Manage application delivery ……on your journey to the cloud!

Micro Focus ADM Solutions for SAP

Solution Architect

Jan De Coster

Your Speaker

Technology Shift

1972

SAP R/1

1979

SAP R/2

1992

SAP R/3

2000

mySAP

2004

SAP ERP

2011SAP HANA

2015SAP S/4 HANA

74% of the world’s transaction revenue touches an SAP software syste

Source: SAP and customer data

3

SAP Transformation journey…

SAP Business SuiteOn any DB

ON HANA

S4/HANAOn premise

ON CLOUD

New Technologies | S4/Hana/Fiori

New Business Models | Hana Cloud Platform

New Delivery Challenges | DevOps/Hybrid/Cloud

6

The challenges facing SAP customers as they transform to participate in the digital economy

▪ SAPs latest applications provide a rich service backbone designed to accelerate the transformation to the digital economy▪ Open APIs facilitate the design of composite services, integrating both SAP and non SAP applications to

create end to end digital process and information flows

▪ As customers transform to exploit these applications, seemingly minor changes to service components can have severe unintended consequences on e2e service quality and information flow

▪ This transformation requires in-flight upgrades to business critical processes▪ Complex migrations across multiple solution domains

▪ Lack of qualified SAP experienced staff

▪ All this in highly regulated environments

7

How Micro Focus adds value to SAP transformations

8

SAP & Micro Focus ADM Partnership

“Market leader in

enterprise application software”

“Accelerating delivery, and

ensuring quality and security at every stage of the application

lifecycle”>1,500

Joint customers

12Years of partnership

SOLEXMicro Focus ADM is SAP’s exclusive

solution extension vendor

INTEGRATIONMicro Focus solutions for SAP Web and Mobile

are integrated into the SAP Cloud Platform

9

Micro Focus ADM adds value to SAP Environments

Challenges ADM Capabilities

Many deployments into highly regulated environments

ALM.net and ALM Octane offers governance and traceability of SAP environments

Proprietary attributes in SAP GUI, UI5, and Fiori

Complex dependencies, diverse ecosystem, proprietary protocols

DevOps: Slow-moving system of record vs. fast-moving system of engagement

SAP development activities shifting towards the SAP Cloud Platform (SCP)

Sole vendor supporting SAP protocols across functional, performance and mobile testing

Virtualization of SAP and non-SAP systems, with full support for the SAP protocols, eg. iDoc, RFC.

ALM.net with ALM Octane bridges the gap between slow and fast-moving environments

SCP integration for automated testing (SRF), and complete managed DevOps pipeline (soon)

10

REQUIREMENTS

TEST MANAGEMENT

SERVICE VIRTUALIZATION

MANUAL TESTING

SECURITY TESTING

TEST AUTOMATION

PERFORMANCE TEST

11

Micro Focus ADM | End-to-End SDLC for SAP

Strategy to Portfolio

Detect to Correct

Requirement to Deploy

Request to Fulfill

Project and Portfolio Management Requirements

Software Change & Configuration Mgmt

Application and End User Monitoring

Mainframe + COBOL

Functional Test

Lifecycle Virtualization

Performance Test

Security Test

Mobile App TestRelease Management

Deployment Automation

Micro Focus ADM| End-to-End Portfolio for SAP

Strategy to Portfolio

Detect to Correct

Requirement to Deploy

Project & Portfolio Mgmt

Atlas

Caliber

Project, Portfolio and Requirements

AccuRev

Dimensions CM

Star Team

PVCS

Software Change & Configuration Mgmt

Application and User Monitoring

AppPulse

Silk Performance Manager

Functional TestUFT

BPT

SprinterStormRunner Functional

Silk Test

Silk WebDriver

Performance TestLoadRunner

Performance Center

StormRunner LoadSilk Performer

Digital LabMobile Center

Service Virtualization

Network VirtualizationRelease Control Deployment Automation

Request to Fullfill

SECURITYIntegrate continuous security testing and feedback directly into the SDLC

PREDICTIVE ANALYTICSAdvanced analytics at every phase of the lifecycle

MAINFRAME + COBOLModernize mainframe applications to more flexible platforms and architectures

IT OPERATIONSEffectively manage Hybrid IT environments through automation and orchestration

Hybrid Cloud Automation

Data Center Automation

Service Management Automation

IT Operations

Security TestFortifyData Insights

Vertica

ChangeMan

Mainframe + COBOL

StarTool ESync

Enterprise Developer

Visual Cobol

Mainframe + COBOL

Dimensions RMRhythm

AREA

Lifecycle

Functional

Virtualization

SolMan, BPCA

SAPGUI, SAPUI, Fiori, WDA\J, NWBC, Portal, WebCUIF, ITS, IDOC, RFC, Odata and more

SAP GUI, SAP UI, SAP Fiori

IDOC, RFC

TECHNOLOGY

Supported SAP Technologies in Testing

13

Performance

14

ALM.net* directly integrated with SAP SOLMAN ® is SAP preferred solution to manage Application

Quality in complex SAP implementationsSAP QC* | MF Octane

15

MF UFT* family is the industry widest and more complete test automation tool

MF SRF solves all the testing lab problems and is directly connected with SAP Cloud Platform and FIORI

MF Sprinter enables manual test automation for SAP which allows higher level of compliance and efficiency

SAP UFT* | SAP BPT* | MF LeanFT | MF Silk Test

MF Sprinter

MF Storm Runner Functional

16

MF Performance testing family allows quick and scalable SAP stress test

MF Service Virtualization is the only solution certified by SAP

SAP Loadrunner* | MF Performance Center | MF SRL | MF Silk Performer

MF Service Virtualization*

MF AppPulse synthetic monitoring and mobile analytics for your SAP Fiori applications

MF AppPulse

SAP Cloud Platform with MicroFocus StormRunner Functional

SAP Cloud Platform WebIDE

Automate SAP tests that run in an elastic lab, all from within the SCP WebIDE

Configure SRF within SCP

Automate SAP tests from within SCP

Control an elastic lab for parallel SAP test execution

Security Testing - FortifyFastest and easiest way to assess software risk during the HANA journey

• Delivered on the cloud or on-premise, HP Fortify tests and scores the security of any application• Enables a systematic approach for eliminating the security risk in software • Automated application security testing throughout the software lifecycle• Together with SAP CVA, you will get an comprehensive view of your entire enterprise security landscape

Dynamic RuntimeStatic

Production

Fortify on Demand App Defender

On Premise App Defender

Application Development

TestCodeDesignIntegration & Staging

IT Operations

On Demand

WebInspectStatic Code Analyzer

Software Security Assurance (SSA & SDLC)

Design Code TestIntegration

- StagingOperate

Development

Security

Testing / Operations

WebInspect Enterprise (WIE)Continuous Web Monitoring (CM)

On-demand Web Scans

Web Inspect (WI)

Fortify Dynamic SuiteStatic Code Analyzer (SCA)

Fortify Static Suite

Audit Workbench (AWB)

IDE Plugin

Software Security Center (SSC)

Fortify On Demand (FOD)

Fortify Runtime(App Defender)

Visibility & Defense

Protection/Logging

Hybrid

Software Security Center (SSC)

DeveloperSource Code Repository

SSC Server

Scan/Sensor Pool

Security Lead

Check-in new codeScheduled Check-out, build and scan

Scan Results uploaded Auditor Reviews

Results

Developer writes fixes

Build Engineer

DevelopmentBuild Server

scan Controller (SCA)

(ex.,TFS,Git , SVN ,..etc.)

Bug Tracker(ex. Bugzilla,TFS,JIRA..etc)

Jenkins (Orchestrator)…

SCA – Integral part of the SDLC - HLD

21

Fortify – DevOps

▪ Real-time lightweight analysis of the source code

Vulnerable line of code is highlighted as developer codes & provides tips for additional information

Level of criticality

Type of vulnerability, explanation and detailed remediation guidanceAll issues

detected in the project

Fortify menu for additional options

22

SAST & DAST – Integration process

Application Testing Environment

SSC Server Auditor

Deploy new release for testing

Web InspectScan launched

Auditor Reviews Results

Auditor Submits Security Issues toBug

Remediationprocess

Detectedvulnerabilities

reported

Maintenance cycle

Security Administrator

SAST Process

OR DAST API kick-off Process

23

Fortify Application Security Solutions▪ On premise and on demand

Static Analysis – SCA

Source Code Mgt. System

Static Analysis Via Build Integration

Dynamic Analysis – WebInspect

Dynamic Testing in QA or Production

Application Protection –App Defender

Real-time Protection of Running Application

Vulnerability Management

Normalization(Scoring, Guidance)

Vulnerability Database

RemediationIDE Plug-ins (Eclipse, Visual Studio, etc.)

Developers (onshore or offshore)

Correlate Target Vulnerabilities with

Common Guidance and Scoring

Defects, Metrics and KPIs Used to Measure Risk

Application Lifecycle

Development, Project and Management

Stakeholders

Software Security CenterFortify on Demand

Hackers & Actual Attacks

Correlation(Static, Dynamic, Runtime)

Threat Intelligence Rules Management

Software Security Center

24

Software Security CenterReporting and Program Management

Vulnerability status by application

Global dashboard highlights risk across

software portfolio

25

Fortify Ecosystem

Fortify solutions

REST APIs with Swagger

REST APIs with Swagger

DevOps &third party

Requirements & issues- ALM Octane- JIRA- Bugzilla

Build servers- Jenkins- Bamboo- VSTS/TFS

Build tools- Gradle- ANT- Maven

Security

- Vuln Mgmt- SIEM- WAFs

IDEs- Eclipse- Visual Studio- IntelliJ- Xcode/AS

Open Source- Sonatype- Black Duck- Fortify Open Rev.

Configuration automation- Chef- Puppet- Octopus

Containers- Docker- ‘Dockerized

Security’

Cloud- Azure- AWS

DevOps &third party

Co

mm

un

ication

/Ch

atOp

s

Code repositories & apps- HPE LiveNet- GitHub- SVN

Secure Development

Security Testing

Continuous Monitoring and Protection

Requirements & issues- ALM Octane- JIRA- Bugzilla

Build servers- Jenkins- Bamboo- VSTS/TFS

Build tools- Gradle- ANT- Maven

Security

- Vuln Mgmt- SIEM- WAFs

IDEs- Eclipse- Visual Studio- IntelliJ- Xcode/AS

Open Source- Sonatype- Black Duck- Fortify Open Rev.

Configuration automation- Chef- Puppet- Octopus

Containers- Docker- ‘Dockerized

Security’

Cloud- Azure- AWS

Co

mm

un

ication

/Ch

atOp

s

Code repositories & apps- HPE LiveNet- GitHub- SVN

26

Analyst Endorsement

Lifecycle Virtualization(Voke)

Testautomation (Gartner)

Mobile Testing(Forrester)

App. Lifecycle Mgmt.(IDC)

Why Micro Focus for SAP?

End to End

Integrated

Comprehensive

Open

Flexible

Jan De Coster

Application Delivery ManagementInternational Solution Architect

+32 478 219 345

Jan.De.Coster@MicroFocus.com