Assigning multiple interfaces for Oracle API Gateway (OAG)

We are deploying Oracle API Gateway to throttle our incoming API requests. We would like to keep the incoming external API requests separate from the internal configuration management so that they go through different interfaces when accessing the OAG server. This is mainly for security reasons so that the external people won’t have access to the interface used by internal operations team to manage OAG. Based on your experience, is there any standard best practice to accomplish this? We were thinking to perhaps use two of the server’s network interfaces with different IPs, one for the incoming API requests and the other for the internal admin management of OAG. But not sure if this is the best way to do what we need. We are aware of OAG's capability to support two separate ports to handle this situation, but would like a more secure set-up that could completely eliminate external access to the OAG management done by the IT team.
Would appreciate any thoughts on best practices used regarding multiple interfaces for OAG set-up. Thank you. Oracle Marketing Cloud.

You are on the right track.
Here is how you can achieve this:
You can use multiple network interfaces on the UNIX machine and setup networking/routing in such a way that all external traffic comes on on one card and is routed internally via a different card.
Segregate difference types of services (i.e to be used by external clients vs internal apps) into difference different "Service Groups". Have each of these service groups listen on different port + NIC card (under Listeners, you can define a port to list to list on a specific network address and port instead of *).
Setup additional protection for services that will be accessed by external clients. Use "Threatening Content " filter to protect your services.
Setup 2 way SSL for the interface that will be called by external clients. Setup a DN based authorization check if you want to have both authentication and authorization.
Hope this helps.
-Thanks,
Ankit Kumar

Similar Messages

  • OEG/Oracle API gateway vs OSB

    I see most of the capabilities which an enterprise bus offers can also be implemented in OEG or Oracle API gateway. I understand that OEG is a gateway and is meant to be used as first layer of defense for security. However, in terms of features and  capabilities OEG has almost all the features that a enterprise bus like OSB provides.
    OEG provides Monitoring capabilities -> SLA alerts, logging of payloads for auditing
                           Routing, transformations, and protocol conversions like accepting Rest messages and converting to SOAP and call soap services.
    expect the features like dynamic routing, split join I see almost all features including throttling and caching are available in OEG.
    Can some one tell me if it is a correct decision to use OEG instead of using service bus for implementing the interfaces.

    I was having the same same knowledge the one that you supplied. We have set-up the API gateway with bundled server.
    But I was working with Oracle support on one of the other issue and Support engineer informed me when you deploy the services you can select the WebLogic server instance like Gateway server instance. This was confusing so I open the Oracle ticket and post the question in forum.
    I know we can integrate the OAG with WebLogic but installing the Gateway product on WeblOgic JVM process was my doubt.

  • Can we have multiple policies for the same gateway?

    Hi all,
    Is there a way in which we can have multiple policies for the default gateway?
    When I try adding a new gateway (which is not mentioned in the installer.properties file) and have policies, there is a 404 error.
    When I add another service to the same gateway, I get an error - that the service could not be added to default policy.
    Help me please...
    My need is as follows
    Want to have multiple policies, so that each of the web-service can be attached to same. The relation needs to be one-to-many. One policy can have multiple web-services.
    Thanks in advance...

    Its not possible for the same development object. Only 1 person can access an object at a time and if mutiple users modify an object new TASKs are created under the same TRANSPORT.
    Only after releasing the tr you can create a new tr on the same object.
    Message was edited by:
            Abhishek Jolly

  • A GRAPHIC INTERFACE FOR ORACLE ???

    hi,
    i have not found a graphic interface for oracle 8 for linux, in
    the "K" applications, but i bought applixware and with applixdata
    i don't find how to connect to oracle, please help me. or by
    staroffice, i know that's possible via ODBC.
    thanks to answer me.
    null

    alexandre de Vendeuvre (guest) wrote:
    : hi,
    : i have not found a graphic interface for oracle 8 for linux, in
    : the "K" applications, but i bought applixware and with
    applixdata
    : i don't find how to connect to oracle, please help me. or by
    : staroffice, i know that's possible via ODBC.
    : thanks to answer me.
    have you find an answer, it is really working with staroffice?!
    Please, hit an answer,
    ThanX.
    null

  • NWADMIN GW snapins for the API Gateway, One more Time?

