sap business one in the cloud: beyond the cloud control center...3rd party software 1. customer...
TRANSCRIPT
![Page 1: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/1.jpg)
SAP Business One in the Cloud:
Beyond the Cloud Control Center
Internal | SAP Employees and Partners OnlySMB Innovation Summit 2019
Special Thanks to:
Cornee Boorsma | SAP Netherlands
Gustav Szenczi | SAP Labs Slovakia
Andre Silveira | SAP Brazil
Michael Cardi | SAP America
![Page 2: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/2.jpg)
2Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Agenda
➢ Business One In The Cloud
➢ Scope
➢ Architecture
➢ Partner Value-add
➢ Security
➢ Service Continuity
➢ Disaster Recovery & High Availability
➢ Monitoring
➢ Partner Panel
➢ Wrap-up
![Page 3: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/3.jpg)
SAP Business One in the Cloud
![Page 4: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/4.jpg)
4Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
SAP Business One Cloud Offering
The SAP Business One Cloud offering has two aspects:
1. Subscription-based licensing
• Covers software, service and support
• Separate SAP Business One Cloud pricelist
• Migration of existing perpetual licenses is possible
2. Cloud Control Center for SAP Business One
• SAP Business One Cloud solution = Cloud Control Center + SAP Business One
• The Cloud Control Center is a web application that enables cloud operators to manage the SAP
Business One Cloud Landscape.
![Page 5: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/5.jpg)
SAP Business One User
Mobile apps
User Portal
Customer
Access
Partner
Management
Lanscape
Management
• SAP Business One
• Sales App
• Service App
• Data Transfer Workbench
• SAP Crystal Reports
Service Unit A (Version X.1)
• SAP Business One
• Sales App
• Service App
• Data Transfer Workbench
• SAP Crystal Reports
Service Unit B (Version Y.2)
Shared Landscape Components
• Customers
• Tenants
• User and Credentials
• Licenses
• Extensions
• Customers
• Tenants
• User and Credentials
• Licenses
• Extensions
• SAP HANA Database
• SAP Business One Services
• Presentation Server
• Integration
• SAP HANA Database
• SAP Business One Services
• Presentation Server
• Integration
Reseller Operator
Cloud Operator
Cloud Control Center
![Page 6: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/6.jpg)
Landscape Management
Dedicated to a Single Service Unit
SAP HANA Database SAP Business One Services Presentation Server Integration
Company
Databases
Common
Database
Service
Layer
Analytics
service
Job
service
S S
Suse Linux
Windows
Backup
service
Mobile
service
S S S
SAP Business
One Client
Browser
Access
W
Integration
Framework (B1if)
W
Shared between Multiple Service Units Central Components
Storage License Server Extensions SLD/Cloud
Control Center
SLD Agent Domain
Controller
W
SWSW
W
![Page 7: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/7.jpg)
7Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Infrastructure
management
Disaster
recoverySecurity
3rd party
software
1. Customer & Tenant lifecycle management
Go!
2. User Management
3. Extension management
5. Seamless integration with essential 3rd party tools
Monitoring
4. Reseller operations
CC
CP
art
ner
Kn
ow
led
ge
How to join forces to build sustainable cloudWhat to expect from B1 Cloud Center
![Page 8: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/8.jpg)
Security
![Page 9: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/9.jpg)
9Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Authorization controlActive Directory - Organization Units
Preferred structure would include organizational unit to achieve:
• Better transparency and clean User Active Directory structure
• Ability to delegate administrative tasks to dedicated users
• Ability to deploy custom Group Policy Objects per organization
units
B1_Cloud
++Reseller_Name
+++Customers
++++Customer_Name
+Resellers
Organization Units Users
Cloud Operators
Reseller
Operators
Customer Users
Active Directory structure generated by Cloud Control Center is
monolithic and outdated.
![Page 10: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/10.jpg)
10Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Resource access controlActive Directory - Security Groups
Customer
Users of specific Customers
Users of all Customers
Cloud Operators
Cloud Operators
Resellers
Operators of specific Reseller
Operators of all Resellers
Users of Reseller Customers
Users of specific Tenant
Tenant
Users of all Tenants
Service Unit Users
All users should have access to only those resources, that are needed for the users’ role.
Security groups can provide efficient way to access to control and limit the resource access.
![Page 11: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/11.jpg)
11INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Network segregation
Security
Introducing security groups into a landscape has several benefits:
• Reducing congestion – As there are fewer hosts in the subnetwork, local traffic is minimized
• Improved security – Broadcasts are minimized, therefore limiting visibility outside the group. Attack
surface is minimized as well, so if one group becomes compromised the other hosts still retain their
security
• Containing network problems – Limits impact of failures in one network to propagate further into the
landscape
Quick tips:
• Ensure that only those ports that are needed are opened. If a security group contains only web servers,
then probably only ports 80 and 443 are needed
• If the ports do not need to be accessed by everybody, set the appropriate rules. (E.g. LB and WS)
• Specify outbound rules of a security group as well. This prevents using your hosts in all kinds of attacks
When setting up security groups, it is a good practice to place all hosts serving the same purpose into one
security group. This means, that all DB servers should be in one security group, all web servers in another,
and all application servers in another.
![Page 12: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/12.jpg)
12Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
SAP Business One Client and extensions are running directly on operating system.
If the end users can run and/or install software, then attackers can do as well.
Restrict Unauthorized Code / control code execution
Typical executables to restrict from executing by an end user in Windows environment should include:
regedit.exe, explorer.exe, cmd.exe, tasklist.exe, rundll32.exe, svchost.exe, … The same applies to script
interpreters including: python, csc, … The goal is to limit the attack surface by denying visibility into the
system as well as removing tools for controlling it.
Therefore we need application whitelisting to:
• Restrict executing all files (and DLLs) except the specified list. Blacklist
everything, whitelist needed files for specific users or user groups
• Log every attempt to execute restricted executable (or DLL) and regularly
review logs
![Page 13: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/13.jpg)
13INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Firewall
The first (inbound) and last (outbound) line of defense in the cloud environment is a firewall, which prevents
unwanted traffic from reaching deeper parts of the landscape.
Quick tips:
• All changes to the firewall rules should be logged into the audit log
• Use automation to update firewall settings. The automation can serve as a documentation to firewall rules
as well
• Firewall rules (or the automation rules) should be part of backup & restore procedures
• Review firewall rules regularly and remove unused, overlapping rules. Similarly, consider if rule is
necessary if it hasn’t been triggered for an extended period of time
• Regularly audit firewall logs for suspicious activity. Create monitoring and logging rules for those
• Keep firewall software and firmware up to date
About 99% of firewall breaches are caused by firewall misconfiguration. More in-depth firewall configuration
checklist can be found here: https://www.sans.org/media/score/checklists/FirewallChecklist.pdf
![Page 14: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/14.jpg)
14INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Limiting Data Access
Security
When hosting a non-native cloud application, often times the only possibility for
controlling and limiting the application functionality in terms of data access is to
have rules for accessing only the parts of disk (or shared storage) as well as
rules for accessing data. It is common for non-cloud applications to be built to
be used by one user only and don’t have built-in strategies for user isolation.
Quick tips:
• Data access should be synchronized with authentication & authorization
source, so that all changes to it are propagated across the landscape
• All users should have access to only that data that is needed for the users’
role. This is true for standard users, technical users, DevOps, …
• Apply the same principle as in every lock-down. Lock everything, then apply
permissions to needed locations and databases
In Windows environment, the C:\Windows directory and its’ subdirectories need to be accessible, as well as
personal directory in C:\Users and C:\Program Files (for reading, including it’s x86 vesion). Other disk
locations might include C:\Temp for example.
![Page 15: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/15.jpg)
15INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Each user, that has access to the system (customer, admin, DevOps, technical user) should have minimal
privileges, that allow for performing the task. This is true in every aspect of access, whether it is disk
access, network access, services access, data access, …
One Authentication & Authorization Source
Security
To be able to control the access to the landscape, it is necessary for authentication and authorization source
to exist. For maintainability, it is important, that there is one and only one source. This provides confidence
that changes to this source are propagated throughout the landscape and that all services check the
authentication and authorization against this source.
Quick tips:
• The source should be extremely well protected against change. If possible, network segregation should
be used to increase its’ protection
• All changes to the source should be logged into the audit log
• The content of the source should have a backup & restore strategy set, so that in case of disaster, it can
restore its’ operations quickly
• The source should be run in high availability. If the service(s) providing the authorization source fail, it will
be impossible to log into the landscape
![Page 16: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/16.jpg)
16INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Restricting Unauthorized Code
Security
Even when limiting data access (to the disk), there are still directories (or executables) that need to be
accessible to end user. The problem with non-cloud applications is, that they are running directly on
operating system. There are a lots of ways, which cannot be prevented by disk access authorization, but
when executed can cause significant damage to the host or even landscape. This is especially true in
Windows operating environment.
Quick tips:
• By default, restrict executing all files (and DLLs) except the specified list. Blacklist everything, whitelist
needed files for specific users or user groups
• Log every attempt to execute restricted executable (or DLL)
• Be aware of the fact, that blacklisting all executable files may cause a lockout of the host (nobody will be
able to log in, since critical executables are restricted from execution)
Typical executables to restrict from executing by an end user in Windows environment should include:
regedit.exe, explorer.exe, cmd.exe, tasklist.exe, rundll32.exe, svchost.exe, … The same applies to script
interpreters including: python, csc, … The goal is to limit the attack surface by denying visibility into the
system as well as removing tools for controlling it.
![Page 17: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/17.jpg)
Service Continuity
![Page 18: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/18.jpg)
18Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Disaster recovery
High Availability
SAP Business One provides high availability for critical software components:
• System Landscape Directory
• License Server
It is to use high availability setup important to remove single point of
failure.
Data backup and recovery
SAP Business One defines backup and recovery procedures for software components. It does not have an
ambition to provide comprehensive backup solution.
![Page 19: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/19.jpg)
19INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
The Cloud Services include daily backup of all customer data in accordance with standard backup
procedures. Backup service usually includes:
• Backup of customer databases and data folders
• Backup of internal and 3rd party systems (SLD database, License files and license assignment backups,
Secrets, Landscape definition files…)
• Backup retention
• Definition of maximum data loss
• Duration of data restore
SAP Business One Cloud does not provide comprehensive backup tool. Service provider is responsible for
choosing appropriate tools and backup strategy.
Backup and restore policyIT service continuity
• Make sure that the backup process is automated across all instances and monitored
• When backing up data, the best practice dictates to store the backups on different drives, offline media,
different geographical locations, etc.
• Perform periodical trial restore to ensure that all processes can be executed correctly
![Page 20: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/20.jpg)
20INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Set of policies to recover from natural or human induced disaster. Key aspects are:
• Recovery Point Objective – maximum targeted period in which data (transactions) might be lost from
an IT service due to a major incident
• Recovery Target Objective – time duration within which a business process must be restored after a
disaster (or disruption) in order to avoid unacceptable consequences associated with a break
in business continuity
Based on business expectations the disaster recovery strategy can include
• Data backups and replication to remote locations
• High availability of software components
• Remote backup site. A fully functional alternate site with an in-place network, security, storage, and
basic replacement server
Disaster recoveryIT service continuity
• Even just a one hour outage can result in significant costs to a small company
• Remote backup site significantly increases hardware costs. It is usually positioned as a premium
service
![Page 21: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/21.jpg)
21INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
HA solutions keep your service as accessible as possible, even in the case of a partial server or software
failure.
It is important to identify any single point of failure and reconfigure around it so that it is not a single point
of failure anymore. Single point of failure can be software, server, storage, network, datacenter or ultimately
earth.
SAP Business One is providing high availability for critical software components:
• System Landscape Directory
• License Server
For remaining software components (SAP HANA, MS Domain controller, MSSQL, MS Remote Desktop
Services) standard high availability guides to be followed.
High availabilityIT service continuity
• According to reports, 67% of best-in-class organizations use fault-tolerant servers and software fault-
tolerant solutions to provide high availability
• SAP Business One high availability is design to protect end-users from outage. Secondary systems
might be affected when failure occurs
![Page 22: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/22.jpg)
Monitoring
![Page 23: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/23.jpg)
23Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
• Best practice is to log and monitor health status of the landscape
components (CPU utilization status, disk utilization status,
available memory, services status, critical entries in the log files
and event logs, ...)
• If an recurrent error occurs, it is important to establish monitoring
and define preventive, if required automated, actions.
• Monitoring system should located on hosts outside the productive
landscape. Make sure, you open only the necessary ports allowing
to monitoring system function correctly.
Monitoring
![Page 24: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/24.jpg)
24INTERNAL© 2017 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Monitoring
Monitoring system allows trapping events from different hosts or tools, as well as provides automated actions.
Monitoring system should be located on hosts outside the productive landscape. Make sure, you open only the
necessary ports allowing to monitoring system function correctly.
Best practice is to log health status of the landscape components (CPU utilization status, disk utilization status,
available memory, services status, critical entries in the log files and event logs, ...)
If a recurrent error occurs, it is important to establish monitoring and define preventive, if possible automated,
actions.
Automated actions can help in keeping the landscape running despite some of the services not working
properly (e.g. consuming too much memory). While the developers of the component fix the problem,
monitoring tool can still be used to monitor the status of the component and restarting it when needed to
free up consumed memory. In a combination with High Availability, end user will not notice service outage.
