Software and Everything-as-a-Service Chuck Kichler (kichler@us.ibm.com) How to consume the on-premise vs. off- premise SAP applications How to use private, hosted, and public cloud successfully with SAP Hear seven key learnings to make your LEARNING POINTS Hear seven key learnings to make your company successful with SAP non-cloud and cloud applications We started with client/server R/3 APP APP APP APP I need 200 GB of storage 512 MB of RAM The errors are all in German I need Internet access to download the fixes You have to have a TCP/IP network for your PC (no twin-ax) R/3 R/3 DB DB network for your PC (no twin-ax) And then it exploded! A p p l i c a t i o n s mySAP ERP Edition 2003 Self-Service Procurement SAP R/3 Enterprise SAP Enterprise Extension Set Strategic Enterprise Mgmt Internet Sales Self Services Industry Solutions Additional Components SAP R/3 SAP Enterprise Extension Set SAP R/3 Enterprise mySAP ERP Edition 2004 Composite Applications SAP ECC Extension Set Additional Components Self-Service Procurement Internet Sales SAP ERP Central Component 5.00 Self-Services (ESS/MSS) SEM mySAP ERP Edition 2004s Composite Applications SAP ECC Additional Components Self-Service Procurement Internet Sales SAP ERP Central Component 6.00 SRM Enhanced Self-Services (ESS/MSS) SEM SAP ECC 6.0 Core BANG! T e c h n o l o g y SAP R/3 Enterprise Core SAP Enterprise Extension Set SAP NetWeaver C o m p o s i t e
A p p l i c a t i o n
F r a m e w o r k APPLICATION PLATFORM L i f e
C y c l e
M g m t PEOPLE INTEGRATION Multi Channel Access Portal Collaboration INFORMATION INTEGRATION Master Data Mgmt Bus. Intelligence Knowledge Mgmt PROCESS INTEGRATION Integration Broker Business Process Mgmt J2EE ABAP DB and OS Abstraction SAP Basis SAP R/3 up to 4.6C Application SAP Web Application Server SAP R/3 Enterprise Core SAP Enterprise Extension Set SAP NetWeaver 04 C o m p o s i t e
A p p l i c a t i o n
F r a m e w o r k APPLICATION PLATFORM L i f e
C y c l e
M g m t PEOPLE INTEGRATION Multi Channel Access Portal Collaboration INFORMATION INTEGRATION Master Data Mgmt Bus. Intelligence Knowledge Mgmt PROCESS INTEGRATION Integration Broker Business Process Mgmt J2EE ABAP DB and OS Abstraction SAP ECC 5.0 Core SAP NetWeaver 04s C o m p o s i t e
A p p l i c a t i o n
F r a m e w o r k APPLICATION PLATFORM L i f e
C y c l e
M g m t PEOPLE INTEGRATION Multi Channel Access Portal Collaboration INFORMATION INTEGRATION Master Data Mgmt Bus. Intelligence Knowledge Mgmt PROCESS INTEGRATION Integration Broker Business Process Mgmt J2EE ABAP DB and OS Abstraction Switch Framework Enterprise Extensions Industry Extensions Our SAP world today On-Premise and Cloud Ariba HCM Other Other SRM HCM CRM On-Premise and Cloud Connectivity Business Objects HANA BW DB2 ECC DB2 SCM SAP Portal Corporate Data Center ERP SCM BW Manfctr Our SAP world very soon On-Premise and Cloud and APIs Direct HCM CRM Indrct API API API API API API API API API Steel Grainger Amazon API Mashup Fraud Detection Stat Analytics ERP SCM BW Manfctr Analytics API ESB Application Program Interfaces (APIs) are small, standardized, registered, consumable programs. There are 100Ks today. Agile Data Mart (Analytics Application) Enhance Existing Data Mart and Data Warehouse Investments Data Acquisition and Integration from Any Source Real-Time Consolidated Reporting/Analytics SAP BW on HANA Dramatically Improved Performance SAP HANA Today: Three Core Use Cases Operational Data Mart / Application Accelerator Flexible Real-Time Analytics/Reporting Accelerated SAP Applications Rapid Deployment Solutions for Quick Deployment Dramatically Improved Performance Simplified Administration & Streamlined Landscape Unlock Data Across the Enterprise Preserve BW Investment without Disruption Now add in SAP Business Suite on HANA Today Future HANA BW HANA ECC HANA CRM HANA SCP HANA BW ECC CRM SCP Other Business Objects HANA HANA HANA HANA Business Objects HANA BW Big Problems to be solved: 1. Achieving performance 2. DR & HA w/out slowing performance 3. Requiring VERY BIG memory space Big Problems to be solved: 1. Supportability of multiple applications 2. In-memory Data Management (value, age) 3. Requiring HUGE memory space Over 