This image shows a single region with a single virtual cloud network (VCN) that spans 2 availability domains. The region provides the following services:

• Identity and access management
• Domain Name Service
• File storage
• Object storage

The virtual cloud network (VCN) provides the following gateways:

• Dynamic routing gateway (DRG): Provides private connectivity using Site-to-Site VPN or FastConnect for customer data center remote access.
• Internet gateway: Provides communications between public subnets and online users.
• Network address translation (NAT) gateway: Enables private resources in a VCN to access hosts on the internet, without exposing those resources to incoming internet connections.

The VCN includes 2 subnets arranged as functional layers:

• Flexible Load Balancer public subnet: Handles traffic from outside the cloud and passes the traffic on to the Gateway Server layer.
• Gateway/Broker/Desktop private subnet:
  • Gateway server VMs pass incoming traffic through a private Load Balancer to the Broker layer.
  • Broker (Microsoft Windows) VMs pass requests to the Remote Desktop Servers layer. Block storage is provided.
  • Remote Desktop Server (Microsoft Windows) VMs provide desktop environments.