This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.
Microsoft is a Gold sponsor of SAP TechEd 2021 and you can view the Microsoft sessions in the course catalog. As SAP TechED 2021 arrives, we are thrilled to share exciting product updates for SAP on Azure as we continue to leverage our strategic partnership with SAP to find innovative ways to help our customers accelerate their move to Azure and transform their business.
Our product updates that we are sharing today are aligned with our SAP Migration Framework and help our customers optimize their SAP migration journey by improving efficiencies and operations and reducing costs.
- Enterprise Scale for SAP builds upon the Azure Enterprise-Scale Landing Zone to expedite a production-grade environment.
- We developed our SAP Deployment Automation Framework in partnership with SUSE and Red Hat. We choose to open source the project to drive transparency, collaboration and empower our customers and partners.
- Azure Files NFS v4.1 is now supported for SAP Shared Files - /sapmnt/SID and /usr/sap/trans, both in standalone and high-availability scenarios. For high-availability scenarios, Azure Files simplifies the storage architecture for the SAP Application layer improving operational efficiencies at low-cost.
- In our Azure Backup for SAP HANA solution, we have made further investments in security, data resiliency, performance, and cost optimization to provide a well-rounded data protection solution for mission critical SAP applications based on SAP HANA.
- With Azure Monitor for SAP Solutions (preview), we have introduced a list of pre-defined alert templates which can be customized along with pre-defined Action Groups (email, SMS, etc) to receive the alerts. Our SAP HANA Data-Size feature provides key insights on database growth to help our customers manage capacity and budget for future growth. We have also invested in capabilities to monitor High-Availability Pacemaker clusters based on Red Hat Enterprise Linux and additional metrics for SAP NetWeaver (Application) instance level performance telemetry.
- Microsoft Sentinel threat monitoring solution for SAP (preview) provides continuous threat detection and analytics for SAP applications hosted on Azure, other clouds, or on-premises. The solution enables continuous monitoring of SAP for threats at all layers - application, database, operating system, infrastructure and can be customized for specific detections such as the monitoring of critical SAP transactions.
Let’s zoom in on more details below.
Enterprise-Scale for SAP
Enabling methodical preparation for the migration of your SAP assets to Azure
Our customers can use the SAP Migration Framework as a compass to guide their SAP on Azure journey. Within the SAP Migration Framework, we are pleased to announce that Enterprise-Scale for SAP is now generally available and supports our customers optimize the prepare phase of their SAP migration to Azure.
Enterprise-scale for SAP provides an architectural approach for constructing and operationalizing SAP deployments on Azure and is aligned with the broader Cloud Adoption Framework methodology. Enterprise-scale for SAP focuses on key design areas to guide our customers as they prepare to migrate or deploy their SAP assets on Azure. design areas span network topology and connectivity, governance, identity and access management, business continuity and disaster recovery, operations, and DevOps. Within the DevOps design area, the SAP Deployment Automation Framework can be leveraged to enable a rapid construction of the Enterprise-scale Landing Zone by laying down the bedrock infrastructure (e.g., network topology, virtual machines, storage, etc) for the SAP deployment. The SAP Deployment Automation Framework also enables a fully automated deployment of the SAP Product, which leads us to our next exciting update.
SAP Deployment Automation Framework
Enabling a rapid deployment of S/4HANA on Azure in 2 hours
- S/4HANA and SAP NetWeaver 750 on HANA in stand-alone and high-availability variants. For the high availability variants:
- Clustering of A(SCS)/ERS and SAP HANA database leveraging Pacemaker
- SAP HANA System Replication for the SAP HANA database
- The supported operating systems include SUSE Enterprise Linux for SAP (12 SP5 and 15 SP2) and Red Hat Enterprise Linux for SAP Solutions (7.9 and 8.2)
In the near term, additional DevOps assets will be introduced to enable the deployment automation for SAP on AnyDB (Oracle, Db2 and SQL Server) with stand-alone and high-availability options. Moreover, multi-SID clustering of SAP ASCS/ERS will be delivered to support instance consolidation and reduce run costs.
“Nordcloud has been an early adopter of the SAP Deployment Automation framework. Using the Microsoft provided automation capabilities to build SAP on Azure landscapes in a repeatable, consistent manner will greatly accelerate Nordcloud’s customers SAP on Azure journeys”
Refer to our SAP Deployment Automation Framework documentation to get started.