75% of Businesses Plan to Use Cloud* Public Cloud 54% are or will use public cloud within the next 12 months Private Cloud 65% are or will use private cloud within the next 12 months next 12 months Hybrid Cloud 79% are or will use hybrid cloud within the next 12 months Other surveys have similar results *Source: TNS Infratest Online Survey 1Q2012 for SAP with large enterprises US, UK, Germany, Brazil SAP has split out on-premise and cloud Software-as-a-Service (SaaS) Business Process-as-a-Service (BPaaS) SAP cloud applications SuccessFactors Ariba JAM Travel & Expense Carbon Credits And more Deploy Design Consume Infrastructure-as-a-Service (IaaS) Platform-as-a-Service (PaaS) SAP on-premise applications: ECC BW Solution Manager CRM PLM SCM And more All SaaS Is Growing including SAPs SaaS SAP AG SaaS growth SAP Scale $1B cloud revenue run rate 20+M cloud users 6K+ customers 1M companies on Ariba network by EOY 2013 7 9 11 13 SaaS Apps* by EOY 2013 SAP Momentum 14x revenue growth 92% SuccessFactors YoY growth 300% BusinessByDesign growth $314B Euros on Ariba network *Source: Forrester, November 2012 Cloud Keys An Era Of New IT Responsiveness And Efficiency 1 3 5 7 2010 2011 2012 2013 You must be asking yourself: How do we put it together? What is our Enterprise Architecture look like? What is our Enterprise Architecture look like? What are the areas for concern? You will need an internal & external strategy Corporate Data Center External IaaS / PaaS / SaaS Physical Year 1 Virtual Cloud Year 2 Physical Virtual Cloud Year 3 Physical Virtual Cloud Year 4 Phys. Virtual Cloud Year 5 Virtual Cloud Start with SAP on-premise applications with limited commitment to cloud Development & Test Exploration Testing Peak Utilization - Hybrid EWM SBX ECC DEV ECC QA BW DEV BW QA BWSBX ECC SBX CRM DEV CRM QA Internal ECC DEV ECC QA BW DEV BW QA BWSBX ECC SBX CRM DEV CRM QA Available EWM SBX External ECC DEV ECC QA ECC PRD ECC DEV ECC QA N N+1 ECC DEV ECC QA ECC PRD ECC QT1 ECC QT2 BW QT2 ECC HR E S S / M S S P o r t a l E S S / M S S P o r t a l E S S / M S S P o r t a l E S S / M S S P o r t a l E S S / M S S P o r t a l E S S / M S S P o r t a l E S S / M S S P o r t a l Development Training Peak Utilization - Internal Seasonal ECC DEV ECC QA ECC PRD ECC TR1 ECC TRN Image ECC TRN Master APO DEV APO SBX BW DEV BW SBX ECC DEV ECC SBX CRM DEV CRM SBX External Internal CRM QA CRM PRD ECC QA ECC PRD BW QA BW PRD APO QA APO PRD CRM QA CRM PRD ECC QA ECC PRD BW QA BW PRD APO QA APO PRD CRM SBX CRM DEV ECC SBX ECC DEV BW SBX BW DEV APO SBX APO DEV ECC DEV ECC QA BW DEV BW QA BWSBX ECC SBX CRM DEV CRM QA ECC APP4 ECC APP3 ECC APP2 ECC APP1 ECC DB/CI ECC DEV ECC QA BW DEV BW QA BWSBX ECC SBX CRM DEV CRM QA ECC APP4 ECC APP3 ECC APP2 ECC APP1 ECC DB/CI ECC APP7 ECC APP6 ECC APP5 At Peak Before Peak Other Other Other Other Making a production size commitment Heavy off-premise Heavy on-premise Ariba HCM Other Other Other Other Ariba HCM Business Objects HANA BW DB2 ECC DB2 SCM SAP Portal Business Objects HANA BW DB2 ECC DB2 SCM SAP Portal Corporate Data Center Corporate Hold-overs Real Time Legacy IaaS/PaaS SaaS Covered in this session Managing the new enterprise Securing the new enterprise Renovation for Innovation (Social, Mobile, Cloud, Big Data, etc.) Covered in other Sapphire/ASUG sessions Maturation of Cloud for on-premise SAP LVM Landscape Virtualization Manager Areas of Concern LVM Landscape Virtualization Manager Other third-party products Maturation of HANA With Business Suite For virtualization / cloud Beyond our scope Reliability of Cloud and APIs Shift from CapEx to OpEx (cash flow) Managing the New Enterprise Cloud Security Reference Model Security in the New Enterprise (1 of 3) Cloud Governance Cloud-specific security governance including directory synchronization and geo locational support Security Governance, Risk Management & Compliance Security governance including maintaining Discover, Categorize, Protect Data & Information Assets Strong focus on protection of data at rest or in transit Information Systems Acquisition, Development, and Maintenance Management of application and virtual Machine You need to develop or adapt your Foundational Security