Ensuring Compliance with Emerging Regulations: Modernize Your SAP Landscape with Confidence

This blog was written in a collaboration between Fujitsu, Intel and SUSE.

Cybersecurity has never been a more pressing issue for modern business. Managing and securing increasingly vast volumes of information and juggling ever more complex IT infrastructures can seem like an uphill battle. This can strain traditional systems and hinder a company’s ability to adapt to changing business needs. Moreover, new regulations such as the Network and Information Security 2 (NIS2) and the Digital Operational Resilience Act (DORA) are emerging, placing more responsibility on businesses than ever before. Both NIS2 and DORA are part of the European Cyber Resilience Act (CRA). Staying within the lines of these regulations is crucial to ensure your organization remains secure and compliant.

SUSE, Fujitsu, and Intel have teamed up to help organizations navigate these regulatory challenges and optimize their SAP landscapes. This powerful collaboration combines SUSE’s expertise in securing IT infrastructures, Fujitsu’s innovative solutions, and Intel’s cutting-edge technology, offering a comprehensive approach to compliance and performance enhancement.

Fujitsu’s SystemInspection Service Suite (SIS) and BestPlace help businesses understand their infrastructure with real data and strategically allocate SAP instances according to their requirements. Unlike other less concrete solutions, these services deliver precise, data-driven insights for informed decision-making.

Fixed-cost IT investments can also limit your flexibility. Fujitsu’s uSCALE offers a flexible consumption-based model, reducing upfront costs and improving overall scalability. This approach ensures that businesses can maintain agility and respond to evolving demands without overcommitting resources.

The Evolving Security Landscape: Are You Prepared?

NIS2 and the Digital Operational Resilience Act (DORA) are reshaping the security landscape by emphasizing supply chain security.

The EU’s NIS2 – or the Network and Information Security Directive 2 – aims to improve the cybersecurity of critical infrastructure within the EU. It builds upon the original 2016 NIS Directive and the national implementation deadline is October 16, 2024. NIS2 was proposed to address evolving cybersecurity threats, enhance the overall resilience of critical entities in the EU and affects public and private entities of the critical infrastructure in the EU.

DORA, effective from January 17, 2025, places stringent requirements on financial institutions to ensure operational resilience in the face of disruptions.

These regulations aim to protect businesses from cyberattacks and hold key decision-makers personally liable for non-compliance. Navigating these complex regulatory requirements can be a tall order, but it’s crucial to ensure your SAP environment remains secure and compliant.

SUSE: NIS2 Compliance with Confidence

As organizations prepare for stringent cybersecurity requirements under the NIS2 directive, SUSE helps you to ensure your IT infrastructure remains secure and compliant.

Strengthen Supply Chain Security
NIS2 mandates continuous assessment and mitigation of cyber risks in the supply chain. SUSE simplifies this with its Common Criteria EAL 4+ certified SUSE Linux Enterprise Server (SLES), ensuring your operating system’s security is independently verified. Rancher Prime, SUSE’s container management platform, further secures the software supply chain with automated build processes and detailed Software Bill of Materials (SBOM) documentation, safeguarding against tampering and ensuring traceability.

Robust Encryption Standards
NIS2 requires state-of-the-art encryption for sensitive data. SUSE supports this with SLES 15 SP4, validated to FIPS 140-3 standards for secure communications and data storage.

High Availability and Business Continuity
To assist you in complying with NIS2’s resilience mandates, SUSE offers the SUSE Linux Enterprise High Availability Extension. Features like geo-clustering and multi-site data replication support continuous uptime availability to guarantee critical applications to remain available and enable rapid recovery from disruptions, maintaining business continuity.

Secure Edge Computing and IoT
Critical infrastructure sectors using edge and IoT devices must also meet NIS2 standards. SUSE Edge 3.0, based on Rancher, NeuVector, and SLE Micro, simplifies device management and enhances security. NeuVector enforces security policies and blocks attacks in real-time, while SLE Micro includes SELinux and an immutable file system for added protection.

Efficient Incident Reporting
NIS2 requires swift incident reporting. SUSE’s tools like SUSE Manager, Rancher, and NeuVector provide real-time monitoring and automated reporting, helping you quickly identify and report incidents within the regulatory timeframes.
SUSE’s products are designed to ease the burden of achieving regulatory compliance, by delivering secure and auditable infrastructure solutions.

