When you think about SAP, you think traditionally about business software running in your datacenter. You might also think about SAP’s move to the Cloud. Many customers are already using SAP Cloud offerings. Consequently, we are entering a time of co-existence of SAP software being computed in your own datacenter as well as in SAP’s Cloud datacenters. Latest at this point you have to start thinking about integrating your on premise software with the services you run in SAP and non-SAP Clouds and how are all these software components and services communicating with each other?

As the picture shows everything needs to be connected with everything anywhere.

Communication happens simultaneously across datacenter locations and company boundaries. The end points of a communication link are typically in different locations and they belong to different companies, e.g. customers own their on-premise
deployments and SAP owns the SAP Cloud deployments, to which you are just subscribing too. Consequently, setting up communication links becomes as important as the computation inside datacenters itself.

Part of communication links is technical connectivity through use of network technologies. Inside datacenters fast local area networks (LAN) are used to interconnect various servers.  Datacenters are connected via wide area networks (WAN) with each other, to end-users and also to the Internet of Things applications embedded in all kinds of machinery and devices. WANs, in particular the public Internet, are many magnitudes slower than LANs, have lower quality and are less secured than your LANs, which raises the need of a network buffer zone in between the inside and outside networks. Mostly this zone contains security services and is therefore called De-Militarized Zone or DMZ. That zone is populated with a variety of services which provide:

• Network security services
• Reliability services
• Performance Services, which can address in particular the performance challenges of global WAN connections.

All these network services have one common problem: If they don't work they cause application downtimes by rendering your application servers inaccessible. If their security is bridged, your business data may be stolen or compromised. So, the
reliability, security and performance of communication links are as important as the same qualities for computations – in particular in a more and more cloudy IT world.

This is all enough motivation for network technology partners and SAP to engage in joint testing of our products for promoting the end to end reliability of the business application services your company uses. SAP formalized the testing and engagement with the network vendors and offers since 2007 a network technology product certification to our network partners. Last year we updated and upgraded this service, offered by the SAP Integration and Certification Center group, to its new Version 2.0.

Our test landscape is now hosted in Amazon Web Service or AWS cloud, using their Virtual Private Cloud (VPC) capabilities. That sounds complicated but is in fact an easy way to emulate datacenter like LAN networks with multiple network security zones, populate them with business application components, operational tools software and network service components alike and to connect all that to the Internet. This way an experienced IT engineer can be a one-person datacenter crew and deploy and operate a small on premise production like datacenter environment.

The current state of our landscape is shown in the picture above. Our CRM system has two nodes for demonstrating high availability and scale out, a BOE and Hana system demonstrate on premise component integrations and the SAP Portal and Mobile Platform/Gateway components add more use case varieties. On the network product side we already used this landscape with four different partners.

We have multiple options to add SAP, network or in fact any other product to our test landscape.

SAP is providing the new SAP Cloud Appliance Library service which deploys a ready-to-run system into your AWS account within typically just one hour. We got most of our SAP systems that way. AWS also allows you to share your component images securely with people you know, which is a great way to get cloned systems from you friends. Then many vendors also sell their products
through the AWS Marketplace. We used the last 2 options to deploy our network partner’s products into our landscape. The traditional options of just installing software exist of course too. We used it for SAP products like the SAP Web Dispatcher and SAP AccAD components and for 3^rd party and open source tools, which we need for operations and testing.

On top of this landscape we developed a variety of test scenarios, among them the important case on SAP Cloud – on premise hybrid application connectivity. If you like to know the very details of how to set up technical connectivity for such hybrid applications I recommend our new Technical Connectivity Guide posted on the SAP Service Marketplace for our customers and partners. Cloud for Customers is just one example where technical connectivity is often needed to integrate with customers on premise backend systems.

SAP recommends that you use certified network products of our partners or SAP’s own network software components for technical connectivity where possible.

You can check the SAP Integration and Certification Center (SAP ICC) website for details about the network product certification program. For an up-to-date listing of SAP certified network products, go to the SAP Application Development partner directory site. Older certifications can be found there with the keyword search "esoa-aw-" or by clicking here. Since Q3/2013, the new version of network product certification is offered and companies with certified products can be found with the keyword search "netwk-" or by clicking here. In the result set you can click on the network vendor names to get more details about their product certification.