• Welcome to the upgraded JDELIST forum and thank you for your patience.
    Please restrict discussions and issues regarding the new forum software to the Off Topic forum. We will be monitoring that forum for issues.
    If you have trouble logging in, please reset your password using the forgotten password form: https://www.jdelist.com/community/index.php?lost-password/
    If you are unable to successfully reset your password, please contact us: Click here!
    We hope that you enjoy the upgraded forum.
  • Introducing Dark Mode! Switch by clicking on the lightbulb icon next to Search or by clicking on Default style at the bottom left of the page!

Network architecture for JDE

moh.h995

Member
Hello There,

We had done migration from Sunsolaris to Oracle Linux servers based, as well with upgrading tools release (9.1.5 to 9.2.3.5), which we had new network components as well. Right now all of our new servers (DB, E1, Web, DEP and OVR) in one Vlan (ERP Vlan) which is having separate switches and separate as well from other servers (DC, Exchange..etc), and we have published only Web server through the firewall for End-users. My question is, Does this situation is good for now? or we should modify again and keep each server of the ERP components in different vlan, like DB in vlan 11, E1 in 12...etc which we need to work on ports things as well.


Regards
 

altquark

Legendary Poster
All of the JDE servers should stay in the same VLAN if possible to reduce latency and ensure performance.
 

shearerj

Reputable Poster
Oracle has published a nice architecture to cover the layout of VLAN's and firewalls for JDE on OCI. The concepts should be directly applicable to an on-premise or other cloud based configuration.

https://docs.oracle.com/en/solution...tml#GUID-02AF6D3A-EC4C-4E73-8F07-9FED516A87EC

Whether you should implement this configuration or not depends on your risk tolerance and internal capabilities to manage this fairly complicated solution. It is a pretty tightly locked down layout, but still allows JDENET traffic to traverse the on-premise network which I consider a significant hole since you cannot otherwise secure BSFN's launched from JDENET.
 
Top