversion needed to format print jobs correctly for the client printer. The tta_print_converter script uses Ghostscript to convert from Postscript to PCL. To support this conversion, Ghostscript must be installed on the SGD server. For best results, download and install the additional fonts.

Ghostscript is not included with the SGD software.

To print from a UNIX or Linux system application server using CUPS (Common UNIX Printing System), the version of CUPS must be at least 1.4.2.