fixed daigram

Author: jjaygbay

articles/virtual-machines/workloads/oracle/media/oracle-database-architecture/on-premises-network-external-users.png

@@ -16,7 +16,7 @@ ms.author: jacobjaygbay
 
 Microsoft and Oracle have worked together to enable customers to deploy Oracle applications such as Oracle E-Business Suite, JD Edwards EnterpriseOne, and PeopleSoft in the cloud. With the introduction of the preview [private network interconnectivity](configure-azure-oci-networking.md) between Microsoft Azure and Oracle Cloud Infrastructure (OCI), Oracle applications can now be deployed on Azure with their back-end databases in Azure or OCI. Oracle applications can also be integrated with Azure Active Directory, allowing you to set up single sign-on so that users can sign into the Oracle application using their Azure Active Directory (Azure AD) credentials.
 
-OCI offers multiple Oracle database options for Oracle applications, including DBaaS, Exadata Cloud Service, Oracle RAC, and Infrastructure-as-a-Service (IaaS). Currently, Autonomous Database is not a supported back-end for Oracle applications.
+OCI offers multiple Oracle database options for Oracle applications, including DBaaS, Exadata Cloud Service, Oracle RAC, and Infrastructure-as-a-Service (IaaS). Currently, Autonomous Database isn't a supported back-end for Oracle applications.
 
 There are [multiple options](oracle-overview.md) for deploying Oracle applications in Azure, including in a highly available and secure manner. Azure also offers [Oracle database VM images](oracle-vm-solutions.md) that you can deploy if you choose to run your Oracle applications entirely on Azure.
 
@@ -28,7 +28,7 @@ Oracle applications are made up of multiple services, which can be hosted on the
 
 Application instances can be set up with private or public endpoints. Microsoft and Oracle recommend setting up a *bastion host VM* with a public IP address in a separate subnet for management of the application. Then, assign only private IP addresses to the other machines, including the database tier. 
 
-When setting up an application in a cross-cloud architecture, planning is required to ensure that the IP address space in the Azure virtual network does not overlap the private IP address space in the OCI virtual cloud network.
+When setting up an application in a cross-cloud architecture, planning is required to ensure that the IP address space in the Azure virtual network doesn't overlap the private IP address space in the OCI virtual cloud network.
 
 For added security, set up network security groups at a subnet level to ensure only traffic on specific ports and IP addresses is permitted. For example, machines in the middle tier should only receive traffic from within the virtual network. No external traffic should reach the middle tier machines directly.
 
@@ -44,7 +44,7 @@ Oracle E-Business Suite (EBS) is a suite of applications including Supply Chain
 
 *Figure 1: E-Business Suite cross-cloud architecture* 
 
-In this architecture, the virtual network in Azure is connected to a virtual cloud network in OCI using the cross-cloud interconnect. The application tier is set up in Azure, whereas the database is set up in OCI. It is recommended to deploy each component to its own subnet with network security groups to allow traffic only from specific subnets on specific ports.
+In this architecture, the virtual network in Azure is connected to a virtual cloud network in OCI using the cross-cloud interconnect. The application tier is set up in Azure, whereas the database is set up in OCI. It's recommended to deploy each component to its own subnet with network security groups to allow traffic only from specific subnets on specific ports.
 
 The architecture can also be adapted for deployment entirely on Azure with highly available Oracle databases configured using Oracle Data Guard in two availability zones in a region. The following diagram (Figure 2) is an example of this architectural pattern:
 
@@ -66,24 +66,24 @@ An Azure load balancer allows you to distribute traffic across multiple instance
 
 ### Database tier
 
-This tier hosts the Oracle database and is separated into its own subnet. It is recommended to add network security groups that only permit traffic from the application tier to the database tier on the Oracle-specific database port 1521.
+This tier hosts the Oracle database and is separated into its own subnet. It's recommended to add network security groups that only permit traffic from the application tier to the database tier on the Oracle-specific database port 1521.
 
-Microsoft and Oracle recommend a high availability setup. High availability in Azure can be achieved by setting up two Oracle databases in two availability zones with Oracle Data Guard, or by using Oracle Database Exadata Cloud Service in OCI. When using Oracle Database Exadata Cloud Service, your database is deployed in two subnets. You may also setup Oracle Database in VMs in OCI in two availability domains with Oracle Data Guard.
+Microsoft and Oracle recommend a high availability setup. High availability in Azure can be achieved by setting up two Oracle databases in two availability zones with Oracle Data Guard, or by using Oracle Database Exadata Cloud Service in OCI. When using Oracle Database Exadata Cloud Service, your database is deployed in two subnets. You may also set up Oracle Database in VMs in OCI in two availability domains with Oracle Data Guard.
 
