Customers transitioning to RISE with SAP cloud services have a choice of opting for either single tenanted or multi-tenanted landscape which largely depends on the evaluation of risk, type of industry, classification of
data, security, sectorial and data privacy regulations along with considerations include performance, reliability, shared security governance, migration, cost, and connectivity. SAP Cloud Services can be run as a Single Tenant or a Multi-Tenant Landscape.
Single Tenant Landscape
In the single tenancy model, a single dedicated instance of an application is deployed for each customer. customer gets a dedicated instance of web, application, and database tiers enhanced with network level
isolation providing strong data isolation, and this architecture model is highly recommended for regulated industries where strict data isolation is required. The concept of single tenanted always refers to application landscape created for Tenants. The SAP S/4HANA Cloud, Private Edition is a single tenant landscape with the following key characteristics.
Each customer gets a separate account (AWS), subscription (Azure), or project in GCP. A separate network level separation is achieved via logically isolated Virtual Private Network (VNET)/VPC. This is to address specific system/data isolation requirements. Within each Virtual Network, there will be multiple subnets (using private CIDR block IP addresses) created to segregate the environments. Each subnet is configured with Security Group with specific set of rules to control the network traffic. A separate S/4HANA application and Database Instance landscape for customer assigned Private IP Address space. The production and non-production environment consisting of application instance, SAP HANA instance, Web Dispatcher, Cloud Connectors are deployed separately for each customer. Security policies that are defined at the higher-level hierarchy are pushed to each subscription/ project/ account. Data replication traffic from primary to DR site will always go via private connectivity (peering). Customer can have access to SAP S/4HANA applications hosted in VPC/VNET via a private dedicated connectivity. Backup services are integrated with native and 3rd party services.
Multi – Tenant Landscape
This is an architecture model where single software or application architecture can serve multiple distinct user groups. This brings a great deal of standardization in functionalities at a lower cost due to economies of scale supporting larger customer base on a shared platform. There are many approaches in the multi-tenant landscape.
The SAP S/4HANA public cloud uses multi-Tenant model.
SAP S/4HANA Cloud achieves multitenancy by sharing the SAP HANA system between multiple tenants. SAP HANA supports multiple isolated databases in a single SAP HANA system. This is known as tenant databases. SAP S/4HANA Cloud is leveraging the SAP HANA tenant databases in such a way that each tenant gets its own tenant database Each tenant has own dedicated ABAP application servers running on separate SAP HANA tenant databases. Tenant databases are independent databases within one SAP HANA database system, and
they contain all tenant-specific application data and configuration. The isolation ensures that it impossible for one tenant to access another tenant’s data. Each tenant is completely isolated from the others by having its own ABAP application servers and tenant database. Each tenant is self-contained and fully isolated so that each tenant has, for example, its own database catalog, persistence, and backups. All tenant databases share the same installation of the database system software and the same system administration, and to a greater extent the same computing resource. All SAP HANA servers such as compile server and the pre-processor server, run alongside the central system database, and serve all tenant databases of an SAP HANA system. Each database
is self-contained and fully isolated runs its own database catalog, persistence, and backups. All database objects, such as
schemas, tables, views, and procedures, are local to the tenant database.
Conclusion
SAP provides many SaaS based cloud applications that are powered by SAP HANA, allowing multi-tenant architecture offering multiple isolated tenant databases in one SAP HANA. The multi-tenant model brings down total cost of ownership, ease of management, data isolation, tenant specific customization. For highly regulated customers such as FSI, health care and
defense prefer single tenant landscape for greater data isolation to meet their compliance obligation and for dedicated private
network connectivity. SAP cloud architecture approach to variety of tenancy models provide customers with choice and agility
while maintaining performance, scalability, cost reduction, security, and regulatory compliance.
Our experts provide personalized demos after understanding the business needs. Click here to talk to our experts.