POV: SAP PI as a Managed File Transfer Tool
Any typical SAP implementation landscape would contain a multitude of 3rd Party or B2B partners. These might include banks, payment agencies, collection desks, customers placing order or suppliers receiving Purchase orders. In most cases sensitive data is passed in such transmissions and secured/Managed file transfer is mandated.
In my opinion the core features of an MFT solution include :
- Encryption, Tokenization, Key Management
- Streaming Delivery for large File Transfer
- Security Protocol Support – e.g. SFTP/ FTPS/SSL
- DMZ node
- Routing of FTP processes
- Scheduling of File Transfer Processes
- Compliance and Auditability
- Trading Partner Management
Customers typically invest into an MFT solution, to satisfy requirements.
How does SAP PI fare on the above parameters?
- Encryption, Tokenization and Key Management – Till recently SAP PI did not have an out of the box mechanism for file encryption, and had to depend on third party vendors for support. With SAP PI 7.1 SP08 ( or equivalent for 7.3 or 7.31), the SFTP and PGP add-on is available. This add-on can support PGP encryption requirements for a customer. PI always had a robust key management mechanism.
- File Streaming – SAP PI till recently did not support, streaming delivery for large file. In fact large file transfer was not even a viable option. The recent releases of PI, support file chunking mechanism, which satisfy this requirement.
- Security Protocol Support – With the new SFTP Add-on, PI now fully supports SFTP along with FTPS file transmission protocol. AS2 is supported via the B2B add-on.
- DMZ node – The DMZ node comes into play, when an external or B2B partner would push a file for SAP to consume. In such a case, the a typical MFT solution would have a node in the DMZ which would be accessible to the external partner. SAP PI does not support a DMZ node, hence cannot be used in an Inbound push scenario. This is one of the major disadvantages which PI has over an MFT solution.
- Routing of File Transfer Processes – SAP PI being a robust middleware can be configured to support single or multi-receiver routing. It also provides mechanism to reuse transformations between routing rules.
- Scheduling of FTP Processes – SAP PI has scheduling capabilities on the communication channels via ATP (availability time planning), also it can be easily integrated with a scheduling tool like CPS redwood. This is achieved by means of the http based external control mechanisms in PI.
- Compliance and Auditability – SAP PI supports, traceability/auditability and logging in multiple ways. Various levels of logging can be configured.
- Trading Partner Management – This is a common feature of SaaS based MFT solutions, in which the MFT solution acts as a mailbox or post office, managing addition of newer trading partners, whereby reducing IT costs. There is no such feature in SAP PI.
The limitations above (Lack of a DMZ node and robust Trading partner management) elude PI from becoming a robust managed file transfer solution. Most middlewares today like TIBCO support a fully functional MFT solution, whereby reducing customer TCO.
The SaaS or Cloud based MFT mechanism, are available as a part of SAP Information Interchange (SAP-Crossgate), and have a strong trading partner management feature. It needs to be seen, if this can be integrated with SAP PI.
With PI 7.31 being now used as an enterprise middleware, it would exciting if the above limitations become features. This would definitely reduce the total cost of ownership of an SAP integration solution.