 
 ### Identity tier
 
-The identity tier contains the EBS Asserter VM. EBS Asserter allows you to synchronize identities from Oracle Identity Cloud Service (IDCS) and Azure AD. The EBS Asserter is needed because EBS does not support single sign-on protocols like SAML 2.0 or OpenID Connect. The EBS Asserter consumes the OpenID connect token (generated by IDCS), validates it, and then creates a session for the user in EBS. 
+The identity tier contains the EBS Asserter VM. EBS Asserter allows you to synchronize identities from Oracle Identity Cloud Service (IDCS) and Azure AD. The EBS Asserter is needed because EBS doesn't support single sign-on protocols like SAML 2.0 or OpenID Connect. The EBS Asserter consumes the OpenID connect token (generated by IDCS), validates it, and then creates a session for the user in EBS. 
 
 While this architecture shows IDCS integration, Azure AD unified access and single sign-on also can be enabled with Oracle Access Manager with Oracle Internet Directory or Oracle Unified Directory. For more information, see the whitepapers on [Deploying Oracle EBS with IDCS Integration](https://www.oracle.com/a/ocom/docs/deploy-ebusiness-suite-across-oci-azure-sso-idcs.pdf) or [Deploying Oracle EBS with OAM Integration](https://www.oracle.com/a/ocom/docs/deploy-ebusiness-suite-across-oci-azure-sso-oam.pdf).
 
-For high availability, it is recommended that you deploy redundant servers of the EBS Asserter across multiple availability zones with a load balancer in front of it.
+For high availability, it's recommended that you deploy redundant servers of the EBS Asserter across multiple availability zones with a load balancer in front of it.
 
-Once your infrastructure is setup, E-Business Suite can be installed by following the installation guide provided by Oracle.
+Once your infrastructure is set up, E-Business Suite can be installed by following the installation guide provided by Oracle.
 
 ## JD Edwards EnterpriseOne
 
-Oracle's JD Edwards EnterpriseOne is an integrated applications suite of comprehensive enterprise resource planning software. It is a multi-tiered application that can be set up with either an Oracle or SQL Server database backend. This section discusses details on deploying JD Edwards EnterpriseOne with an Oracle database back-end either in OCI or in Azure.
+Oracle's JD Edwards EnterpriseOne is an integrated applications suite of comprehensive enterprise resource planning software. It's a multi-tiered application that can be set up with either an Oracle or SQL Server database backend. This section discusses details on deploying JD Edwards EnterpriseOne with an Oracle database back-end either in OCI or in Azure.
 
 In the following recommended architecture (Figure 3), the administration, presentation, and middle tiers are deployed to the virtual network in Azure. The database is deployed in a virtual cloud network in OCI.
 
@@ -93,7 +93,7 @@ As with E-Business Suite, you can set up an optional bastion tier for secure adm
 
 *Figure 3: JD Edwards EnterpriseOne cross-cloud architecture*
 
-In this architecture, the virtual network in Azure is connected to the virtual cloud network in OCI using the cross-cloud interconnect. The application tier is set up in Azure, whereas the database is set up in OCI. It is recommended to deploy each component to its own subnet with network security groups to allow traffic only from specific subnets on specific ports.
+In this architecture, the virtual network in Azure is connected to the virtual cloud network in OCI using the cross-cloud interconnect. The application tier is set up in Azure, whereas the database is set up in OCI. It's recommended to deploy each component to its own subnet with network security groups to allow traffic only from specific subnets on specific ports.
 
 The architecture can also be adapted for deployment entirely on Azure with highly available Oracle databases configured using Oracle Data Guard in two availability zones in a region. The following diagram (Figure 4) is an example of this architectural pattern:
 
@@ -107,17 +107,17 @@ The following sections describe the different components at a high level.
 
 ### Administrative tier
 
-As the name suggests, this tier is used for administrative tasks. You can carve out a separate subnet for the administrative tier. The services and servers in this tier are primarily used for installation and administration of the application. Hence, single instances of these servers are sufficient. Redundant instances are not required for the high availability of your application.
+As the name suggests, this tier is used for administrative tasks. You can carve out a separate subnet for the administrative tier. The services and servers in this tier are primarily used for installation and administration of the application. Hence, single instances of these servers are sufficient. Redundant instances aren't required for the high availability of your application.
 
 The components of this tier are as follows:
 
  - **Provisioning server** - This server is used for end-to-end deployment of the different components of the application. It communicates with the instances in the other tiers, including the instances in the database tier, over port 22. It hosts the Server Manager Console for JD Edwards EnterpriseOne.
  - **Deployment server** - This server is primarily required for the installation of JD Edwards EnterpriseOne. During the installation process, this server acts as the central repository for required files and installation packages. The software is distributed or deployed to other servers and clients from this server.
- - **Development client** - This server contains components that run in a web browser as well as native applications.
+ - **Development client** - This server contains components that run in a web browser and native applications.
 
