4.1 Feature Comparison of Different Types of Access Gateways

Access Manager includes the Access Gateway Appliance and Access Gateway Service. The Access Gateway Appliance installs its own embedded Linux operating system. Whereas, the Access Gateway Service runs on top of an existing installation of a Linux or Windows operating system. Both types of gateways support similar functionalities, but they differ slightly in the way some of these features are supported. For example, both can be configured for the following features:

Protecting Web resources with contracts, Authorization, Form Fill, and Identity Injection policies.
Providing fault tolerance by clustering multiple gateways of the same type.
Providing fault tolerance by grouping multiple Web servers, so that if one Web server goes down, the content can be retrieved from another server in the group.
Rewriting URLs so that the names and IP addresses of the Web servers are hidden from the users making requests.
Generating alert, audit, and logging events with notify options.

Most differences between Access Gateway Appliance and Access Gateway Service result from the differences required for an appliance and for a service. An appliance can know, control, and configure many features of the operating system. A service that runs on top of an operating system can query the operating system for some information, but it cannot configure or control the operating system. For the service, operating system utilities must be used to configure system parameters and hardware. For the appliance, the operating system features that are important to the appliance, such as time, DNS servers, gateways, and network interface cards, can be configured in the Administration Console.

This table describes the differences between Access Gateway Appliance and Access Gateway Service. Only your network and Web server configurations can determine whether the differences are significant.

Table 4-1 Differences between Access Gateway Appliance and Access Gateway Service:

Feature	Access Gateway Appliance	Access Gateway Service
Platform support	SLES 11 SP4 only	SLES 11 SP4 SLES 12 SP1 Red Hat Enterprise Linux 6.8 Red Hat Enterprise Linux 7.2 Windows 2012 R2
Network configuration DNS servers Gateways Network interface cards Host names	Configurable from the Administration Console. By default after the installation, only one network interface card will be displayed in the Administration Console. To detect other network interface card, do the following: Configure a primary IP Address in YaST for the remaining interfaces. Click Devices > Access Gateways > Select the device > New IP > click OK.	Configurable with standard operating system utilities.
Date and time	Configurable from the Administration Console.	Configurable with standard operating system utilities.
Cache directory	Uses Apache-caching. The cached files are stored in clear text. The operating system must be configured to protect this directory. For more information about the Apache model, see “Caching Guide”.	Uses filesystem provided by Apache mod_cache module. For more information about the Apache model, see “Caching Guide”.