Why Amazon Web Services
After evaluating on premises and cloud options, the company decided to go for Amazon Web Services (AWS) cloud with Runibex. Enhanced SAP performance, a fully structured and operative disaster recovery scenario, and reduced storage costs were the main targets at first stage. The present structure has been created on to Amazon Elastic Compute Cloud (Amazon EC2). The working environment was shifted to SUSE Linux for the sake of cost reduction. Amazon Simple Storage Services (Amazon S3) for data backups and AWS Elastic Block Store (AWS EBS) SSD volumes as storage are used. Amazon Virtual Private Cloud (Amazon VPC), and AWS Identity and Access Management (AWS IAM) is used for user and Access management. The whole infrastructure is being watched by Amazon CloudWatch.
The SAP environment, one of the most critical infrastructure pieces, has been moved to AWS swiftly, seamlessly and without problems.
“If we decided to use this infrastructure on premise environment, we had to wait more than 6 weeks for getting hardware and it might be the reason for delaying the Project timeline. Plus, our workloads are changeable, and we could not manage this kind of challenges if we run our systems on premise landscapes. Thanks to Runibex and AWS well architected environment, we reduced overall TCO by 30%. To give a hint on how this cost reduction has happened; for instance, development and test environments are not needed to be run at nights or weekends, so they are automatically shut down,” says Cengiz Varol, Managing Director at RealCore.
The end user experience has improved companywide. SAP is used by staff to provide financial reports to management for critical decision making. Cengiz Varol mentions the feedback he has received “Our finance team is very grateful since their time to report delivery has shortened 9-fold. Backup-restore process has been dramatically improved. Backup time has fallen to 20 minutes and this makes us comfortable that our SAP systems keep running fast and secure.
AWS Services Utilised
The existing workloads are carried on SAP certified EC2 instances. The selection of these EC2 instances are being conducted due to the magnitude of the workloads. Also, reserved, spot or on demand instance options are evaluated with related data (volatility, need etc.) and cost is optimised by this way. If Windows was being used on old environment, Linux Os is considered and advised for cost optimisation purposes, If applicable. The OS conversion is performed by us.
AWS VPC is utilised. To be sure of security, the incoming and outgoing traffic is filtered and monitored on network level. Security groups and ACLs are being employed to raise the security level. We create or assign Ip groups, subnets (public and private), route tables, gateways in order to assure application security. AWS EBS is utilised and configured according to performance and workload considerations. The high availability and reliability in the architecture of EBS allows us to design highly available and reliable architectures. EBS lifecycle manager is utilised for backup management and disaster recovery on region level by copying to a different region.
AWS S3 is utilised for backup storage at DB level. The provided data availability, scalability, security and performance is among the reasons of preference. Glacier is being utilised for long term storage for cost optimisation purposes.
AWS IAM is utilised for secure access to AWS Services and resources.
AWS Guard Duty is utilised for protection for malicious activities and unauthorised access monitoring. AWS Inspector is utilised for compliance checking. AWS Security Hub is utilised for high priority security alert and compliance status.
AWS CloudWatch is utilised for general monitoring of our workloads. Alerts has been set up. Alerts, metrics, logs and events has been collected and closely followed up. Automatized actions have been defined due to anomaly detections, alerts and logs. By this, we were able to assure that SAP applications were up and smoothly running.
AWS Compute Optimiser Service is utilised for to assure right sizing of compute resources.
AWS Config Is utilised for configuration assessment and evaluation.
AWS CloudTrail is utilised for account's governance, compliance, operational and risk auditing purposes.