Fujitsu SystemInspection Service Suite for SAP Solutions
SAP performance and service-level issues often have multiple root causes, leading businesses to purchase more equipment to solve problems with brute force. Rightsizing SAP S/4HANA databases while meeting stringent regulatory demands is a complex challenge. Fujitsu’s SystemInspection Service Suite (SIS) offers a solution.
By optimizing SAP performance and resource utilization, SIS directly supports compliance with regulations such as NIS2 and DORA. These regulations emphasize operational resilience, cybersecurity, and risk management. SIS helps identify vulnerabilities, optimize costs, and ensure overall business continuity.

Unique and Accurate Assessment
SIS provides a unique assessment and consulting package that stands out from standard SAP performance tools by using real-life data. It includes data collection over longer periods and a comprehensive set of parameters. This helps capture hidden peak loads and discover workload anomalies, ensuring configurations are neither over nor undersized.

Key Benefits of SIS:

• Enhanced cybersecurity: Identify system weaknesses that could be exploited by cyberattacks, aligning with NIS2 requirements.
• Improved operational resilience: Optimize resource utilization to minimize disruptions and ensure business continuity, addressing DORA mandates.
• Cost optimization: Reduce hardware and software expenses, freeing up budget for security investments and compliance initiatives.
• Performance optimization: Eliminate bottlenecks, improve system responsiveness, and enhance user experience.
• Capacity planning: Make data-driven decisions for future system expansions, ensuring optimal resource allocation and compliance.

By investing in SIS, you’ll strengthen your SAP environment, reduce costs, and demonstrate compliance with NIS2 and DORA.

Fujitsu BestPlace: Data-Driven Cloud Advisor for SAP Workloads

Optimizing SAP workload placement is crucial for maintaining business continuity, ensuring data protection, and managing costs. Fujitsu BestPlace offers a data-driven approach to finding the ideal location for SAP instances, helping organizations align with NIS2 and DORA.

Leveraging Diverse IT Opportunities

The current IT landscape offers diverse solutions tailored to specific application scenarios and customer strategies, especially regarding SAP S/4HANA migrations. However, businesses often struggle to navigate these options and make informed decisions about where to place their SAP instances for optimal performance and cost efficiency.

Data-Driven Decision Making
Fujitsu BestPlace analyzes any SAP workload, whether hosted on-premises, in data centers, or in the cloud. This service helps businesses get an overview of all placement options, ensuring they make data-driven decisions based on measured workloads and facts. This method is quick yet thorough, offering recommendations for the best placement of critical SAP instances, regardless of industry or company size.

BestPlace’s AI-driven optimization considers priorities, such as cost, data protection – among other business objectives – to deliver tailored recommendations. This ensures that the chosen placement aligns with your organization’s specific needs.

Key Benefits of BestPlace

• Kick-off: Define stakeholders, SAP systems, and start the measurement process.
• Strategy: Discuss strategic customer goals and specific architecture demands for each SID.
• Costs: Adapt the generic cost model to the current customer-specific situation.
• Results: Receive optimal placement recommendations and cost comparisons for different placement options.

Fujitsu uSCALE: Unrivaled Agility and Compliance

Fujitsu’s SystemInspection Service Suite and BestPlace provide comprehensive analysis and strategic insights based on real data, allowing businesses to optimize their SAP infrastructure. These services enable better decision-making and infrastructure management, ensuring compliance with regulatory standards.

uSCALE bridges the gap between on-premises and cloud benefits, allowing businesses to leverage existing systems while gaining cloud-like agility. This consumption-based model from Fujitsu offers a comprehensive approach to modernizing your SAP landscape:

• Flexibility and Cost Control: Pay-as-you-go based on actual usage, eliminating overprovisioning and unnecessary upfront costs. Scale resources dynamically to meet your evolving business needs.
• Maximize Existing Investments: Leverage your on-premises infrastructure as a foundation for a secure solution.
• Performance and Reliability: Fujitsu PRIMERGY M7 servers with the latest Intel Xeon processors deliver superior performance and scalability. Minimize downtime with robust hardware and firmware resilience features.
• Reduce IT Complexity: Benefit from expert support from Fujitsu, Intel, and SUSE, reducing the complexity of managing a hybrid environment.

Guarantee Compliance and Growth with Confidence

Modernizing your SAP landscape requires a comprehensive approach that covers all bases, including compliance with existing and emerging regulations, while providing agility and growth. The collaboration between SUSE, Intel, and Fujitsu ensures this holistic approach. Fujitsu’s uSCALE, combined with SystemInspection Service Suite and BestPlace, empowers you to leverage your existing systems, optimize costs, and maintain regulatory compliance all in one.

To explore how you can ensure compliance with emerging regulations, contact SUSE today.
This blog was written in a collaboration between Fujitsu, Intel and SUSE.