Description of the illustration merch-physical-arch.png

This image illustrates the physical architecture employed to set up SSO between Azure AD and Oracle Access Manager for Oracle E-Business Suite.

At the top is a box containing icons labeled Customer Data Center and Customer-Premises Equipment (CPE). An arrow points from the box to three small boxes arrayed top to bottom. These boxes are labeled External Web Client, Internal Web Client, and Management. This box also has an arrow pointing to a FastConnect icon and one pointing to the ExpressRoute Gateway attached to a box labeled Virtual Network. This ExpressRoute Gateway also points to the Azure load balancer icon, which further points to a box labeled Availability set and will be described later in this description.

Extending from the Internal Web Client box is an arrow labeled Web Traffic, which also points to the aforementioned ExpressRoute Gateway. The FastConect icon has an arrow labeled SSH that points to the Dynamic Routing Gateway within a box labeled Oracle Cloud Infrastructure (Region). Within this box is a smaller box, labeled Virtual Cloud Network, that contains a smaller box labeled Availability Domain 1. Nested within this box are the interconnected Bastion Subnet, containing a bastion server, and the Database Tier Subnet C, containing a RAC Database or Exadata implementation. The Bastion server is interconnected by a double-headed arrow to the Dynamic Routing Gateway. Database Tier Subnet C is connected outside the Oracle Cloud Infrastructure (Region) via FastConnect to a second ExpressRoute Gateway icon on the Virtual Network box.

The Virtual Network box contains three smaller box, all labeled Availability Set and containing multiple components. At the top of this box, the ExpressRoute Gateway connects via SSH to a box labeled Availability Set. This box contains and icon labeled Network Security Group and two smaller boxes representing the bastion virtual machine and the SFTP virtual machine. This availability set box points to another availability set box. This second box contains and icon labeled Network Security Group and two smaller boxes representing the Retail Merchandising virtual machine and the Retail Integration virtual machine. It is interconnected with the third availability set box—which contains another virtual machine—and the second ExpressRoute Gateway.