SAP Communication in a Wide Area Network 

With the increasing globalization of companies, greater mobility of employees and flexibility of working conditions (for example, working from home), wide area networks (WANs) are becoming ever more important. WANs enable access to IT resources in locations that are outside the local network.

WAN connections are used for all types of communication: for SAP frontends, for program-to-SAP communication and for communication between SAP Systems. The following graphic shows three typical scenarios in which communication partners use WAN connections to communicate with the SAP System:

The following briefly describes the most important types of connections (modem, ISDN, leased lines, frame relay, X.25 and the Internet). We also discuss the criteria you should consider when you choose a connection:

 

Modems and Telephone Lines

You can use modems and analog telephone lines to connect PCs to a remote network. Here as well, the SAP frontend software uses the TCP/IP protocol to communicate with the R/3 System.

The modem can be connected directly to the SAP server, or to a special terminal server. We recommend the second option for security reasons. Another protocol is needed in the data link layer to transport IP data packets with the modem. You could use SLIP (Serial Line Internet Protocol) or PPP (Point-to-Point Protocol) here.

SLIP was the first protocol that allowed IP packets to be sent using a serial line. This protocol is outdated and is used rarely due to its awkward configuration.

PPP has become the standard instead of SLIP, since it contains improvements in configuration and transmission security. Unlike SLIP, PPP is also able to communicate with other protocols in the transport layer and is not limited to TCP/IP.

You can use both protocols to connect SAP frontends. PPP and the software that controls the dialing process of the modem (dialer) are usually contained in modern TCP/IP software.

Ensure that modem lines always run on a dedicated machine, such as a specialized terminal server that can serve a large number of lines. The number of available modem ports determines the maximum number of parallel partners that you can connect to.

A switched telephone line is not suitable for making a LAN-LAN connection due to its narrow bandwidth. Instead choose either a fixed connection (frame relay), or another connection type (for example, ISDN or X.25).

The cost of the lines for modem connections are the same as those for a telephone connection, and therefore depend on the distance and time used, but are independent of the volume of data transmitted.

ISDN

Integrated Services Digital Network (ISDN) is a digital variant of the classic analog telephone connection, and the configuration is therefore similar. An ISDN adapter is used as the terminal instead of the modem.

You can connect the ISDN adapter to the SAP server directly, or to a special terminal server. We recommend the second option for security reasons. The number of available ISDN channels limits the number of parallel, existing connections (each connection usually uses one channel).

The advantages of using ISDN in an R/3 environment are the better quality of the transmission lines, and higher transfer rates (64 kbps for each channel). Therefore, ISDN is well suited to a LAN group between multiple locations. Routers with ISDN adapters are used here. Many ISDN routers offer additional functions such as bundling several channels to increase the bandwidth, or a temporary hold of connections during longer periods of inactivity (Short Hold Mode). The costs of ISDN are like those for an analog telephone connection, which are dependent on the distance and the time used, but independent of the volume of data transmitted.

Leased Lines

Leased lines connect two local networks. In most countries, you can lease lines from various network providers. Special routers that connect to the leased lines of the network provider are used as the terminal. The leased lines open a point-to-point connection between two routers at a specific data rate, for example, 1.5 mbps (million bits per second). The leased bandwidth cannot be exceeded. The price of leasing lines is high and depends on the transmission rate. Therefore, you must use the available bandwidth effectively.

Frame Relay

Frame relay is a single protocol in the data link layer that transmits data packets over a long distance network. It does not offer error recognition or flow control. The advantage of frame relay compared to leased lines is that point-to-point connections do not have to be made to all communication partners. You only need one line to the network provider, which relays the data packet to the receiver. The receiver ID is in the header of the data packet. To do this, Permanent Virtual Circuits (PVCs) are set up. A PVC corresponds to a virtual leased line for one communication partner.

Switched Virtual Circuits (SVCs) let users of frame relay extend their PVC networks dynamically, and if needed, set up logical network connections that lead to end points in the same network, or that pass through gateways leading to end points in other networks. SVC is a relatively new technology and is still not widely used.

Frame relay networks are usually accessed over leased lines or ISDN. Special routers that can use the relevant network interfaces are used as the terminals (Customer Premise Equipment, CPE) .

For each virtual circuit, frame relay guarantees a specific data rate known as the committed information rate (CIR). For example, the transfer rate for a connection between two large branches can be 1.5 Mbps, but the connection of an external site is only 128 kbps. The data shares the same line going to the frame relay service provider. A higher data transfer rate than the CIR can often be reached, but this is not guaranteed.

Frame relay is an efficient and relatively inexpensive way of transmitting data and has become increasingly popular in the last few years. The costs of frame relay depend on the CIR, the actual volume of data, and other factors.

X.25

X.25 (Datex-P in Germany) is a packet-oriented service. The costs depend on the volume of data transmitted, and therefore on the number of packets transmitted. Unlike modem or ISDN connections, X.25 is not dependent on time or distance. X.25 can be seen as a forerunner of frame relay although it has many more options and is considerably more complex. The higher costs of X.25 have meant that it has lost in importance to frame relay.

X.25 lets you have two different connection types:

SVCs enable a connection to be made to different partners. With PVCs, the connection is always made with the same partner. The advantage of this connection type is that establishing the connection is faster. The transmission costs depend on the volume of data transmitted, the transmission speed, and the connection type (SVC, PVC).

Internet

You can also use the Internet to connect to an SAP System. The Internet has a number of advantages: it can be accessed from many locations and it is has low costs. On the other hand, both its security and availability are subject to limitations. These problems are mainly due to the fact that the Internet is an open network that is not administrated centrally.

To connect your network to the Internet, you need an Internet Service Provider (ISP) that makes the connection. To offer a service, you need a fixed IP address in the Internet and a permanent Internet connection. The clients can then use a local ISP to dial into the Internet.

If you want to use the Internet to communicate with an SAP System, you must make sure that the system is protected from unauthorized access. If required by the application, you must also secure communication between the SAPgui and the SAP System. There are special measures that you can take to make your system secure. This requires a lot of technical work and administration, however you can give this task to a suitable third party (such as your ISP). The different ways of securing your SAP Internet connections are described in the section Network Security.

The security of your network connection against failure is a general problem, since an ISP can usually only guarantee those network connections that it can influence. You must decide how critical it is for your application if your network connection were to be broken temporarily.

The following graphic shows a scenario in which SAP frontends are linked through the Internet. It includes examples of some of the security measures you should consider when planning to connect to your SAP System over the Internet: