Skip to Content
Technical Articles
Author's profile photo Konstantin Popov

Connecting to SAP HANA Enterprise Cloud

It’s become a common question, about the integration of a corporate network to the variety of Cloud platform options. In hybrid scenarios, this topic should be considered in detail while planning for a cloud journey.

With this article, I would like to give you a summary of the possible integration scenarios with SAP HANA Enterprise Cloud. This overview covers communication possibilities utilizing SAP Data Centers.

SAP HANA Enterprise Cloud supports the most proven and standardized connectivity options to get customer’s corporate network integrated with the private managed cloud environment. Three alternatives are available today: VPN (IPSec site-to-site), Direct connection (e.g. termination of the MPLS network) and SAP Cloud Peering.

The diagram below provides an overview of the aforementioned options and gives an understanding of the network segregation (SAP, Customers) and responsibilities of the involved parties.

In addition to the integration with a corporate network, SAP HANA Enterprise Cloud provides the capability to expose required Applications or Web services (HTTPS based) directly to the public Internet through LoadBalancers. This is delivered on demand.

Let’s take a closer look at every option.

  1. VPN (IPSec site-to-site)

This is one of the most well-known and fastest ways to build up a secure connection over Public Internet. It allows connectivity to different network segments within a short time frame and eliminates significant investments (e.g. renting dedicated network channels).

This connectivity brings a lot of benefits, here are a few:

1) Quick implementation. Establishing a secure (AES-256 encryption) tunnel via VPN appliances (like Cisco ASA, Cisco ASR, Palo Alto Network Firewalls etc.) or even software VPN gateways (e.g. FreeSWAN)

2) Small investments. Most or even all customers already have access to public Internet and their network architecture allows extending the current network with additional VPN connectivity

3) No bandwidth costs. No additional traffic fees, for PoCs (non-PROD) makes for a good benefit.

As IPSec VPN utilizes the public Internet channel, the customers should take in consideration that it might not have bandwidth or latency guarantees. This is an important topic to account for during planning.

Considering all of the above, I’m concluding that this is a great option to run non-PROD workload (like Proof of Concepts, Project implementations without Productive systems) or for a time period, while the customers are establishing more reliable solutions (see below) for a Production usage.

  1. Direct connection (like MPLS, telco provided VPN)

Direct connection represents one of two recommended options for connecting to a productive business-critical environment. From the diagram below you can see that choosing this type of connectivity, SAP HANA Enterprise Cloud customers (together with their Telco providers) can utilize different types of the network communication channels (MPLS, VPN) and create a high-available solution.

This scenario gives customers freedom of choosing their preferable Telco provider (or several) and brings a great possibility to create a failover solution for the Network connectivity. This comes by having redundant L3 Network routers on SAP HANA Enterprise Cloud side along with HSRP (Hot Standby Routing Protocol), in order to make an automatic and transparent failover solution for End-users.

Direct Connection is recommended for Production usage.

  1. SAP Cloud Peering

SAP Cloud Peering is a reliable and secure connectivity option for customer to SAP Cloud Services leveraging SAP’s global interconnection provider ecosystem. SAP Cloud Peering is a highly secure connectivity option, because the traffic goes through the Telco supplier’s network and never comes across the public Internet. It combines the advantages of a fast deploying solution as well as the security and reliability of dedicated channels. It perfectly fits for the customers who already use network solutions by one of the global interconnection providers (e.g. Verizon, Equinix etc).

You can check the availability of a particular provider in a Data Center location here.

In addition, the details about SAP Cloud Peering connectivity option can be found via the following link.

SAP Cloud Peering is recommended for Production usage an give a great flexibility and advantages leveraging Multi-Cloud environment.

Thanks for reading.

Assigned Tags

      You must be Logged on to comment or reply to a post.
      Author's profile photo Javier Aguilar
      Javier Aguilar

      Hello dear

      Konstantin Popov


      Grupo Zapata is a SAP HANA customer. and it is constituted by 24 localities, connected to a point that is KIOETWORKS, and from this point it connects to SAP HANA.

      It is possible that each location can connect directly to HANA SAP.

      Thank you for the confirmation.


      Author's profile photo Konstantin Popov
      Konstantin Popov
      Blog Post Author

      Hello Javier,


      For this kind of a scenario I would recommend to have a closer look on SAP Cloud Peering solution. It allows the customers, who need to get connected many locations to SAP HEC (delivered from SAP data centers), to leverage benefits of a global interconnection backbone one of the providers from ecosystem. Please follow the link to find out a list of providers available per SAP data center location.


      Kind Regards,


      Author's profile photo Aojasvi Daryal
      Aojasvi Daryal

      Great Explanation Konstantin, Thank you.