Controls Security governance including maintaining security policy and audit and compliance measures Problem & Information Security Incident Management Managing and responding to expected and unexpected events Identity and Access Management Strong focus on authentication of users and management of identity Management of application and virtual Machine deployment Secure Infrastructure Against Threats and Vulnerabilities Management of vulnerabilities and their associated mitigations with strong focus on network and endpoint protection Physical and Personnel Security Protection for physical assets and locations including networks and data centers, as well as employee security Design Deploy Consume Establish a cloud strategy and implementation plan to get there. Build cloud services, in the enterprise and/or as a cloud services provider. Manage and optimize consumption of cloud services. Security Aligns with Each Phase of a Cloud Project Security in the New Enterprise (2 of 3) Example security capabilities Cloud security roadmap Secure development Network threat protection Server security Database security Application security Virtualization security Endpoint protection Configuration and patch management Identity and access management Secure cloud communications Managed security services Secure by Design Focus on building security into the fabric of the cloud. Workload Driven Secure cloud resources with innovative features and products. Service Enabled Govern the cloud through ongoing security operations and workflow. Cloud Security Approach Virtual infrastructure Hypervisor-based isolation with customer configurable firewall rules Firewall and IPS/IDS between guest virtual machines (VMs) and Internet Optional virtual private network (VPN) and virtual local area network (VLAN) isolation of account instances Connections are encrypted and are isolated from VMs by design (SSH keys) Customer has root access to guest virtual machines, allowing further hardening of VMs Your servers, PCs, and mobile Cloud Services Your firewall Security should be built into the cloud offering Security in the New Enterprise (3 of 3) hardening of VMs Shared images patched and scanned regularly Management infrastructure Access to the infrastructure is only enabled using Web identity through the user interface portal or APIs Complies with strong corporate security policies Controlled and audited administrative actions and operations Delivery centers Customer data and VMs are kept in the data center where provisioned Physical security identical to hosted clients Strong security and authentication model Provider firewall Optional VPN gateway Guest VMs and data Tier 3 or 4 delivery centers Private and Shared VLANs Cloud Services Management infrastructure Renovation for Innovation Social Mobile Connected Big Data Cloud I n n o v a t e NEW New NEW Without simplification: Budgets disappear Innovation/transformation becomes more expensive and time consuming Adapted From: PACE Layering, Gartner, 2010 Systems of Record Systems of Differentiation Systems of Innovation S i m p l i f y I n n o v a t e S u p p o r t S u p p o r t S u p p o r t Year 1 Year 2 Year 3 NEW NEW New Support New Support Plan for cloud inside and outside of your data center Look to leverage of cloud services for on-premise and SaaS capabilities Develop management capabilities for the new enterprise Adapt your security for the new cloud world BEST PRACTICES Adapt your security for the new cloud world Renovate and reduce your legacy including SAP to allow for innovation KEY LEARNINGS Change is not new in SAP, but seems to be accelerating SAP and all applications are becoming cloudified HANA is evolving, spreading, and virtualizing On-premise SAP can run on a cloud, but is not cloud native SaaS is fact for almost all businesses, accept and manage it Your Security needs to be formulated for the new enterprise Look to renovate to lower maintenance costs and allow budge for all this new innovation THANK YOU FOR PARTICIPATING Please provide feedback on this session by completing a short survey via the event mobile application. application. SESSION CODE: 2309 For ongoing education on this area of focus, visit www.ASUG.com