SAP Enterprise Architecture in the Era of

SAP HANA, Infrastructure, Platforms,

Software and Everything-as-a-Service

Chuck Kichler (kichler@us.ibm.com)

– How to consume the on-premise vs. off-

premise SAP applications

– How to use private, hosted, and public cloud

successfully with SAP

– Hear seven key learnings to make your

LEARNING POINTS

– Hear seven key learnings to make your

company successful with SAP non-cloud and

cloud applications

We started with client/server

R/3

APP APP APP APP

• I need 200 GB of storage• 512 MB of RAM• The errors are all in German• I need Internet access to

download the fixes• You have to have a TCP/IP

network for your PC (no twin-ax)

R/3 R/3

DB DB

network for your PC (no twin-ax)

And then it exploded!

Applicatio

ns

mySAP ERP Edition 2003

Self-Service Procurement

SAP R/3 Enterprise

SAP Enterprise Extension Set

Strategic Enterprise Mgmt

Internet Sales

Self Services

Industry Solutions

Additional Components

SAP R/3SAP Enterprise

Extension Set

SAP R/3 Enterprise

mySAP ERP Edition 2004

Composite Applications

SAP ECC Extension Set

Additional Components

Self-Service Procurement

Internet Sales

SAP ERP Central Component 5.00

Self-Services (ESS/MSS)

SEM

mySAP ERP Edition 2004s

Composite Applications

SAP ECC

Additional Components

Self-Service Procurement

Internet Sales

SAP ERP Central Component 6.00

SRM

Enhanced Self-Services (ESS/MSS)

SEM

SAP ECC 6.0 Core

BANG!

Technology

SAP R/3 Enterprise Core

SAP Enterprise Extension Set

SAP NetWeaver™

Co

mp

osit

e A

pp

licatio

n F

ram

ew

ork

APPLICATION PLATFORM

Life

Cycle

Mg

mt

PEOPLE INTEGRATION

Multi Channel Access

Portal Collaboration

INFORMATION INTEGRATION

Master Data Mgmt

Bus. Intelligence Knowledge Mgmt

PROCESS INTEGRATION

Integration Broker

BusinessProcess Mgmt

J2EE ABAP

DB and OS Abstraction

SAP Basis

SAP R/3up to 4.6C

Application

SAP Web

Application Server

SAP R/3

Enterprise Core

SAP Enterprise

Extension Set

SAP NetWeaver™ ‘04

Co

mp

osit

e A

pp

lic

ati

on

Fra

me

wo

rk

APPLICATION PLATFORM

Life

Cycle

Mg

mt

PEOPLE INTEGRATION

Multi Channel Access

Portal Collaboration

INFORMATION INTEGRATION

Master Data Mgmt

Bus. Intelligence Knowledge Mgmt

PROCESS INTEGRATION

Integration Broker

BusinessProcess Mgmt

J2EE ABAP

DB and OS Abstraction

SAP ECC 5.0 Core

SAP NetWeaver™ ’04s

Co

mp

osit

e A

pp

lic

ati

on

Fra

mew

ork

APPLICATION PLATFORM

Life

Cycle

Mg

mt

PEOPLE INTEGRATION

Multi Channel Access

Portal Collaboration

INFORMATION INTEGRATION

Master Data Mgmt

Bus. Intelligence Knowledge Mgmt

PROCESS INTEGRATION

Integration

BrokerBusiness

Process Mgmt

J2EE ABAP

DB and OS Abstraction

Switch Framework

Enterprise Extensions Industry Extensions

Our SAP world today

On-Premise and Cloud

Ariba HCM

Other OtherSRM HCM CRM

On-Premise and Cloud Connectivity

Business Objects

HANA

BW

DB2

ECC

DB2

SCM

SAP Portal

Corporate Data Center

ERP SCM

BW

Manfctr

Our SAP world very soon

On-Premise and Cloud and API’s

Direct

HCM

CRMIndrct

API

API

API API

API

API

API APIAPI

Steel Grainger AmazonAPI Mashup

Fraud Detection

Stat Analytics

ERP SCM

BW

Manfctr

Analytics

API

ESB

Application Program Interfaces

(API’s) are small, standardized,

registered, consumable programs.

There are 100K’s today.

� Agile Data Mart (Analytics Application)– Enhance Existing Data Mart and Data Warehouse

Investments

– Data Acquisition and Integration from Any Source

– Real-Time Consolidated Reporting/Analytics

� SAP BW on HANA– Dramatically Improved Performance

SAP HANA Today: Three Core Use Cases

� Operational Data Mart / Application Accelerator– Flexible Real-Time Analytics/Reporting

– Accelerated SAP Applications

– Rapid Deployment Solutions for Quick Deployment

– Dramatically Improved Performance

– Simplified Administration & Streamlined Landscape

– Unlock Data Across the Enterprise

– Preserve BW Investment without Disruption

Now add in SAP Business Suite on HANA

Today Future

HANA

BW

HANA

ECC

HANA

CRM

HANA

SCP

HANABW

ECC CRM SCPOther

Business Objects

HANA HANA HANA HANA

Business Objects

HANABW

Big Problems to be solved:

