Oracle Managed File Transfer (MFT) is a high-performance, standards-based, end-to-end managed file gateway. It enables the design, deployment, and monitoring of file transfers through a lightweight web-based design-time console. The MFT console includes transfer priority, file encryption, scheduling, and embedded FTP and SFTP servers. This reference architecture illustrates a multi-node cluster configuration for Oracle MFT deployed on Oracle Cloud Infrastructure (OCI) using a Marketplace image of Oracle SOA MFT.
This architecture illustrates a cluster configuration for deploying Oracle Managed File Transfer using Oracle Cloud Marketplace in an Oracle Cloud Infrastructure region. The following diagram illustrates this reference architecture. This kind of text is concise and clear, and also incorporates professional descriptions for keywords such as cloud service platform and cloud server, which helps to quickly attract readers who are interested in enterprise cloud solutions, especially those small and medium-sized enterprise customers who are concerned about cloud server purchase, lease or enterprise cloud migration. By showcasing the benefits and architecture of Oracle MFT, the article also hints at the benefits that enterprises can gain by adopting this solution, such as going global or expanding their cloud business. 
The schema consists of the following components:GeographyAn Oracle Cloud Infrastructure geography is a geographic region that contains one or more data centers, called availability domains. Each region is independent and independent of the others, and they may be far apart (across countries or even continents). Availability domainsAn availability domain is a separate, self-contained data center within a geography. The physical resources within each availability domain are isolated from the resources in the other availability domains, which provides fault tolerance. Availability domains don't share infrastructure, such as power or cooling systems, or internal availability domain networks. As a result, a failure of one availability domain is unlikely to affect other availability domains within that region. Virtual Cloud Networks (VCNs) and SubnetsA VCN is a customizable, software-defined network that you set up in an Oracle Cloud Infrastructure region. Just like a traditional data center network, a VCN gives you complete control over your network environment. A VCN can have multiple non-overlapping CIDR blocks, which you can change after the VCN is created. You can divide your VCN into subnets, which can be planned for geography or availability domains. Each subnet consists of contiguous address ranges that do not overlap with other subnets in the VCN. You can change the size of the subnet after it has been created. Subnets can be public or private. Routing tablesThe virtual routing table contains rules for routing subnet traffic to destinations outside of the VCN, typically through a gateway. Safe listsFor each subnet, you can create security rules that specify the traffic, destination, and type of traffic that must be allowed in and out of the subnet. Internet gatewaysAn Internet gateway allows traffic between a public subnet and the public internet in a VCN. Bastion hostA bastion host is a compute instance that serves as a secure, controlled entry point into the topology from outside the cloud. Bastion hosts are typically configured in the Demilitarized Zone (DMZ). It enables you to protect sensitive resources by placing them in a private network that is not directly accessible from outside the cloud. The topology has a single, known entry point that you can monitor and audit on a regular basis. As a result, you can avoid exposing more sensitive parts of your topology without compromising access to them. Load balancingdeviceOracle Cloud Infrastructure Load Balancing provides automated traffic distribution from a single point of entry to multiple servers on the back end. MFT clusterOracle MFT enables secure file exchange and management between the cloud and SaaS or on-premises enterprise applications. Oracle Cloud provides the necessary cloud platform and infrastructure to deploy an MFT environment. Together, they protect unintentional access to unencrypted files during end-to-end file transfers. Autonomous DatabaseOracle Cloud Infrastructure Autonomous Database is a fully managed, preconfigured database environment that you can use for transactional and data warehouse workloads. You don't need to configure or manage any hardware, and you don't need to install any software. Oracle Cloud Infrastructure is responsible for creating the database, as well as backing up, patching, upgrading, and tuning the database. RecommendedWhen you deploy an MFT multi-node cluster on OCI Marketplace, the following recommendations can be used as a starting point. Your needs may differ from the architecture described here. vcnWhen you create a VCN, determine the number of CIDR blocks you need and the size of each block based on the number of resources you plan to attach to the VCN subnet. CIDR blocks within a standard private IP address space are used.
Select a CIDR block that does not overlap with any other networks (on Oracle Cloud Infrastructure, your on-premises data center, or another cloud provider) that you intend to set up a private connection to.
Once the VCN is created, you can change, add, and remove its CIDR blocks.
When designing your subnets, consider where your traffic is going and your security needs. Attach all resources within a specific tier or role to the same subnet, which can act as a security boundary.
Network Security Group (NSGS).You can use NSGS to define a set of inbound and outbound rules that apply to a specific VNIC. We recommend using NSGS instead of security lists because NSGS enables you to separate the subnet architecture of your VCN from the security needs of your application. Safe areaFor resources that require maximum security, Oracle recommends that you use security zones. A security zone is a compartment associated with an oracle-defined security policy recipe based on best practices. For example, resources in a secure zone must not be accessible from the public internet and must be encrypted with a customer-managed key. When resources are created and updated within a security zone, Oracle Cloud Infrastructure validates the operation against the policies in the security zone recipe and rejects any policy violations. cloud guardClone and customize the default recipes provided by Oracle to create custom detector and responder recipes. These recipes enable you to specify what types of security violations generate warnings and what actions are allowed to be taken on them. For example, you might want to detect an Object Storage bucket that has visibility set to public. Apply Cloud Guard at the tenant level to cover the widest reach and reduce the administrative burden of maintaining multiple configurations. You can also use the managed list feature to apply certain configurations to detectors. Considerations:When deploying an MFT multi-node cluster on OCI Marketplace, consider the following factors:ScalabilityApplication layer: You can vertically scale your application server by changing the shape of your compute instances. The higher core-count shape also provides more memory and network bandwidth. If you need more storage, increase the size of the block storage attached to the application server.
Database tier: You can scale your database vertically by enabling additional cores for your database. Both core and storage can be scaled with no downtime.
Resource constraintsConsider best practices, service limits, and compartment quotas for your tenants. SafetyUse Oracle Cloud Infrastructure Identity and Access Management (IAM) policies to control who can access your cloud resources and what actions can be performed.
Consider using Oracle Cloud Infrastructure Vault Service to protect database passwords or any other secrets.
Performance and costOracle Cloud Infrastructure provides compute shapes for a wide range of applications and use cases. Choose the shape of your compute instance carefully. Choose a shape that will provide the best performance for your load at the lowest cost. If you need more performance, memory, or network bandwidth, you can swap out for a larger form factor. AvailabilityDepending on your deployment needs and region, consider using a high-availability option. Options include distributing resources across multiple availability domains within a region, and distributing resources across fault domains within an availability domain. Fault domains provide optimal resiliency for workloads deployed within a single availability domain. For high availability at the application layer, configure MFT's multi-node cluster, where each hosted MFT server is distributed in a different availability domain within the region, and use a load balancer to distribute client traffic to the application server. Monitoring and alertingSet up monitoring and alerts for CPU and memory usage to scale shape up or down as needed. Database policyWhen the service type is MFT Cluster and the database policy is Autonomous Transaction Processing Database, the profile store is mandatory for the MFT cluster service type on the Autonomous Transaction Processing (ATP) database. As an Oracle Premier Partner, Agilewing is redefining the way enterprises experience Oracle Cloud Services. With its streamlined account opening process and best-in-class technical support, Agilewing transforms the complex process of account opening and operation into an easy, intuitive experience. With our one-stop shop, you can quickly get up and running with the full range of Oracle Cloud services, so you can seamlessly integrate into the cloud. Agilewing's AgileCDN service, combined with OCI's cloud-based services, provides a best-in-class global content acceleration solution. A strong network of more than 2,800 global POP nodes and 7,000 direct connection points ensures efficient and stable operation no matter where your business expands to the world. Leveraging the advanced technology of Oracle Cloud, Agilewing is committed to simplifying the process of cloud service building, cloud migration, and business going global. "Our partnership model provides customers with cost-effective solutions that allow them to focus more on their core business while enjoying the high performance and security of Oracle Cloud." Oracle Cloud Service, as a promising field, opens the door to new opportunities for enterprises with its high performance, security, and globally consistent service standards. Through Agilewing's professional services, both individual users and enterprises can easily enter this new era full of technological innovation and high performance. Let Agilewing start exploring Oracle Cloud Services and open the door to a whole new world today.