Secure on SAP S/4 With Suse and Edge Integration

For companies that want to future-proof their IT systems, SAP S/4 Hana is often the linchpin and the heart of their corporate IT. The sensitive data and business processes that are processed using it must be comprehensively protected. Security should therefore be a top priority when planning the new infrastructure.

With CC EAL 4+: SLES for NIS 2 compliance

A decisive step for IT security is the choice of a secure infrastructure, which is essential for SAP users. Suse Linux Enterprise Server (SLES) is certified by the German Federal Office for Information Security (BSI) according to Common Criteria EAL 4+ and thus fulfills the highest security requirements. This certification confirms that SLES not only ensures the protection of sensitive data, but also offers the entire supply chain reliable security through independent evaluation. For SAP users, this means that they can prove that their systems meet NIS 2 and EU Cyber Resilience Act requirements without any additional effort.

Edge Integration Cell for sensitive data

Many SAP customers are facing the challenge of migrating to S/4 Hana by 2027 as well as replacing existing middleware solutions such as SAP PO/PI. However, not all customers are ready to switch to a fully cloud-based integration solution and want to retain control over sensitive data and interfaces in-house in the future. Organizations from highly regulated industries may also be obliged to do so by compliance requirements or legal regulations.

SAP has developed the SAP Edge Integration Cell for these customers. The SAP Edge Integration Cell is a hybrid solution for the SAP Integration Suite that enables companies to run APIs and integration services locally in their own data center or in a private cloud environment. Developers design their integration flows with the Integration Designer in the cloud and then make them available in a runtime environment in their own network. This enables companies to prevent sensitive data from leaving their network.

Technologically, the first version of the SAP Edge Integration Cell is based on the Suse solution stack. The containerized application runs in a Kubernetes environment that is managed with Suse Rancher Prime. Suse Linux Enterprise (SLE) Micro is used as the operating system. The SAP Edge Integration Cell also uses other open source components such as MetalLB, Redis, PostgreSQL and the cloud-native distributed storage platform Longhorn.

Protection of the entire software supply chain

Users of the SAP Edge Integration Cell also benefit from all the security advantages of the Suse solution stack and are thus able to prepare the SAP Edge Integration Cell for NIS-2 requirements, for example. SLE Micro meets the security standard of the Common Criteria EAL 4+-certified SLES operating system thanks to its common code base - including the independently validated software supply chain.

Suse Rancher Prime - the container management platform of the SAP Edge Integration Cell - also has a secure software supply chain. The solution was recently certified according to Supply Chain Levels for Software Artifacts (SLSA). This framework, developed by Google, aims to ensure the integrity of software when creating binaries. Measures such as an automated build process and complete documentation of origin (Software Bill of Material = SBOM) protect the software from manipulation and enable secure traceability of the source code.

To the partner entry: