This image shows an Oracle Cloud
Infrastructure (OCI) region with 1 availability domain, 3 fault domains, and a software-as-a-service (SaaS) tenancy.
The SaaS tenancy shows Oracle Fusion Cloud
Enterprise Resource Planning and Oracle Fusion Cloud Supply Chain
& Manufacturing apps.
The on-premises customer data center uses a firewall and site-to-site (active and standby) VPN to connect to OCI by using
a dynamic routing gateway (DRG).
The region provides the following services:
- Oracle Mobile Hub
- Oracle Cloud Infrastructure Audit
- Oracle Cloud Infrastructure Identity
and Access Management
- Oracle Cloud
Infrastructure Object Storage is used for database backups
- Oracle Integration Cloud
Service for SaaS
One virtual cloud network (VCN) provides the following gateways:
- Internet gateway: Provides communications between public subnets and internet hosts. In this case, mobile users connect to
the gateway by using Oracle Cloud Infrastructure Web
Application Firewall.
- Dynamic routing gateway (DRG): Provides private connectivity between on-premises networks and VCNs by using Site-to-Site
VPN or FastConnect. A DRG can also route traffic between VCNs for remote peering.
- Service gateway: VCNs communicate with services such as object storage over the Oracle network fabric without traversing the
internet.
The VCN includes 3 subnets:
- DMZ subnet: Includes a firewall in fault domain 1 to handle traffic from the DRG and passes it on to the connectivity agents
in the Active subnet.
- Active private subnet: Provides 6 Oracle Integration Cloud
Service connectivity agents distributed across fault domains.
- Prod Database private subnet: Provides an Oracle Autonomous Transaction
Processing instance across all fault domains.