The global and independent platform for the SAP community.

The future is in the cloud, data science and resilience

SAP is pushing the move to the cloud. For companies, this is often associated with a changed operating model. If approached correctly, they can still benefit from this change.
Michael Herkens, Nagarro
May 25, 2023
This text has been automatically translated from German to English.

Cloud Computing: SAP ERP meets Google BigQuery with Machine Learning

The end of SAP R/3 and ER/ECC 6.0 is clearly on the horizon. However, setting an exact date seems to be a challenge for SAP. What is clear, however, is that support for the previous SAP core systems will be discontinued in a few years. The lack of a concrete end date for R/3 means that, on a day-to-day basis, companies keep putting the issue on the back burner. It makes sense to deal with the changeover in a timely manner - because this is the only way to take advantage of the opportunities offered by a future-proof realignment.

In terms of system operation, it looks as if there will only be one target platform in the future, namely the cloud, while on-prem models still dominate among user companies, albeit with a continuously declining trend. Hosting in an external data center is just as widespread. But what are the advantages of shifting the deployment model to the cloud? And which cloud makes sense for the individual use case?

SAP Public Cloud

SAP's public cloud is tailored to defined scenarios and plays a minor role for most companies. SAP itself is pushing the switch to cloud-based products and services with Rise with SAP, the Walldorf-based company's latest attempt to port customers to the cloud. In addition to the marketing pressure generated by SAP, hyperscalers are naturally interested in taking on SAP workloads. Currently, seven hyperscalers offer certified IaaS platforms for OLAP and OLTP. For the German-speaking market, Amazon Web Services (AWS), Google Cloud Platform (GCP) and Microsoft Azure are the relevant providers.

Surprises often arise in the ongoing decision-making process when choosing the operating model. Supposed disadvantages and advantages are put into perspective when taking a closer look at the switch to the cloud. Particularly when it comes to security, there are more advantages than objections in practice. The services of all three hyperscalers mentioned, for example, comply with the Cloud Computing Compliance Controls Catalog (C5) of the German Federal Office for Information Security (BSI). C5 helps companies secure operations against common cyberattacks when using cloud services.

One aspect that is hardly ever highlighted at the start of a project - and also in the RfP (Request for Proposal) processes of the user companies as a whole - is how a realigned SAP operation will affect the innovative strength and competitiveness of the user company. The fact that many companies are aligning a core system of corporate value creation with the questionnaire of the past is astonishing - especially in a time of dramatic upheaval. Agility, market proximity and sustainability are the paradigms of the future.

Likewise, new business models, such as direct-to-consumer (DTC) concepts and subscription services, are becoming increasingly popular. Although the share of e-commerce in total sales is currently still small, growth here is accelerating significantly. Artificial intelligence (AI) and machine learning, the Internet of Things (IoT) and blockchain promise to fundamentally change business success. Industry leaders are already using these new technologies to respond to consumer trends and make their operations more efficient.

Business Technology Platform

The enterprise resource planning system remains the central data management unit (source of authority). In addition, hyperscalers provide database systems and technologies that enable companies to respond more efficiently and quickly to market requirements (source of agility). The bridge to the transition is the SAP Business Technology Platform (BTP).

In the case of the three hyperscalers mentioned, BTP is an established platform for combining intelligent enterprise applications with database and data management, analysis, integration and extension functions. The idea is that customers are free to choose the right combination of cloud solutions according to their individual requirements - and can quickly introduce new functions as needed.

Source of Agility

What does the Source of Agility do? This is illustrated by an example: Google BigQuery is a serverless multi-cloud data warehouse for data-driven innovations in companies, which is connected to SAP ERP via the path described and is the "system of agility" here. As a core system, it supports data transformation. In-house data from SAP is enriched with external datasets and streaming data in real time. BigQuery thus becomes the central solution for data analysts and data scientists, enabling them to query all data types: structured, semi-structured and unstructured data. 

SAP at the center with BTP as the enclosing platform is complemented by numerous Google cloud services with a focus on data warehousing.

With Dataplex, an intelligent data fabric, organizations can access trusted data and helpful analytics at scale. They can then capture, manage, monitor, and deliver it across data lakes, data warehouses, and data marts with unified controls. The next step is to leverage the result for BigQuery integrated machine learning (ML). BigQuery ML enables organizations to build and run machine learning models in BigQuery using standard SQL queries. 

Data Science with BigQuery

Machine learning with large datasets requires extensive programming and ML frameworks skills. These requirements limit solution development in most organizations to a very small group of people. Data analysts are not among them because, while they typically understand the data, their programming skills and machine learning knowledge are limited. When using BigQuery ML, on the other hand, they do not need to acquire new knowledge and can use existing SQL tools to leverage machine learning. With BigQuery ML, ML models can be created and evaluated in BigQuery. This allows the SAP operations team to take care of their tasks and the customer-facing units to access highly aggregated and visualized real-time data to make the right decisions.

Google Cloud Cortex Framework

With the Google Cloud Cortex Framework, Google offers a collection of tools and services from Google Cloud specifically for security and compliance of cloud-based applications and infrastructure. The framework is part of the Google Cloud Security Platform and supports security and compliance teams with services such as:

Security Command Center, A centralized dashboard that provides comprehensive Google Cloud security and compliance insights, including vulnerability management, risk analysis, and compliance assessments.

Event Threat Detection, a service that automatically monitors Google Cloud logs and identifies anomalies, threats and potential security incidents.

Binary Authorization, a service that controls the execution of applications in the cloud and ensures that only approved and trusted software is executed.

Forseti Security, an open source tool running on Google Cloud that monitors and automates cloud infrastructure security and compliance.

As part of the broader Google Cloud Platform, the Google Cloud Cortex Framework helps organizations improve the cloud security strategy of existing SAP customers in the Google Cloud and meet compliance requirements.

The Google Cloud Cortex Foundation Framework complements the SAP system through proper customizing - the experts at Nagarro know how to do it.

Google Apigee

Google Apigee is an API management platform that helps organizations design, deploy, monitor, and scale application programming interfaces (APIs). APIs are interfaces that allow applications to communicate with each other and exchange data. Apigee's key features include:

API Design: Apigee helps companies design APIs with industry standards and best practices to ensure a consistent developer experience and easier integration. This leads to faster time-to-market for new applications and makes businesses more agile.

API Management: Apigee enables companies to effectively manage their APIs, including access, security and monitoring. This means that enterprises can control access to their APIs, ensuring that they run stably.

API Analysis: Apigee provides comprehensive monitoring and analysis of APIs to detect behavior patterns and identify trends. This enables organizations to quickly respond to issues and improve the performance of their APIs.

Apigee supports REST, gRPC, SOAP, and GraphQL, providing flexibility for customizing with SAP and the Business Technology Platform.

Scalability: Apigee enables companies to scale their APIs on a global scale and distribute traffic across different servers and locations. This allows companies to expand their customer base and improve the availability of their applications.

Integration: Apigee provides seamless integration with other Google Cloud services such as Kubernetes, Cloud Functions, Cloud Pub/Sub and Cloud Storage. This makes it easier for enterprises to develop and deploy applications on the Google Cloud Platform.

Overall, Apigee thus adds value to enterprises by helping them design, manage, monitor, scale, and integrate APIs more effectively, which can lead to greater agility, efficiency, and customer satisfaction.

Reduce application downtime

How many times have users closed an application when they encountered the "Spinning Wheel of Death"? Admittedly: a rather melodramatic way of saying that an application takes too long to load! However, in the current digital economy, where applications are the main source of revenue for many businesses, this spinning wheel of death (or poor application performance) can result in lost users or revenue. And nearly every modern application relies on APIs as the nervous system between distributed systems, third-party services and microservice architectures. In addition, while meeting the requirements for rapid release cycles and frequent API updates, it is also imperative for IT teams to ensure that API SLOs and performance requirements are met and issues are proactively mitigated. 

However, when thousands or even millions of users make multiple requests to an API, relying only on synthetic monitoring tools is often not enough for accurate diagnostics or useful forensics. This is because they mostly rely only on samples or limited API availability information.

At the same time, monitoring every single aspect only increases the effort and mean time to diagnosis. API monitoring is absolutely critical as an "art and science" for operations teams. It is the only way they can ensure that all APIs are running and functioning as intended.

Any technician can inform about the overhead costs incurred by incorrectly prioritized alerts. Imagine a distributed application with 20 APIs: Even if basic alert monitors for latency, errors and traffic exist for those APIs, you end up with about 60 alert definitions to monitor and manage - a lot of overhead. Therefore, to balance avoiding monitoring dead spots with warning fatigue, operations teams must develop a clear understanding of all events and prioritize the configuration of warnings for events that support critical traffic.