 ### Presentation tier
 
-This tier contains various components such as Application Interface Services (AIS), Application Development Framework (ADF), and Java Application Servers (JAS). The servers in this tier communicate with the servers in the middle tier. They are fronted by a load balancer that routes traffic to the necessary server based on the port number and URL that the traffic is received on. It is recommended that you deploy multiple instances of each server type for high availability.
+This tier contains various components such as Application Interface Services (AIS), Application Development Framework (ADF), and Java Application Servers (JAS). The servers in this tier communicate with the servers in the middle tier. They're fronted by a load balancer that routes traffic to the necessary server based on the port number and URL that the traffic is received on. It's recommended that you deploy multiple instances of each server type for high availability.
 
 The following are the components in this tier:
 
@@ -130,7 +130,7 @@ The following are the components in this tier:
 
 ### Middle tier
 
-The middle tier contains the logic server and batch server. In this case, both servers are installed on the same virtual machine. However, for production scenarios, it is recommended that you deploy logic server and batch server on separate servers. Multiple servers are deployed in the middle tier across two availability zones for higher availability. An Azure load balancer should be created and these servers should be placed in its backend pool to ensure that both servers are active and processing requests.
+The middle tier contains the logic server and batch server. In this case, both servers are installed on the same virtual machine. However, for production scenarios, it's recommended that you deploy logic server and batch server on separate servers. Multiple servers are deployed in the middle tier across two availability zones for higher availability. An Azure load balancer should be created and these servers should be placed in its backend pool to ensure that both servers are active and processing requests.
 
 The servers in the middle tier receive requests from the servers in the presentation tier and the public load balancer only. Network security group rules must be set up to deny traffic from any address other than the presentation tier subnet and the load balancer. An NSG rule can also be set up to allow traffic on port 22 from the bastion host for management purposes. You may be able to use the public load balancer to load balance requests between the VMs in the middle tier.
 
@@ -147,15 +147,15 @@ The following two components are in the middle tier:
 
 Oracle's PeopleSoft application suite contains software for human resources and financial management. The application suite is multi-tiered and applications include human resource management systems (HRMS), customer relationship management (CRM), financials and supply chain management (FSCM), and enterprise performance management (EPM).
 
-It is recommended that each tier of the software suite be deployed in its own subnet. An Oracle database or Microsoft SQL Server is required as the backend database for the application. This section discusses details on deploying PeopleSoft with an Oracle database backend.
+It's recommended that each tier of the software suite be deployed in its own subnet. An Oracle database or Microsoft SQL Server is required as the backend database for the application. This section discusses details on deploying PeopleSoft with an Oracle database backend.
 
 The following is a canonical architecture for deploying the PeopleSoft application suite in a cross-cloud architecture (Figure 5).
 
 ![PeopleSoft cross-cloud architecture](media/oracle-oci-applications/peoplesoft-arch-cross-cloud.png)
 
 *Figure 5: PeopleSoft cross-cloud architecture*
 
-In this sample architecture, the virtual network in Azure is connected to the virtual cloud network in OCI using the cross-cloud interconnect. The application tier is set up in Azure, whereas the database is set up in OCI. It is recommended to deploy each component to its own subnet with network security groups to allow traffic only from specific subnets on specific ports.
+In this sample architecture, the virtual network in Azure is connected to the virtual cloud network in OCI using the cross-cloud interconnect. The application tier is set up in Azure, whereas the database is set up in OCI. It's recommended to deploy each component to its own subnet with network security groups to allow traffic only from specific subnets on specific ports.
 
 The architecture can also be adapted for deployment entirely on Azure with highly available Oracle databases configured using Oracle Data Guard in two availability zones in a region. The following diagram (Figure 6) is an example of this architectural pattern:
 
@@ -169,13 +169,13 @@ The following sections describe the different components at a high level.
 
 ### Application tier
 
-The application tier contains instances of the PeopleSoft application servers, PeopleSoft web servers, elastic search, and PeopleSoft Process Scheduler. An Azure load balancer is set up to accept requests from users which are routed to the appropriate server in the application tier.
+The application tier contains instances of the PeopleSoft application servers, PeopleSoft web servers, elastic search, and PeopleSoft Process Scheduler. An Azure load balancer is set up to accept requests from users, which are routed to the appropriate server in the application tier.
 
 For high availability, consider setting up redundant instances of each server in the application tier across different availability zones. The Azure load balancer can be set up with multiple back-end pools to direct each request to the right server.
 
 ### PeopleTools Client
 
-The PeopleTools Client is used to perform administration activities, such as development, migration, and upgrade. Because the PeopleTools Client is not required for achieving high availability of your application, redundant servers of PeopleTools Client are not needed.
+The PeopleTools Client is used to perform administration activities, such as development, migration, and upgrade. Because the PeopleTools Client isn't required for achieving high availability of your application, redundant servers of PeopleTools Client aren't needed.
 
 [!INCLUDE [virtual-machines-oracle-applications-database](../../../../includes/virtual-machines-oracle-applications-database.md)]