    Hi folks,
    Find myself in need of these. Looks like Tommy is on vacation. Can
    someone send them over?
    Thanks.
    Jim
    [email protected]

    Originally Posted by Gert
    FYI
    http://gwcheck.biz/download/nwadmin/gw55sp5snapins.zip
    Gert
    GWCheck.com
    Great GroupWise stuff at www.GWWare.com
    "...regardless of what you play,
    the biggest thing is keeping the feel going ..." - Wes Montgomery
    >>> Jim Huddle<[email protected]> 11-8-2007 3:23 >>>
    On Sat, 11 Aug 2007 00:59:06 GMT, Jim Huddle <[email protected]> wrote:
    >Hi folks,
    >
    >Find myself in need of these. Looks like Tommy is on vacation. Can
    >someone send them over?
    >
    >Thanks.
    >
    >Jim
    >
    >[email protected]
    Found that Tommy had posted them here:
    Cool Solutions: GroupWise Snapins for the API Gateway
    Guys, the GW55SP5SNAPINS.zip are the correct ones to use, not the ones on Coolsolutions 19293.html. Download the zip, expand it and then copy expanded files in the root of the \public\win32 directory.
    Regards,
    PaulS.

  • Need help for learning how to develop interfaces for Oracle R12 EBS

    Hi all,
    I need to learn how to create interfaces in PL/SQL for Oracle R12 EBS Financials. I cannot find a good starting point for the documentation and examples to help me get started in this area. Would appreciate tips
    for this area.

    Hi,
    What kind of interfaces you are planning to develop?
    Oracle already provides list of APIs that can be used (in R12, it is responsibility).
    Oracle Integration Repository Documentation Resources Release 12 [ID 396116.1]
    Oracle Integration Repository
    http://irep.oracle.com/index.html
    If those APIs do not satisfy your requirements, you can refer to "Oracle Applications Developer" guide as well as SQL-PL/SQL guides.
    Applications Releases 11i and 12
    http://www.oracle.com/technetwork/documentation/applications-167706.html
    Database Documentation -- SQL-PL/SQL
    http://www.oracle.com/technetwork/database/enterprise-edition/documentation/index.html
    Thanks,
    Hussein

  • How to use multiple Interfaces for the same BS?

    Hi @ ,
    Is it possible to have a scenarion where i am using multiple interfaces in the same BS based upon some conditional field in the message.
    I amnot able to get the solution I know with condition editor I can have multiple receivers but in my scenarion based upon message fiels i have to decide which BAPI to be used and wht mapping and then post it to the same System
    Any help will be highly rewarded
    Regards

    Hi-
    Yes it is possible you can use multimapping for mapping the interfaces.
    To know more about multimapping see
    http://help.sap.com/saphelp_nw04/helpdata/en/21/6faf35c2d74295a3cb97f6f3ccf43c/content.htm
    Some more helpful links
    /people/jin.shin/blog/2006/02/07/multi-mapping-without-bpm--yes-it146s-possible

  • Multiple approval for Oracle eAM Work request

    Can anyone confirm Oracle has standard functionality of sequentinal apprvoal process for eAM Work request.
    Our current Oracle eAM project has requirement of multiple approver for Work request. Multiple approver means sequential approval process. After first approver approves it should go to second approval and continues.
    I know Oracle eAM Work order has sequential approval process, but i want to know the same funcionality available for Oracle eAM work request as well. If Oracle has the functionality please provide the details.
    We are using Oracle R12 version.

    Hi;
    I suggest close your issue here as answered than move your issue Oracle Discussion Forums » E-Business Suite Archived Forums » SCM - Asset Lifecycle Management (ALM) which you can get more quick response
    Regard
    Helios

  • Interface for Oracle 9i

    I have an Oracle9i database with client’s information that I’d like to design an interface for and give access to the clients to login and see their preferences, see what's the status of their services and so on.
    What’s the best way to go by this? I have experience in ASP, .Net and PHP.
    Thank you,
    Lawk Salih
    www.lawksalih.com

    Before invoke to OEM ( Oracle Enterprise Manager ) as is is described above. You have to do this:
    1.- To login as root in a console
    2.- apply this: xhost +127.0.0.1
    3.- su - oracle
    4.- apply this: xhost +127.0.0.1
    5.- oemapp console
    Joel Pérez
    http://otn.oracle.com/experts

  • Configuring BRI interface for Voice ( MGCP gateway

    hi there,
    i have a Call Manager which is connect to Cisco 2800 series acting as MGCP getway. ISDN connection between the 2800 and the carrier ( telestra sydney ). the call manager is seeing the gateway and i have configured a numbering plan on the call manager for the phones. the phones can call internally but externally i dont what configuration i should configure under the BRI interface for the carrier ( telestra ) to recongnise my number plan. please if you have any demo configuration or configuration that has perviously used post to me.

