The global and independent platform for the SAP community.

Next Gen SAP Operations on Azure

Based on successful projects, we understand a modern and future-oriented SAP Operations on Microsoft Azure as a secure, flexible, scalable and individually adaptable operation of SAP system landscapes.
Oliver Hafner, Scheer GmbH
Daniel Schillinger, Scheer GmbH
September 24, 2020
[ 1191963076, MiniStocker]
This text has been automatically translated from German to English.

To ensure that an SAP system landscape functions smoothly, efficiently, and securely at all times, it must be permanently monitored, carefully maintained, and consistently updated and enhanced as part of an application lifecycle. This generates increasing costs in traditional operations and ties up personnel from the IT departments.

The aim is to relieve customers of the additional work involved in operations so that they can concentrate fully on their core business and continue to develop their corporate processes. A range of automated tools and services are also used to ensure permanent and smooth operations. This starts with monitoring, which supports the operation of the system landscapes - from administration and security to business process monitoring at the application level. Some of these services will also be available directly from the Microsoft Azure Marketplace in the future.

In addition, automatically available dashboards and services are used, which actively provide information about the current utilization of resources and system performance and deliver maximum transparency for the customer. This allows ad hoc opportunities for cost reduction to be identified and implemented. Periodic system health checks and further optimization potentials of the system landscape are also supported.

In addition, security features such as simple remote administration, detailed security management, user, permission and access management continue to be found within Operations on Azure.

Contemporary automation relies on tools such as HashiCorp's Terraform or RedHat's Ansible. Terraform has emerged in recent years as the tool of the hour (Infrastructure as Code). With its own language, which is based on Javascript, complete cloud IaaS environments can be created, right down to the running virtual machine. Complete SAP system landscapes, including database and S/4 application, can be provisioned automatically in just a few hours.

However, the advantages of this automated setup are not only the enormous speed, but also the human configuration errors avoided by the standardization, which can occur during the manual setup of such a landscape. Due to the infrastructure-as-code approach, the method scales from smaller to very large landscapes.

For orchestration on the running operating system, modern tools like Ansible are recommended. Ansible is an orchestration tool that can be used to bring a system into a unified state. This state can map, for example, that a complete base configuration with hardening, tuning and other best practices should be applied on the operating system or that a Hana database should be installed and configured. The advantage of Ansible's so-called idempotent approach is that even existing systems can always be brought up to the current state of automation.

One of the new challenges of Security Operations is to keep pace with a high degree of agility and flexibility. For this to succeed, visibility is the most important success factor. Visibility is achieved in the Azure landscape primarily through the Azure Security Center (ASC).

The ASC is a standard component in the Azure landscape and enables monitoring of resources. With the help of the Compliance Manager, it is possible to get a quick overview of whether the infrastructure is compliant or not. In combination with previously created policies, the fear of not passing audits is a thing of the past.

In addition to visibility, the topic of threat detection and response - reacting to security events - plays an important role. To detect threats, it is necessary to bring together various data sources and collect information. By correlating this data, it is possible to identify complex attack patterns, record them in the form of a ticket, and initiate appropriate protective measures. As a cloudnative SIEM, Azure Sentinel offers all the necessary features for these security operations tasks.

Oliver Hafner, Scheer GmbH

Oliver Hafner is Team Leader SAP Application Operations at Scheer GmbH.

Daniel Schillinger, Scheer GmbH

Daniel Schillinger is Unit Leader Data Center and IT Infrastructure at Scheer GmbH.

Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024


Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT


Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024


Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.