Any alert condition created should further include information that requires the active engagement of a user - as opposed to just a robotic response. Apigee's API monitoring enables alert conditions to be created based on metrics or logs, while providing actionable information (e.g., status
code, rate, etc.) and playbooks ready for diagnosis.

In multi-layered systems, one team's symptom ("What's broken?") is the cause of another downstream system ("Why?"). Even if some events do not lend themselves to actionable alerts, a failure must trigger a transfer of information to a downstream system to mitigate the impact of the upstream dependency. In such cases, the SAP Basis team should invest in automated alerts, grouping of multiple incidents into notification channels, and incident tracking. For example, with Apigee, IT can integrate and group alerts into channels such as Slack, Pagerduty and Webhooks.

Modern production systems are constantly evolving, where a currently infrequent alert can become frequent and automatable. Analogous to ticket backlog cleanup, alert policies need to be reviewed regularly to ensure new conditions are identified and existing alerts are refined with new thresholds, prioritization, and correlations. Controls such as Advanced API Ops leverage AI and ML to detect anomalous traffic, distinguished from random fluctuations, to set accurate alert definitions.

Site Reliability Engineering

Google's Site Reliability Engineering book presents arguments for efficient diagnostics by building dashboards that answer basic questions about each service, usually including some form of the four golden signals: latency, traffic, errors, and saturation.

Even if only these golden metrics are captured, the volume of information can quickly add up in the process. Like all software systems, monitoring then becomes an endless complex hole that is complicated to customize and tedious to maintain. The book therefore recommends for the most effective and viable systems to collect and aggregate basic metrics, paired with alerts and dashboards.

Provided the SAP inventory customer runs a comprehensive API program with a dedicated base team to monitor the APIs, the out-of-the-box monitoring dashboards in the API management solution (such as Apigee's API Monitoring) can be used to get real-time insights into the APIs. Alternatively, solutions such as cloud monitoring can also be used. This provides an overview of the entire application stack - individual metrics, events and metadata can be visualized there in a rich query language for quick analysis. The bottom line is that using a single system for the application stack provides the ability to monitor it in context and speeds up navigation between systems.

Even after metrics have been collected and aggregated, it is important to have meaningful data visualizations to quickly understand the problem and identify correlations during dia-gnosis. However, those who focus on too many dashboards for data visualizations often have a steep learning curve and increase the average time for each diagnosis. That's why Apigee API Monitoring, for example, offers a few predefined visualizations by default that are both simple and efficient.

End-to-end monitoring

Modern application development has accelerated the adoption of practices such as cloud, containers, APIs, microservice architectures, DevOps and SRE. While this increases release velocity, it also makes an application stack more complex and error-prone. For example, a slow response to a customer request then spans multiple microservices that organize and manage different teams and may not identify individual performance issues.  

In such cases, distributed tracing is the best way for DevOps, Operations, and SREs to get answers to questions such as service state, root cause of errors, or performance bottlenecks in a distributed system. SAP legacy customers should invest in instrumenting their distributed applications with open source standards such as OpenCensus and Zipkin to do this. Using tools like Cloud Trace with broad platform, language and environment support helps to easily ingest data from any source.

While distributed tracing helps narrow down the problem to a specific service, in some cases you may need further context to identify the root cause. Case in point: even if the source of a performance issue is isolated to an API proxy, it is still a tedious process to identify the correct bottleneck among multiple policies being executed. With tools like Apigee Debug, the SAP Basis team can zoom into an API proxy flow and examine the details of each step to view internal details such as policy executions, performance issues, routing, etc. 

Apigee's API monitoring capabilities (based on metrics exposed by system internals) therefore work with existing monitoring infrastructure to reduce mean time to diagnosis and make the application more resilient. Using Apigee's API monitoring helps maintain high resilience with comprehensive controls to reduce mean time to diagnosis and resolution. Operations teams in particular can benefit.

The choice of operating model:

There are a number of decision criteria for choosing an operating model, including:

  • Safety aspects
  • regulatory requirements
  • Controllability in operation
  • technical requirements (latency, bandwidth, etc.)
  • specific service levels
Download cover story
Community Info Nagarro
Michael Herkens, Nagarro

Michael Herkens is Director Sales and New Business Public Cloud at Nagarro

Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024


Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT


Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024


Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.