Skip to content

Microsoft Azure? Top 3 reasons why it is relevant for sap customers

Microsoft Azure for SAP

Lately, I keep hearing about MS Azure being attractive for SAP operations. From my point of view, the reason is easy. This is because there is now a SecurityBridge Threat Monitoring Solution for MS Sentinel available :). But joking aside, in this article, I would like to share with you my humble opinion on the added value of SAP operation on Microsoft Azure.  

What is Microsoft Azure?

For those who have never had anything to do with Azure, the short answer is Azure is a hyper-scaler like Amazon AWS or Google Cloud. These big three have recognized the opportunity to offer computing power for the computer-intensive business applications of SAP. SAP virtualization is now easier in the cloud than in your own data center.   

Back to Azure. Few may still know that the service was formerly called Windows Azure and has existed since February 1, 2010. That is almost 8 years after Amazon AWS launched its services in July 2002. MS Azure says it already has a presence in more than 140 countries and 58 regions. It is, therefore, also possible to operate your cloud data center on German or European soil. In addition to some general reasons why hyper-scales are very attractive to SAP customers, we also need to look at why Azure is and not AWS or G-Cloud.    

MS Azure benefits for SAP customers

You probably have heard of it. There are supply chain problems that, unfortunately, also hurt the delivery time and pricing of new hardware for your own data center. Therefore, buying the required computing power from Microsoft or its competitors can be of enormous advantage. 

Hyper-scalers usually have better access to the hardware manufacturers, if only because of the annual purchase quantities.  

Until now, SAP customers mainly relied on external computing capacity to cover short-term or temporary requirements. And Microsoft makes the deployment of SAP systems particularly easy. Automated infrastructure and instance deployment can be realized when using Ansible. By the way, the existence of many knowledgebase pages that specifically revolve around SAP also offers great added value. Network segmentation, SAP HANA scale-ups, etc., are described in detail. See also

I am also a fan of the interface, which for me comes across as less complicated than, for example, AWS, which I have been working with for many years. Due to the global distribution of data centers, MS Azure naturally offers a suitable location for companies within the European Union, e.g., to meet GDPR requirements. However, this is not a unique selling point compared to the other providers.

What SAP customers particularly appreciate, however, is the monitoring of performance and security.  

Azure offers Microsoft Sentinel, a cloud-native SIEM that can also process SAP logs. There is even a free adapter, although it is still in “preview” mode. The mere existence of this SAP adapter proves that Microsoft is taking SAP customers’ concerns into account and creating an attractive offering. In addition to security monitoring, SAP customers must, of course, also pay attention to system performance. This can be achieved with the Microsoft Azure Monitor, which can display all important metrics for SAP. 

How does MS Azure support SAP Security?

Security concerns are often perceived as a hurdle on the way to the cloud. Although Microsoft offers its adapter, customers are free to use 3rd party solutions such as SecurityBridge Threat Detection for SAP. This is extremely easy via the SecurityBridge App for Microsoft Sentinel, which is available in the Azure Marketspace. The SecurityBridge App for MS Sentinel has many advantages over Microsoft SAP Threat Monitor and offers more use cases in comparison. 

That flexibility and the obvious prioritization of cybersecurity concerns of customers/prospects makes MS Azure particularly interesting for SAP customers.  

Conclusion

I have to admit that it’s hard to draw a clear line between Azure and its competitors. Although Microsoft Azure is a leader in various areas, e.g.:  

  • Simplicity  
  • Scope of documentation
  • Range of functions (e.g., security and performance monitoring)  
  • etc.

In my opinion, it has a clear advantage, but it cannot completely overtake the pursuers – AWS and Google Cloud. I found it very easy to get going with Microsoft Azure, as many things are automated, and there is very detailed documentation. That is something I missed in my early days with AWS. 

Posted by

Ivan Mans
Find recent Security Advisories for SAP©

Looking into securing your SAP landscape? This white-paper tells you the “Top Mistakes to Avoid in SAP Security“. Download it now.

SAP Security Services
SAP Cybersecurity- Security News
Many companies have recognized the need for SAP cybersecurity, but many have also realized that they cannot accomplish this alone. There are many reasons for this. It can be due to the internal teams' workload or due to the employee's level of knowledge. However, there is a solution that neither burdens your internal staff nor demands additional knowledge. A specialized managed SAP Security Service allows you to harden mission-critical systems, detect and promptly counteract non-compliance, and implement monitoring with accurate anomaly detection.
Patch Management
SAP security provider SecurityBridge—now operating in the U.S.—today announced the full integration of its SAP Security Platform with the Microsoft Sentinel cloud-native Security Information and Event Manager (SIEM) platform and its membership to MISA. SecurityBridge was nominated to MISA because of the integration of its SAP Controller to the Microsoft Sentinel dashboard. SecurityBridge is a Smart Data Adapter that significantly simplifies security monitoring of critical and highly specific business applications.
Angriffserkennung für SAP
SAP Cybersecurity- SAP Identity and Authorization- SAP Threat Monitoring- Security News
Viele unserer Leserinnen und Leser erinnern sich noch an den 25. Mai 2018, Stichtag der bindenden Einführung der Datenschutzgrundverordnung, kurz DSGVO. Verstöße gegen die neue Regelung können seitdem zu drakonischen Strafen führen. Nun steht, zumindest für diejenigen Unternehmen, die zur kritischen Infrastruktur (KRITIS) von Deutschland zählen, ein ähnlicher Termin ins Haus. Am 1. Mai 2023 müssen betroffene Unternehmen ein System zur Angriffserkennung eingeführt haben.
SAP Cybersecurity Risks
SAP Cybersecurity- SAP Security Framework- Security News
Recently, we gave an insight into the known SAP attackers in our blog. Of course, it can already be deduced from this that there are internal and external SAP attackers. That is why today, we want to look at this from an SAP cybersecurity risk perspective.