The figure shows an environment with three sections (Internet, DMZ, internal) separated by firewalls:

• Between the Internet and the DMZ is the external firewall. HTTP and HTTPS requests from the Internet go through the external firewall to get to the load balancer in the DMZ. HTTP requests use port 80, and HTTPS requests use port 443.

• Between the DMZ and the Internal zone is the DMZ firewall. Oracle Application Server middle tiers and Oracle Identity Management components run in the DMZ, while Oracle Internet Directory, the OracleAS Metadata Repository, and customer databases run in the internal zone.

  Requests that go from the DMZ to the Internal zone are:

  • LDAP requests (port 389)

  • LDAP SSL requests (port 636)

  • SQL*Net 2 requests (port 1521)

  • ONS requests (port 6200)

  Requests that go from the Internal zone to the DMZ are:

  • ONS requests (port 6200)

  • Web Cache invalidation requests (port 4001)