2309 sap enterprise architecture in the era of sap hana, infrastructure, platforms, software and everything-as-a-service
1. SAP Enterprise Architecture in the Era of
SAP HANA, Infrastructure, Platforms,
Software and Everything-as-a-Service
Chuck Kichler (kichler@us.ibm.com)
2. – How to consume the on-premise vs. off-
premise SAP applications
– How to use private, hosted, and public cloud
successfully with SAP
– Hear seven key learnings to make your
LEARNING POINTS
– Hear seven key learnings to make your
company successful with SAP non-cloud and
cloud applications
3. We started with client/server
R/3
APP APP APP APP
• I need 200 GB of storage
• 512 MB of RAM
• The errors are all in German
• I need Internet access to
download the fixes
• You have to have a TCP/IP
network for your PC (no twin-ax)
R/3 R/3
DB DB
network for your PC (no twin-ax)
4. And then it exploded!
Applications
mySAP ERP Edition 2003
Self-Service Procurement
SAP R/3 Enterprise
SAP Enterprise Extension Set
Strategic Enterprise Mgmt
Internet Sales
Self Services
Industry Solutions
Additional Components
SAP R/3
SAP Enterprise
Extension Set
SAP R/3 Enterprise
mySAP ERP Edition 2004
Composite Applications
SAP ECC Extension Set
Additional Components
Self-Service Procurement
Internet Sales
SAP ERP Central Component 5.00
Self-Services (ESS/MSS)
SEM
mySAP ERP Edition 2004s
Composite Applications
SAP ECC
Additional Components
Self-Service Procurement
Internet Sales
SAP ERP Central Component 6.00
SRM
Enhanced Self-Services (ESS/MSS)
SEM
SAP ECC 6.0 Core
BANG!
Technology
SAP R/3 Enterprise Core
SAP Enterprise Extension Set
SAP NetWeaver™
CompositeApplicationFramework
APPLICATION PLATFORM
LifeCycleMgmt
PEOPLE INTEGRATION
Multi Channel Access
Portal Collaboration
INFORMATION INTEGRATION
Master Data Mgmt
Bus. Intelligence Knowledge Mgmt
PROCESS INTEGRATION
Integration
Broker
Business
Process Mgmt
J2EE ABAP
DB and OS Abstraction
SAP Basis
SAP R/3
up to 4.6C
Application
SAP Web
Application Server
SAP R/3
Enterprise Core
SAP Enterprise
Extension Set
SAP NetWeaver™ ‘04
CompositeApplicationFramework
APPLICATION PLATFORM
LifeCycleMgmt
PEOPLE INTEGRATION
Multi Channel Access
Portal Collaboration
INFORMATION INTEGRATION
Master Data Mgmt
Bus. Intelligence Knowledge Mgmt
PROCESS INTEGRATION
Integration
Broker
Business
Process Mgmt
J2EE ABAP
DB and OS Abstraction
SAP ECC 5.0 Core
SAP NetWeaver™ ’04s
CompositeApplicationFramework
APPLICATION PLATFORM
LifeCycleMgmt
PEOPLE INTEGRATION
Multi Channel Access
Portal Collaboration
INFORMATION INTEGRATION
Master Data Mgmt
Bus. Intelligence Knowledge Mgmt
PROCESS INTEGRATION
Integration
Broker
Business
Process Mgmt
J2EE ABAP
DB and OS Abstraction
Switch Framework
Enterprise Extensions Industry Extensions
5. Our SAP world today
On-Premise and Cloud
Ariba HCM
Other Other SRM HCM CRM
On-Premise and Cloud Connectivity
BusinessObjects
HANA
BW
DB2
ECC
DB2
SCM
SAP Portal
Corporate Data Center
ERP SCM
BW
Manfctr
6. Our SAP world very soon
On-Premise and Cloud and API’s
Direct
HCM
CRMIndrct
API
API
API API
API
API
API APIAPI
Steel Grainger Amazon
API Mashup
Fraud Detection
Stat Analytics
ERP SCM
BW
Manfctr
Analytics
API
ESB
Application Program Interfaces
(API’s) are small, standardized,
registered, consumable programs.
There are 100K’s today.