    this is a basic MGCP config on the Gateway on your area
    BRI Switchtype Information
    BRIs in Australia require no service profile identifiers (SPIDs).
    There are two ISDN switch-types that can be used:
    basic-net3?Currently the most commonly used.
    basic-ts013?For older ISDN switches such as MicroLink.
    isdn switch-type basic-net3 or 5
    voice-card 2
    dspfarm
    dsp services dspfarm
    controller T1 2/0
    description T1 link to SRST
    framing esf !--- Automatic method automatically adds
    clock source internal
    linecode b8zs !--- Automatic method automatically adds
    cablelength short 133
    pri-group timeslots 1-2,24 service mgcp !--- Automatic method
    !--- automatically adds 24 channels.
    !---You can manually edit channels.
    description T1 link to SRST
    interface Serial2/0:23
    no ip address
    isdn switch-type primary-ni !--- Automatic method automatically adds
    isdn protocol-emulate network !--- Simulated Lab ISDN
    isdn bind-l3 ccm-manager !--- Allows all Q931 to be backhauled over TCP to
    !--- CallManager; automatic method automatically adds
    no cdp enable !--- Automatic method automatically adds
    ccm-manager mgcp
    ccm-manager music-on-hold
    ccm-manager config server 171.69.103.225
    ccm-manager config !--- Enables automatic config download from CallManager
    !--- Automatic method automatically adds these commands
    mgcp
    mgcp call-agent 171.69.103.225 2427 service-type mgcp version 0.1
    mgcp dtmf-relay voip codec all mode out-of-band
    mgcp rtp unreachable timeout 1000 action notify
    mgcp modem passthrough voip mode nse
    mgcp package-capability rtp-package
    mgcp package-capability sst-package
    no mgcp package-capability fxr-package
    mgcp package-capability pre-package
    no mgcp timer receive-rtcp
    mgcp sdp simple
    mgcp fax t38 inhibit
    mgcp rtp payload-type g726r16 static
    mgcp profile default

  • [solved] Arch linux access point with multiple interfaces for the NAT

    Hi, I have a router running Arch linux. It is connected via LAN (let's call it eth0) to the internet. It has a second LAN interface, eth1, and a wireless interface in master mode, wlan0.
    Now, Everything works perfectly except providing network connectivity on eth1 and wlan0 simultaneously. I followed the guide in the "Internet share" wiki article and use dnsmasq/hostapd for the AP. It appears as if all traffic from the router is sent to the wlan0 interface, even if it came in through eth1 (for example, dhcp requests). I cannot really find information how to solve this. The words "bonding" and "iptables" are floating around, but there is not really an easy to understand tutorial for this.
    What do I need to do to use both the eth1 and wlan0 interface (for different clients!) on my router?
    Best regards, and thank you in advance
    Jan Oliver
    /e: This seems to be my problem: http://www.novell.com/support/kb/doc.php?id=7000318 How do I solve this using the usual iptables? (The way described in the article doesn't work: "RTNETLINK answers: No such process" errors.)
    Last edited by janoliver (2013-09-25 22:24:53)

    Or you could bridge eth1 and wlan0, and make dnsmasq bind/listen on that bridge...

  • COM interface for Oracle JMS MOM????

    Hello all,
    Can anyone point me to resources or any information
    of how to implement or access Oracle Java Message
    Service MOM from COM???
    Any help greatly appreciated,
    Best Regards,
    Giovanni

    Hi Giovanni,
    First off, I have very little knowledge of COM but I'll do my best to answer your question.
    There are a couple potential solutions that come to mind depending on what you're trying to do.
    1) If you can access a JVM from a COM application then you should be able to access OJMS. There is no "adapter" for
    integrating COM and OJMS.
    2) OJMS is just one of a handful of API's for accessing Oracle Advanced Queuing. If all you need to do is access AQ then you
    could use the Visual Basic interface. See Chapter 3 in the following document; http://otn.oracle.com/docs/products/oracle9i/doc_library/release2/appdev.920/a96587.pdf
    Hope this helps...
    John

  • SQL Interface for Oracle in Windows 64 bit

    Hi there,
    Is there anyone ever trying to upload data from oracle (relational sql) to the essbase on Windows 64 bit platform ? I've read the documentation about setting SQL Interface by using the ODBC Connection ( using DataDirect Library ), but it seems that I can not see the DataDirect lib in the ODBC Control Panel (64bit), but it is installed in the 32 bit ODBC (odbcad32.exe).
    However when I try to add new connection using MERANT OEM 5.2 64-BIT Oracle ODBC driver (DataDirect lib), it raise error : "the setup routines for the MERANT OEM 5.2 64-BIT Oracle ODBC driver could not be loaded due to system error code 193"..
    please advice any one.... thanks