Simplify the storage deployment architecture for the SAP Application Layer and reduce costs
Azure Files NFS v4.1 is now generally available providing our customers with a fully managed NFS file system as a service. In the context of SAP, Azure Files NFS v4.1 is supported to provide persistent storage of the SAP shared files /sapmnt/SID and the transport directory /usr/sap/.
For customers deploying highly available SAP Applications, Azure Files NFS v4.1 can be an alternative to NFS cluster solutions (e.g., Pacemaker with DRBD replication on SLES or GlusterFS clusters on RHEL) to secure availability of the SAP shared files. In terms of data redundancy, Azure Files NFS v4.1 offers the choice of Locally Redundant Storage (within a single Availability Zone, three data replicas) or Zone Redundant Storage (ZRS) where data is replicated across 3 Availability Zones. The ZRS variant enables high availability scenarios for SAP Deployments across Availability Zones.
Azure Files NFS v4.1 for /sapmnt/SID and /usr/sap/trans
Refer to our documentation for Azure Files NFS v4.1 with SUSE Linux Enterprise Server and Red Hat Enterprise Linux
Azure Monitor for SAP Solutions
Simplified telemetry collection and visualization for end-to-end SAP technical monitoring at one place within the Azure portal
Azure Monitor for SAP Solutions (preview) can be used to monitor SAP NetWeaver (Application), databases (SAP HANA, Microsoft SQL server), High-Availability Pacemaker clusters and operating systems based on Linux. Azure Monitor for SAP Solutions enables our customers to combine telemetry from Azure Monitor (infrastructure) and Azure Monitor for SAP Solutions to create a single dashboard within the Azure portal which provides comprehensive technical monitoring.
Our customers can view a list of pre-defined alert templates where alert rules can be customized for threshold values, severity, time window, frequency, and the option of suppression. Pre-defined Action Groups can be leveraged to receive alerts by email, SMS, push or voice. Alternatively, Action Groups can also be customized for individual customer needs in response to alerts – automation runbooks, ITSM, webhooks, LogicApps, Azure Functions, etc.
The SAP HANA Data-Size feature provides key insights to validate that the virtual machine is sized appropriately for the memory footprint of the SAP HANA workload. Our customers can gain insights into which tables are contributing towards database growth - top columnar tables by size, number of rows, trend-lines for loaded size growth, etc. This feature enables our customers to budget for the future based on database growth patterns.
Support for High-Availability Pacemaker clusters based on Redhat Enterprise Linux is now available. Telemetry for cluster health and resource status, location constraints and trends can be collected and visualized.
SAP HANA Data Size Feature showing Database growth
Refer to our Azure Monitor Solution for SAP documentation to get started.
Microsoft Sentinel Continuous Threat Monitoring for SAP
Protect your SAP applications with Microsoft Sentinel threat monitoring for SAP
SecOps teams can benefit from Microsoft Sentinel continuous threat monitoring for SAP (preview) for visibility, threat detection, and investigation tools to protect the security posture of SAP applications.
An effective approach to SAP threat monitoring is multi-layered spanning infrastructure (virtual machines, storage, network) and the SAP business and application layer. The NetWeaver data connector collects several log files including the Change Documents log, Application log, ABAP Gateway log, etc from an SAP system which enables the monitoring of business and application layer-related risks. This information is then correlated with security insights from the underlying infrastructure using existing Azure Sentinel data connectors, such as those for virtual machines, networking, and Azure Active Directory.
Sentinel for SAP also offers built in security content with out-of-the-box detections to catch important threats such as SAP system configuration changes and suspicious activity by privileged uses. A workbook helps SecOps teams visualize the security health of their SAP systems.
Out-of-the box detections included in Microsoft Sentinel SAP threat monitoring solution.
Refer to our SAP Continuous Threat Monitoring documentation to get started.
Azure Backup for SAP HANA
Strengthen data availability, reduce backup runtime and cost
Cross Region Restore capability is now available which enables the restore of backups to a paired Azure region, strengthening data availability and resiliency. To guarantee data residency and provide data availability without downtime within an Azure region, ZRS support for vault (preview) is enabled for backups in limited regions. We will expand this capability into more regions in the future. From a backup cost optimization perspective, we recently announced the general availability of an archive storage tier for long-term retention of SAP HANA backups. Security is a key area of our focus with Customer Managed Keys (CMK) which encrypt backup data at rest. And with SAP HANA’s SSLEnforce feature, our customers can secure network communications between SAP HANA and our backup solution. In the near term, we will be introducing an incremental snapshot capability. This capability reduces recovery time objective by enabling instant restores supporting our customers data protection strategy.