7. Agile Data Mart (Analytics Application)
– Enhance Existing Data Mart and Data Warehouse
Investments
– Data Acquisition and Integration from Any Source
– Real-Time Consolidated Reporting/Analytics
SAP BW on HANA
– Dramatically Improved Performance
SAP HANA Today: Three Core Use Cases
Operational Data Mart / Application Accelerator
– Flexible Real-Time Analytics/Reporting
– Accelerated SAP Applications
– Rapid Deployment Solutions for Quick Deployment
– Dramatically Improved Performance
– Simplified Administration & Streamlined Landscape
– Unlock Data Across the Enterprise
– Preserve BW Investment without Disruption
8. Now add in SAP Business Suite on HANA
Today Future
HANA
BW
HANA
ECC
HANA
CRM
HANA
SCP
HANABW
ECC CRM SCPOther
Business Objects
HANA HANA HANA HANA
Business Objects
HANABW
Big Problems to be solved:
1. Achieving performance
2. DR & HA w/out slowing performance
3. Requiring VERY BIG memory space
Big Problems to be solved:
1. Supportability of multiple applications
2. In-memory Data Management (value, age)
3. Requiring HUGE memory space
9. Over 75% of Businesses Plan to Use Cloud*
Public Cloud
54% are or will use public cloud within the
next 12 months
Private Cloud
65% are or will use private cloud within the
next 12 monthsnext 12 months
Hybrid Cloud
79% are or will use hybrid cloud within the
next 12 months
Other surveys have similar results
*Source: TNS Infratest Online Survey 1Q2012 for SAP with large enterprises US, UK, Germany, Brazil
10. SAP has split out on-premise and cloud
Software-as-a-Service
(SaaS)
Business Process-as-a-Service
(BPaaS)
SAP cloud applications
• SuccessFactors
• Ariba
• JAM
• Travel & Expense
• Carbon Credits
• And more
DeployDesign Consume
Infrastructure-as-a-Service
(IaaS)
Platform-as-a-Service
(PaaS)
SAP on-premise applications:
• ECC
• BW
• Solution Manager
• CRM
• PLM
• SCM
• And more
11. All SaaS Is Growing including SAP’s SaaS
SAP AG SaaS growth
SAP Scale
• $1B cloud revenue run rate
• 20+M cloud users
• 6K+ customers
• 1M companies on Ariba network
by EOY 20137
9
11
13
SaaS Apps*
by EOY 2013
SAP Momentum
• 14x revenue growth
• 92% SuccessFactors YoY growth
• 300% BusinessByDesign growth
• $314B Euros on Ariba network
*Source: Forrester, November 2012 “Cloud Keys An Era Of New IT Responsiveness And Efficiency ”
1
3
5
7
2010 2011 2012 2013
12. You must be asking yourself:
How do we put it together?
What is our Enterprise Architecture look like?What is our Enterprise Architecture look like?
What are the areas for concern?
13. You will need an internal & external strategy
Corporate Data Center External IaaS / PaaS / SaaS
PhysicalYear 1 Virtual Cloud
Year 2 PhysicalVirtual Cloud
Year 3 PhysicalVirtual Cloud
Year 4 Phys.Virtual Cloud
Year 5 Virtual Cloud
14. Start with SAP on-premise applications with
limited commitment to cloud
Development &
Test
Exploration Testing Peak Utilization
- Hybrid
EWM SBX
ECC DEV
ECC QA
BW DEV
BW QA
BW SBX
ECC SBX
CRM DEV
CRM QA
Internal
ECC DEV
ECC QA
BW DEV
BW QA
BW SBX
ECC SBX
CRM DEV
CRM QA
Available
EWM SBX
External
ECC
DEV
ECC
QA
ECC
PRD
ECC
DEV
ECC
QA
N
N+1
ECC
DEV
ECC
QA
ECC
PRD
ECC
QT1
ECC
QT2
BW
QT2
ECC HR
ESS/MSS
Portal
ESS/MSS
Portal
ESS/MSS
Portal
ESS/MSS
Portal
ESS/MSS
Portal
ESS/MSS
Portal
ESS/MSS
Portal
DevelopmentTraining Peak Utilization
- Internal
Seasonal
ECC
DEV
ECC
QA
ECC
PRD
ECC
TR1
ECC TRN
Image
ECC
TRN
Master
APO DEV
APO SBX
BW DEV
BW SBX
ECC DEV
ECC SBX
CRM DEV
CRM SBX
ExternalInternal
CRM
QA
CRM
PRD
ECC
QA
ECC
PRD
BW
QA
BW
PRD
APO
QA
APO
PRD
CRM
QA
CRM
PRD
ECC
QA
ECC
PRD
BW
QA
BW
PRD
APO
QA
APO
PRD
CRM
SBX
CRM
DEV
ECC
SBX
ECC
DEV
BW
SBX
BW
DEV
APO
SBX
APO
DEV
ECC DEV
ECC QA
BW DEV
BW QA
BW SBX
ECC SBX
CRM DEV
CRM QA
ECC APP4
ECC APP3
ECC APP2
ECC APP1
ECC
DB/CI
ECC DEV
ECC QA
BW DEV
BW QA
BW SBX
ECC SBX
CRM DEV
CRM QA
ECC APP4
ECC APP3
ECC APP2
ECC APP1
ECC
DB/CI
ECC APP7
ECC APP6
ECC APP5
At PeakBefore Peak
15. Other Other
Other Other
Making a production size commitment
Heavy off-premiseHeavy on-premise
Ariba HCM
Other Other
Other Other
Ariba HCM
BusinessObjects
HANA
BW
DB2
ECC
DB2
SCM
SAP Portal
BusinessObjects
HANA
BW
DB2
ECC
DB2
SCM
SAP Portal
Corporate Data Center
Corporate Hold-overs
Real Time Legacy
IaaS/PaaS SaaS
16. Covered in this session
Managing the new enterprise
Securing the new enterprise
Renovation for Innovation (Social, Mobile, Cloud, Big Data, etc.)