1. Achieving performance

2. DR & HA w/out slowing performance

3. Requiring VERY BIG memory space

Big Problems to be solved:

1. Supportability of multiple applications

2. In-memory Data Management (value, age)

3. Requiring HUGE memory space

Over 75% of Businesses Plan to Use Cloud*

� Public Cloud54% are or will use public cloud within the next 12 months

� Private Cloud65% are or will use private cloud within the next 12 monthsnext 12 months

� Hybrid Cloud79% are or will use hybrid cloud within the next 12 months

Other surveys have similar results

*Source: TNS Infratest Online Survey 1Q2012 for SAP with large enterprises US, UK, Germany, Brazil

SAP has split out on-premise and cloud

Software-as-a-Service

(SaaS)

Business Process-as-a-Service

(BPaaS)

SAP cloud applications

• SuccessFactors

• Ariba

• JAM

• Travel & Expense

• Carbon Credits

• And more

DeployDesign Consume

Infrastructure-as-a-Service

(IaaS)

Platform-as-a-Service

(PaaS)

SAP on-premise applications:

• ECC

• BW

• Solution Manager

• CRM

• PLM

• SCM

• And more

All SaaS Is Growing including SAP’s SaaS

SAP AG SaaS growthSAP Scale• $1B cloud revenue run rate

• 20+M cloud users

• 6K+ customers

• 1M companies on Ariba network

by EOY 20137

9

11

13

SaaS Apps*

by EOY 2013

SAP Momentum• 14x revenue growth

• 92% SuccessFactors YoY growth

• 300% BusinessByDesign growth

• $314B Euros on Ariba network

*Source: Forrester, November 2012 “Cloud Keys An Era Of New IT Responsiveness And Efficiency ”

1

3

5

7

2010 2011 2012 2013

You must be asking yourself:

How do we put it together?

What is our Enterprise Architecture look like?What is our Enterprise Architecture look like?

What are the areas for concern?

You will need an internal & external strategy

Corporate Data Center External IaaS / PaaS / SaaS

PhysicalYear 1 Virtual Cloud

Year 2 PhysicalVirtual Cloud

Year 3 PhysicalVirtual Cloud

Year 4 Phys.Virtual Cloud

Year 5 Virtual Cloud

Start with SAP on-premise applications with

limited commitment to cloud

Development &

Test

Exploration Testing Peak Utilization

- Hybrid

EWM SBX

ECC DEV

ECC QA

BW DEV

BW QA

BW SBX

ECC SBX

CRM DEV

CRM QA

Internal

ECC DEV

ECC QA

BW DEV

BW QA

BW SBX

ECC SBX

CRM DEV

CRM QA

Available

EWM SBX

External

ECC

DEV

ECC

QA

ECC

PRD

ECCDEV

ECCQA

N

N+1

ECCDEV

ECCQA

ECCPRD

ECCQT1

ECCQT2

BWQT2

ECC HR

ES

S/M

SS

Po

rtal

ES

S/M

SS

Po

rtal

ES

S/M

SS

Po

rtal

ES

S/M

SS

Po

rtal

ES

S/M

SS

Po

rtal

ES

S/M

SS

Po

rtal

ES

S/M

SS

Po

rtal

DevelopmentTraining Peak Utilization

- Internal

Seasonal

ECCDEV

ECCQA

ECCPRD

ECCTR1

ECC TRNImage

ECCTRN

Master

APO DEV

APO SBX

BW DEV

BW SBX

ECC DEV

ECC SBX

CRM DEV

CRM SBX

ExternalInternal

CRM

QA

CRM

PRD

ECC

QA

ECCPRD

BW

QA

BW

PRD

APO

QA

APO

PRD

CRMQA

CRMPRD

ECCQA

ECC

PRD

BW

QA

BWPRD

APOQA

APOPRD

CRM

SBX

CRM

DEV

ECC

SBX

ECC

DEV

BW

SBX

BW

DEV

APO

SBX

APO

DEV

ECC DEV

ECC QA

BW DEV

BW QA

BW SBX

ECC SBX

CRM DEV

CRM QA

ECC APP4

ECC APP3

ECC APP2

ECC APP1

ECCDB/CI

ECC DEV

ECC QA

BW DEV

BW QA

BW SBX

ECC SBX

CRM DEV

CRM QA

ECC APP4

ECC APP3

ECC APP2

ECC APP1

ECCDB/CI

ECC APP7

ECC APP6

ECC APP5

At PeakBefore Peak

Other OtherOther Other

Making a production size commitment

Heavy off-premiseHeavy on-premise

Ariba HCM

Other Other

Other OtherAriba HCM

Business Objects

HANA

BW

DB2

ECC

DB2

SCM

SAP Portal

Business Objects

HANA

BW

DB2

ECC

DB2

SCM

SAP Portal

Corporate Data CenterCorporate Hold-overs

Real Time Legacy

IaaS/PaaS SaaS

Covered in this session

� Managing the new enterprise

� Securing the new enterprise

� Renovation for Innovation (Social, Mobile, Cloud, Big Data, etc.)