    I got it to work!!!
    The reg setting that is provided is for the wrong version of the dll. Notice the 5.1 and then you only have 5.2 directories.
    The files in the reg are also wrong they are for the example below. arora21.dll (stated) vs arora22.dll (one's provided)
    Some easy tweaks.
    I modified the reg with the following and presto. It worked!! To make it better you can change the OEM 5.1 to OEM 5.2.. Good luck
    echo off
    IF DEFINED HYPERION_HOME (
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol"
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v APILevel /t REG_SZ /d 1
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v ConnectFunctions /t REG_SZ /d YYY
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v CPTimeout /t REG_SZ /d 60
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v Driver /t REG_SZ /d %HYPERION_HOME%\Common\ODBC-AMD64\Merant\5.2\Drivers\arora22.dll
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v DriverODBCVer /t REG_SZ /d 3.52
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v FileUsage /t REG_SZ /d 0
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v HelpRootDirectory /t REG_SZ /d %HYPERION_HOME%\Common\ODBC-AMD64\Merant\5.2\help
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v Setup /t REG_SZ /d %HYPERION_HOME%\Common\ODBC-AMD64\Merant\5.2\Drivers\arora22.dll
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v SQLLevel /t REG_SZ /d 1
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /v UsageCount /t REG_SZ /d 1
    REG ADD "HKLM\SOFTWARE\ODBC\ODBCINST.INI\ODBC Drivers" /v "MERANT OEM 5.1 64-BIT Oracle Wire Protocol" /t REG_SZ /d Installed
    ) ELSE (
    echo "Environment variable HYPERION_HOME must be first defined to run script."
    Edited by: user652102 on Aug 23, 2008 11:37 AM

  • WLC 5508 Multiple Interfaces for Multiple SSIDs

    Hello guys,
    I am trying to build a new network from scratch, I have the WLC 5508 w/ Aironet 3600e APs connected to my Netgear Smart Switches and a Linksys RV082 router that I'm using as my DHCP server with several VLANs for several stuff on my Switches.
    I have 2 questions:
    1. Can I have 5 Interfaces configured on 5 different VLANs, each SSID on each a different Port:
    Port 1: Controller management only=> 192.168.x.x /24
    Port 2: SSID 1: WiFi Internal=> 172.16.x.x/12 (Radius Auth with no sharing)
    Port 3: SSID 2: WiFi Internal w/ sharing=> 192.168.x.x/24 (Radius Auth with sharing)
    Port 4 :SSID 3: WiFi Guest=> 10.0.x.x/8 (Web Auth)
    Port 5: SSID 4: WiFi IT=> 192.168.x.x/24 ( Radius or certificate Auth with access to the controller management interface)
    2. How can I use the Controller as the DHCP server for all the WiFi traffic, and how should that be configured to work with my other DHCP server?

    Yes you can... but you have to disable LAG.  Each post will need to be connected to a dot1q trunk and you will only allow the vlan that is required for that port.  Also on the interface, you will define what port is primary and what is backup.  I'm guessing you will not be using the backup port.  For example... port 1 that connects to a trunk port will only allow the management vlan.  Here is a link to setup dhcp on the WLC
    http://www.cisco.com/en/US/products/ps6366/products_tech_note09186a0080af5d13.shtml
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • Oracle C Interface for Oracle XE beta

    Hi All,
    I'm not entirely sure if this is the proper place to post this, but I'll give it a go anyway.
    I've managed to install the Oracle XE database on my Linux box, which was fairly simple and painless (Kudos to Todd). Now, I've managed to define a user, a table, the proper privileges and the proper connections I need.
    Now, I would like to connect from my application into the XE via a C/C++ interface. I've downloaded the Programmers Guide (all 1570 pages of it) - I got a serious headache from it.
    Can anyone please point me in a direction where I can find information about utilizing OCI in a productive manner, preferably with some sample code that an "Oracle" newbie can figure out?
    Regards,
    Nir Simionovich

    preferably with some sample code that an "Oracle" newbie
    can figure out?You can find a few OCI sample programs here:
    http://www.oracle.com/technology/sample_code/tech/oci/index.html
    If you are writing a C++ application, use OCCI which is the C++ interface.
    http://www.oracle.com/technology/tech/oci/occi/index.html
    OCCI sample programs are here:
    http://www.oracle.com/technology/sample_code/tech/occi/index.html
    Rgds.
    Amogh

Maybe you are looking for