Covered in other Sapphire/ASUG sessions
Maturation of Cloud for on-premise SAP
LVM – Landscape Virtualization Manager
Areas of Concern
LVM – Landscape Virtualization Manager
Other third-party products
Maturation of HANA
With Business Suite
For virtualization / cloud
Beyond our scope
Reliability of “Cloud” and “API’s”
Shift from CapEx to OpEx (cash flow)
18. Cloud Security Reference Model
Security in the New Enterprise (1 of 3)
Cloud Governance
Cloud-specific security governance
including directory synchronization
and geo locational support
Security Governance, Risk Management
& Compliance
Security governance including maintaining
Discover, Categorize, Protect
Data & Information Assets
Strong focus on protection of data at rest or in
transit
Information Systems Acquisition, Development,
and Maintenance
Management of application and virtual Machine
You need to develop or adapt your Foundational Security Controls
Security governance including maintaining
security policy and audit and compliance
measures
Problem & Information
Security Incident Management
Managing and responding to expected
and unexpected events
Identity and Access Management
Strong focus on authentication of
users and management of identity
Management of application and virtual Machine
deployment
Secure Infrastructure Against Threats and
Vulnerabilities
Management of vulnerabilities and their
associated mitigations with strong focus on
network and endpoint protection
Physical and Personnel Security
Protection for physical assets and locations
including networks and data centers, as well as
employee security
19. Design Deploy Consume
Establish a cloud
strategy and
implementation plan
to get there.
Build cloud services, in
the enterprise and/or
as a cloud services
provider.
Manage and optimize
consumption of cloud
services.
Security Aligns with Each Phase of a Cloud Project
Security in the New Enterprise (2 of 3)
Example
security
capabilities
Cloud security
roadmap
Secure development
Network threat
protection
Server security
Database security
Application security
Virtualization
security
Endpoint protection
Configuration and
patch management
Identity and access
management
Secure cloud
communications
Managed security
services
Secure by Design
Focus on building
security into the
fabric of the cloud.
Workload Driven
Secure cloud
resources with
innovative features
and products.
Service Enabled
Govern the cloud
through ongoing
security operations
and workflow.
Cloud
Security
Approach
20. Virtual infrastructure
• Hypervisor-based isolation with customer configurable firewall rules
• Firewall and IPS/IDS between guest virtual machines (VMs)
and Internet
• Optional virtual private network (VPN) and virtual local area network (VLAN)
isolation of account instances
• Connections are encrypted and are isolated from VMs by design (SSH keys)
• Customer has root access to guest virtual machines, allowing further
hardening of VMs
Your servers, PCs, and
mobile
Cloud Services
Your
firewall
Security should be built into the cloud offering
Security in the New Enterprise (3 of 3)
hardening of VMs
• Shared images patched and scanned regularly
Management infrastructure
• Access to the infrastructure is only enabled using Web identity through the
user interface portal or APIs
• Complies with strong corporate security policies
• Controlled and audited administrative actions and operations
Delivery centers
• Customer data and VMs are kept in the data center where provisioned
• Physical security identical to hosted clients
Strong security and
authentication model
Provider firewall
Optional VPN gateway
Guest VMs and
data
Tier 3 or 4
delivery centers
Private and
Shared
VLANs
Cloud Services
Management
infrastructure
21. Renovation for Innovation
Social
Mobile
Connected
Big Data
Cloud
Innovate
NEW New
NEW
Without simplification:
• Budgets disappear
• Innovation/transformation
becomes more expensive and
time consuming
Adapted From: PACE Layering, Gartner, 2010
Systems of Record
Systems of Differentiation
Systems of Innovation
Simplify
Innovate
Support
Support
Support
Year 1 Year 2 Year 3
NEW
NEW
New
Support
New
Support
22. • Plan for cloud inside and outside of your data center
• Look to leverage of cloud services for on-premise and
SaaS capabilities
• Develop management capabilities for the new
enterprise
• Adapt your security for the new cloud world
BEST PRACTICES
• Adapt your security for the new cloud world
• Renovate and reduce your legacy including SAP to allow
for innovation
23. KEY LEARNINGS
Change is not new in SAP, but seems to be accelerating
SAP and all applications are becoming ‘cloudified’
HANA is evolving, spreading, and virtualizing
On-premise SAP can run on a cloud, but is not cloud
native
SaaS is fact for almost all businesses, accept and
manage it
Your Security needs to be formulated for the new
enterprise
Look to renovate to lower maintenance costs and allow
budge for all this new innovation
24.
25. THANK YOU FOR PARTICIPATING
Please provide feedback on this session by
completing a short survey via the event mobile
application.application.
SESSION CODE: 2309
For ongoing education on this area of focus,
visit www.ASUG.com