This image shows a diagram of an Oracle Cloud Infrastructure Region with Cloud Guard. Three availability domains (Availability Domain 1, AD2, and AD3) are located inside the Oracle Cloud Infrastructure region. The diagram shows the deployment of the Siebel CRM application and VM Series firewall in a single availability domain that has three fault domains (FD1, FD2, and FD3).

The architecture consists of three compartments: MGMT COMPARTMENT, SIEBEL COMPARTMENT, and DB COMPARTMENT. Each compartment has a VCN with a route table.

The MGMT COMPARTMENT contains a virtual cloud network (VCN) with 2 public subnets:
  • Untrust Subnet.
  • Management Subnet.
The VM Series Firewall resides between the two subnets and has the following vNIC connections:
  • vNIC1: Connects the Untrust Public Subnet with the firewall
  • vNIC0: Connects the Management Subnet with the firewall
  • vNIC3: Connects the Siebel VCN with the firewall
  • vNIC4: Connects the DB VCN with the firewall

The DRG is the gateway that connects your on-premises network to your cloud network. To enable communication between the DRG and the customer-premises equipment, use IPSec VPN or Oracle Cloud Infrastructure FastConnect. For internet access, set up an internet gateway. Internet traffic flows two directions between the Internet Gateway in vNIC1 and the VM Series Firewall. Traffic from the Customer Data Center flows two directions through FastConnect and IPSec VPN and the Dynamic Routing Gateway.

The SIEBEL COMPARTMENT contains a VCN with Cloud Guard, a Service Gateway, and 4 private subnets.
  • Private Subnet: Siebel Tools are located in FD1.
  • Private Subnet - Load Balancer: The Primary Load Balancer is located in FD1 and the Secondary Load Balancer is located in FD2. The Primary Load Balancer is connected to the Siebel Application Interfaces in FD1 and FD2.
  • Private Subnet - Siebel Application Interface: The Siebel Application Interface is located in FD1 and FD2.
  • Private Subnet - Siebel Application Tier: The Siebel Application Server is located in FD1 and FD2. A Shared File System connects the two Siebel Application Servers. The Gateway Service Cluster and Gateway Registry Service are located in FD1, FD2, and FD3.

The DB COMPARTMENT contains a VCN with Cloud Guard, Max Security Zone, a Service Gateway, and 1 private subnet. The subnet contains a database in FD1 and FD2 with Oracle RAC connecting the two databases.

The following are located in the Region, but outside of the availability domains: Notifications, Marketplace, Autoscaling, Audit, Object Storage, Email Delivery, Encryption, Events, IAM, and Tagging.