Tracing Cisco’s Blueprint for a Successful SAP Data Center

A huge concern for SAP customers — and one that is not talked about enough — is that few could say for certain where all their data was coming from, where it was going, whether it was qualified, whether the source data was secured, and if there were unknown people who could access the data.

The reality is that the world of data has exploded, and the traditional data center model is being expanded by challenges from new technologies such as the Internet of Things (IoT), data streaming, social media, and machine learning. To adapt to this changing world and evolving data model, SAP customers need to alter their view of what a traditional data center looks like. Rather than having all their data in a data center they fully control, today their data center includes data sources outside their four walls. For example, businesses now want to combine their traditional ERP data with information from Twitter feeds that includes product reviews from customers or with geospatial data that highlights locations of top sales or delivery problems. They are looking at and analyzing data that they never had access to before, and their ability to lock down and control the data center has been blown apart.

To take advantage of these new technological developments, companies must consider data center transformation. But what does a successful next-gen SAP data center look like? This data center of the future has automated deployment, orchestration, and management of the whole landscape. It has a new way of securing data — actively segmenting, preventing, and remediating intrusions rather than discovering them after they have entered the system — and it interfaces easily with third parties and big data. Looking to the future, Cisco has responded to these evolving requirements with new portfolio offerings for SAP customers that provide unique value in three broad areas — data usage explosion, automation, and security.

Bring Data Together with SAP Data Hub

Cisco offers its customers more than a dozen SAP-specific innovative solutions. Companies modernizing an existing landscape or migrating to SAP HANA can deploy on a converged infrastructure based on traditional hardware components that are predesigned for SAP workloads. Alternatively, they can choose to adopt Cisco’s hyperconverged (HCI) platform where computer, storage, and network functions are combined onto one platform. The Cisco HyperFlex HCI platform is a great option for customers that want to use SAP Data Hub — SAP’s new data visualization and management tool that lets users see both SAP and non-SAP data from across their company’s entire data landscape. Cisco currently offers the only SAP-certified solution to deliver SAP Data Hub in on-premise, cloud, or hybrid environments. With SAP Data Hub on Cisco Container Platform, customers can integrate large data sets from public clouds with data from private clouds or enterprise applications such as SAP S/4HANA.

With SAP Data Hub on Cisco Container Platform, customers have two consumption models: a stand-alone, software-only installation running in the cloud; or a convenient software bundle on top of Cisco HyperFlex, preconfigured to run SAP Data Hub.

Simplify with Automated Profiles and Policies

From an automation perspective, Cisco brings preprogrammed profiles and policy-driven solutions to deployment, orchestration, and management activities. Policies apply to both the servers and the network: Cisco Unified Computing System (UCS) Manager automates the day-to-day management of the physical UCS servers, and Cisco Application Centric Infrastructure (ACI) is software-defined networking solution that facilitates automated network infrastructure operation. Together, these highly programmable solutions allow companies to declare what an infrastructure needs to look like, and to know what should and shouldn’t be happening in that environment. The resulting simplification reduces costs and saves time.

Policies applied to servers and the network can include specific configuration options required for SAP workloads to automatically govern who can talk to whom, what traffic can transit across, and what sort of activities can happen on the server. Automated policies can help generate fast compliance and governance reports, which are needed especially by those industries that are heavily regulated — such as in finance, healthcare, investment, and insurance. At the push of a button, companies can see what connectivity is happening in their network or what account access was allowed in a governance report.

Offering Next-Generation Security

On the security side of things, companies need to flip their perspectives from the old detect-and-block mindset. Next-generation security not only uncovers intrusions and problems, but actively watches, remediates, and learns — blocking users from entering the system in the first place. Policies and orchestration tools allow for a declarative security model that prescribes users’ actions. From day zero, if users are only permitted to do one thing, it automatically blocks them from doing anything else. This is important and innovative because there are many solutions out there that let everything happen out of the gate and then shut off the things that are not allowed. Cisco has flipped the view so security starts from a locked door rather than from an open door.

Then we take it one step further and provide the capability to examine traffic in SAP landscapes both from an infrastructure and application perspective. This is accomplished with Cisco Tetration, which monitors the infrastructure, and Cisco AppDynamics, which monitors transactions at the application level, providing a top-to-bottom view so companies can address activity from a security and a performance perspective. Businesses can see exactly who is talking to whom, uncover if someone is cheating data off the network, and have the tools at hand to fix that problem. So customers are secure right from the start. They have the capability to protect their network in real time so that they can quickly address any issues.

Having that type of detailed knowledge about what’s happening in the system can uncover subtle, often unnoticed problems, such as data leakage. If just a little bit of data is pulled at a time when traffic volume is high, it may fall below the threshold of data intrusion protections. But the Cisco platform can see every packet of data that leaks and then map that information to capture that drip type of data extraction, even over time. One customer that was using Tetration identified a slow drip of data that was leaving its system and going to servers located outside the company. However, that company did not run any business in that entity and it was clear that the data should not be going there.

Services for Cloud, On Premise, and Hybrid

Cisco can deliver services on premise and in the cloud. A number of cloud providers have implemented Cisco into their cloud offering because of the policies, the manageability, and the automation and orchestration of a secure multi-tenant environment for their customer base. However, we also see a lot of customers keeping their production on premise or moving only part of their SAP landscape to the cloud. The majority of Cisco’s SAP engagements have been on premise, although we are seeing a movement toward a hybrid cloud environment. The SAP market is not moving as quickly as other workloads to the cloud. SAP customers tend to opt for more of a hybrid cloud, and there are some fundamental reasons for that — security, data sovereignty, operational control, regulations, and cost. Many companies that have gone to the cloud to save money find out that the cost is higher than it was when they were on premise. Many customers are keeping at least a portion of the environment on premise — specifically the core capability of their business — because they fear losing control of what’s going on inside the data center when they move into the cloud.

The hybrid cloud solution and a full on-premise solution allow companies to maintain control and costs, but they also want to have a cloud-like experience. Cisco’s automation technologies built in at the compute level and the application layer allow IT departments to provide cloud-like experiences to their business without actually going to the cloud. For instance, some customers have opted to perform data center operations on premise, but back up data to a cloud environment.

While networking is an important part of all SAP landscapes, Cisco’s SAP portfolio brings more than just networking technology; it provides data centers with an entire solution and end-to-end functionality — the networking, storage, computing, and security — and brings numerous partners to the plate to address specific customer needs.

Developing Next-Gen Solutions for Tomorrow

The engineering team here at Cisco, which received the 2017 SAP Innovator of the Year award for its SAP solutions, is continuing to develop new products and to enhance the artificial intelligence and machine learning capabilities in Tetration. The team is also working on innovative ways to manage the data center of the future, including a new management tool that will let companies manage data centers and extended data centers from anywhere and receive updates in a constantly refreshed management experience. The tool, Cisco Intersight, is a cloud-based IT operations management functionality that looks at an SAP environment from the data center to the edge. This is just one example of a vast array of innovative technology coming from Cisco that is directly applicable to an SAP customer.