![Page 25: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/25.jpg)
25Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Health of the Service unit
It is important to monitor whole SU as it offers
complete B1 functionality to customer.
Integrate infrastructure parameters such as
• RAM consumption
• CPU utilization
• Disk I/O
• Network speed
and component health status e.g. service is
• Running
• Responding
• Configuration
• Serving it’s purpose
![Page 26: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/26.jpg)
26Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
• Alerts should contain information about root cause and required response
• Do not ignore alerts that resolves without your involvement
• Do not mix monitoring data from machines in maintenance with data from productive system
• Keep your dashboard monitoring clean
• Scale your monitoring system with the landscape
• Monitor your backups and backup your monitoring
• Do you monitor Logs?
• Monitor your monitoring
• Combining business and technical data can help you to act proactively
Monitoring tips
![Page 27: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/27.jpg)
Partner Panel
![Page 28: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/28.jpg)
28Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Partner Panel
Gary Feldman, President
I-Business Network
Richard Calvo
Consensus International
![Page 29: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/29.jpg)
29Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
A pioneer in the Cloud Services
market, Gary formed I-Business
Network in 1999 as an outsourced
application hosting service focusing
on mid market ERP systems, landing
the first hosting agreements in 1999.
I-BN was one of the original
“Business One On-Demand” partners
in 2008 and became the first partner
Certified by SAP in Hosting Services
for Business One in 2012.
Gary Feldman, I-Bn
![Page 30: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/30.jpg)
Additional Service UnitsAdditional Service Units
Landscape Management
Suse Linux
Windows
Dedicated to a Single Service
Unit
SAP HANA Database SAP Business One Services Presentation
Server
Integration
Company
Databases
Common
Database
Service
Layer
Analytics
service
Job
service
S S
Backup
service
Mobile
service
S S S
SAP
Business
One Client
Browser
Access
W
Integration
Framework
(B1if)
W
Shared between Multiple Service
Units
Central Components
Storage License Server Extensions SLD/Cloud
Control
Center
SLD Agent Domain
Controller
W
SWSW
W
FirewallSDN Router
ADC/Netscal
er
I-BN CloudCitrix Storefront Delivery ControllerActive Directory Print Services File Sharing
Backup & Replication
Administration
Active Directory MonitoringFile Server Anti-Virus/Malware Provisioning
Profiles
![Page 31: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/31.jpg)
31Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Cyber SecurityFirewall
Virus Protection
Intrusion Detection
Proxy Server
SQL injection protection
Backup and Replication
Identity Control
Password Policies
Micro-segmentation
Federated services - Single Sign On
Servers in Escrow
….
![Page 32: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/32.jpg)
32Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Easy to Use
Easy to Manage
SuSe Expertise
Infrastructure Expertise
Device independence
Desktop Experience
Federated services – Single Sign On
FileCloud
RDC Manager
….
![Page 33: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/33.jpg)
33Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Richard emigrated from Cuba at a
young age and took several IT
related jobs as he pursued his
Bachelor's Degree from Florida
International University, in order to
pay tuition.
Since joining Consensus in 2012 he
has held many roles and is currently
responsible for implementing and
managing the infrastructure and
software for their SAP Business One
Cloud offering.
Richard Calvo, Consensus
International
![Page 34: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/34.jpg)
34Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
6Service Units
35Customers
85Tenants
Operational Efficiency with the Cloud Control CenterCurrent Implementations*
* Start of 2019
90%NNN last 2 years
![Page 35: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/35.jpg)
35Confidential: Released for Partners© 2019 SAP SE or an SAP affiliate company. All rights reserved. ǀ
Improved Provisioning AuditingAbility to audit actions related to customer, tenant, licensing operations including the operator responsible
Improve Customer Environment Ramp-Up timeSignificantly reduce the amount of time necessary to deploy a Business One company and access on hosted environment
Improve Shared Resource SecurityCloud services segregate visibility into shared resources like available license files, access to mobile and browser services
Simplify Tenant MigrationEasily run tenant upgrade prechecks and duplications including user and license assignments
Benefits
![Page 36: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/36.jpg)
Questions
![Page 37: SAP Business One in the Cloud: Beyond the Cloud Control Center...3rd party software 1. Customer & Tenant lifecycle management Go! 2. User Management 3. Extension management 5. Seamless](https://reader033.vdocuments.us/reader033/viewer/2022051901/5ff0723485a8de43e1718f28/html5/thumbnails/37.jpg)
Thank you.
Gamification Challenge Code
JV7Y88By entering this SAP Breakout Session
code you will be granted 10 points
5 5