Covered in other Sapphire/ASUG sessions

� Maturation of Cloud for on-premise SAP� LVM – Landscape Virtualization Manager

Areas of Concern

� LVM – Landscape Virtualization Manager

� Other third-party products

� Maturation of HANA� With Business Suite

� For virtualization / cloud

Beyond our scope

� Reliability of “Cloud” and “API’s”

� Shift from CapEx to OpEx (cash flow)

Managing the New Enterprise

Cloud Security Reference Model

Security in the New Enterprise (1 of 3)

Cloud Governance

Cloud-specific security governance

including directory synchronization

and geo locational support

Security Governance, Risk Management

& Compliance

Security governance including maintaining

Discover, Categorize, Protect

Data & Information Assets

Strong focus on protection of data at rest or in

transit

Information Systems Acquisition, Development,

and Maintenance

Management of application and virtual Machine

You need to develop or adapt your Foundational Security Controls

Security governance including maintaining

security policy and audit and compliance

measures

Problem & Information

Security Incident Management

Managing and responding to expected

and unexpected events

Identity and Access Management

Strong focus on authentication of

users and management of identity

Management of application and virtual Machine

deployment

Secure Infrastructure Against Threats and

Vulnerabilities

Management of vulnerabilities and their

associated mitigations with strong focus on

network and endpoint protection

Physical and Personnel Security

Protection for physical assets and locations

including networks and data centers, as well as

employee security

Design Deploy ConsumeEstablish a cloud strategy and implementation plan to get there.

Build cloud services, in the enterprise and/or as a cloud services provider.

Manage and optimizeconsumption of cloudservices.

Security Aligns with Each Phase of a Cloud Project

Security in the New Enterprise (2 of 3)

Example

security

capabilities

� Cloud security roadmap

� Secure development

� Network threat protection

� Server security

� Database security

� Application security

� Virtualization security

� Endpoint protection

� Configuration and patch management

� Identity and access management

� Secure cloud communications

� Managed security services

Secure by DesignFocus on building security into the fabric of the cloud.

Workload DrivenSecure cloud resources with innovative features and products.

Service EnabledGovern the cloud through ongoing security operations and workflow.

Cloud

Security

Approach

Virtual infrastructure

• Hypervisor-based isolation with customer configurable firewall rules

• Firewall and IPS/IDS between guest virtual machines (VMs)

and Internet

• Optional virtual private network (VPN) and virtual local area network (VLAN)

isolation of account instances

• Connections are encrypted and are isolated from VMs by design (SSH keys)

• Customer has root access to guest virtual machines, allowing further

hardening of VMs

Your servers, PCs, and

mobile

Cloud Services

Your

firewall

Security should be built into the cloud offering

Security in the New Enterprise (3 of 3)

hardening of VMs

• Shared images patched and scanned regularly

Management infrastructure

• Access to the infrastructure is only enabled using Web identity through the

user interface portal or APIs

• Complies with strong corporate security policies

• Controlled and audited administrative actions and operations

Delivery centers

• Customer data and VMs are kept in the data center where provisioned

• Physical security identical to hosted clients

Strong security and

authentication model

Provider firewall

Optional VPN gateway

Guest VMs and

data

Tier 3 or 4

delivery centers

Private and

Shared

VLANs

Cloud Services

Management

infrastructure

Renovation for Innovation

Social

Mobile

Connected

Big Data

Cloud

Inn

ova

teNEW New

NEW

Without simplification:

• Budgets disappear

• Innovation/transformation

becomes more expensive and

time consuming

Adapted From: PACE Layering, Gartner, 2010

Systems of Record

Systems of Differentiation

Systems of Innovation

Sim

plify

Inn

ova

te

Su

pp

ort

Su

pp

ort

Su

pp

ort

Year 1 Year 2 Year 3

NEWNEW

New Support

New Support

• Plan for cloud inside and outside of your data center

• Look to leverage of cloud services for on-premise and

SaaS capabilities

• Develop management capabilities for the new

enterprise

• Adapt your security for the new cloud world

BEST PRACTICES

• Adapt your security for the new cloud world

• Renovate and reduce your legacy including SAP to allow

for innovation

KEY LEARNINGS

� Change is not new in SAP, but seems to be accelerating

� SAP and all applications are becoming ‘cloudified’

� HANA is evolving, spreading, and virtualizing

� On-premise SAP can run on a cloud, but is not cloud

native

� SaaS is fact for almost all businesses, accept and

manage it

� Your Security needs to be formulated for the new

enterprise

� Look to renovate to lower maintenance costs and allow

budge for all this new innovation

THANK YOU FOR PARTICIPATING

Please provide feedback on this session by completing a short survey via the event mobile

application.application.

SESSION CODE: 2309

For ongoing education on this area of focus,visit www.ASUG.com