I am wondering if I really need to allocate resources to the Gateway
portion of Access Manager, if we aren't using anything that takes
advantage of its purpose?

We are only using AM as a connection point for Box via SAML, so the
Gateway portion is taken care of by Box servers. After setting up our
DEV environment, we were trying to figure out how network traffic was
handled with this system (for security purposes), so we watched the
network with Wireshark (and other tools), and we noticed that nothing
actually ever communicated with or touched the Gateway. We also realized
that we will need to move the Identity Server to our DMZ zone, which has
limited rack space. If we have to keep the Gateway portion for some
unknown reason, then we will have to find more space in the DMZ for that
hardware as well, and that will be a big pain for everyone involved.

If we aren't specifically using the Gateway portion for anything, can we
simply not set it up? Are there any system dependencies which require it
to be there whether we use it for anything specific or not?

The documentation shows that we install the Gateway last, so it would
appear the dependency goes the other way, which would indicate that we
may not need it unless we need its specific functionality, but I would
like clarification if anyone has specific knowledge. Thanks.

clarabel's Profile: https://forums.netiq.com/member.php?userid=8740
View this thread: https://forums.netiq.com/showthread.php?t=53913