Web IDE Question for Public Sector Defense Custome...

ChrisMahoney01 · ‎2017 Jul 31

Public Sector / Regulated Industries - Defense Customer

We do not have a certified FedRAMP environment option in the NS2 environment at this time with HANA Cloud Integration (HCI) or SAP Cloud Platform

Question from Defense Customer team – “Web IDE is a development tool for Fiori/HTML5 development which is supposed to make Fiori development significantly faster than the traditional tools such as NWDS/Eclipse. Web IDE is what our developers are trained on and this is what SAP is really promoting as the development tool for all Fiori/HTML5 development but the problem is that the use of this tool requires us to connect to SAP Cloud Connector (previously called HANA Cloud Connector) even for on-premise applications. This SAP Cloud Connector is in the SAP commercial cloud and from what I could glean from SAP sites, Web IDE would store our any of our custom source code in this commercial cloud and that's what our concern is. We do not know at this point if there is a secure NS2 Cloud environment that federal gov is allowed to use or if there any kind of waiver/MOA in place between DOD and SAP to allow use of Cloud Connector.

I am attaching an FAQ on Web IDE and here is a link as that should provide some additional info.

https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/e6c7616abb5710148cfcf3e75d9...” End of Question

I am reading information from here - https://www.sap.com/developer/topics/sap-webide.html and when I scroll down to the summary matrix I see a Web IDE for HANA , but the different between the two columns is the word Fiori – I only see it show up on the SAAP Cloud Platform column – they really interested in Fiori and Mobile and obviously on-premise –

Can you provide insight, or anyone you can point me to on how I can provide guidance back to this customer?

ChrisMahoney01 · ‎2017 Aug 03

Found out some additional insight from a colleague from the SAP RIG (Regional Implementation Group) -

Javier Baltazar

1. “…problem is that the use of this tool requires us to connect to SAP Cloud Connector (previously called HANA Cloud Connector) even for on-premise applications. This SAP Cloud Connector is in the SAP commercial cloud…”

Cloud Connector is an On-premise software component, it is not hosted in any cloud landscape, in fact all customers that use this component usually have a dedicated on-premise server to host this software. The purpose of Cloud Connector is to connect on-premise systems to the cloud, think of it as a reverse proxy that exposes certain webservices to the cloud. To generate this connection, cloud connector uses a secure SSL tunnel via a reverse invoke approach.

See attached whitepaper and presentation ->

https://d.dam.sap.com/a/nJnXn7/SAP%20HANA%20Cloud%20Connector%20security%20whitepaper.pdf

2. “…Web IDE would store our any of our custom source code in this commercial cloud and that's what our concern is…”

Yes, all custom code or app extensions are stored in WebIDE. However, WebIDE is a service available per SAP Cloud Platform account and the persistence service is based on Git, hence you could commit all code to a remote Git repository to store all data in a secure location.

https://blogs.sap.com/2017/02/14/using-git-in-sap-web-ide-with-multiple-developers/

https://help.hana.ondemand.com/webide/frameset.htm?4037d227ebd34baaaa4a5b435a341bd3.html

Additionally, each Cloud Platform account is a separate “tenant” in the cloud infrastructure, meaning that no information is shared between accounts and SCP complies with several certifications, see attached presentation (SCP Infrastructure).

3. “…I see a Web IDE for HANA , but the different between the two columns is the word Fiori…”

There are two separate WebIDE, WebIDE for HANA is only useful when you have created a Hana Database in SCP and wish to develop Hana artifacts (XS OData services, stored procedures, etc). WebIDE for Fiori is only useful to develop UI5 and javascript code to extend or create a new Fiori based app.

Some other SAP Cloud Platform information for reference ->

https://blogs.sap.com/2016/04/04/invitation-sapsysarchs-sap-hana-cloud-platform-architecture-call-we...

ChrisMahoney01 · ‎2017 Aug 01

Thanks for the reply. Some insight and understanding and some additional information from some internal colleagues -

For option #4 it states the customer would need a paid subscription for Wed IDE on SAP Cloud Platform? Due to FedRAMP certifications required for this customer SAP does not have a certified Cloud environment so they will not be interested in paying for a subscription to SAP Hana Cloud Platform.

For option #5 I see its available, but again not sure of the restrictions / dependency on SAP HCI (Hana Cloud Integration) and SAP CP (Cloud Platform)

Feedback from an internal SAP colleague Jim Chen mentioned :

1. Concern ->

“WebIDE tool requires us to connect to SAP Cloud Connector even for on-premise applications. This SAP Cloud Connector is in the SAP commercial cloud and from what I could glean from SAP sites, Web IDE would store our any of our custom source code in this commercial cloud and that's what our concern is.

2. Option

There is an option to install the WebIDE locally on your own laptop or environment with the SAP Web IDE Personal Edition. This allows developers with an offline development environment so that the source code resides on the developer’s own personal workstation instead of on SCP. However, the personal edition may not include all of the features of the SCP version of WebIDE and is intended to be used as a complementary development workbench.

https://wiki.scn.sap.com/wiki/display/SWI/SAP+Web+IDE+Personal+Edition

3. Security

In regard to security, there are different levels of security available to help support the business needs of the customer. The following link takes you to more details about the security level or different components of the WebIDE:

https://help.hana.ondemand.com/webide/frameset.htm?5c417ce97bbf42f3a4ca73cc6170551f.html

4. Dependency on SAP CP

SAP Web IDE relies on SAP HANA Cloud Platform infrastructure for authentication and secure connectivity to different systems (SAP Gateway) or other components (Orion, Git). As part of the SAP HANA Cloud Platform the SAP Web IDE adheres to the SAP standards terms and conditions for cloud products related to data protections and privacy. SAP Web IDE could use any Identity provider (IdP) - including customer defined IdPs, or use the SAP HANA Cloud Connector for secure connection to on premise systems.

https://d.dam.sap.com/a/nJnXn7/SAP%20HANA%20Cloud%20Connector%20security%20whitepaper.pdf

Anyway around the dependency on SAP HCI and SAP CP ?

Another colleague Raz Korn mentioned an additional option to establish a secured connection between the cloud and on-premise – Reverse Proxy:

https://help.sap.com/viewer/cca91383641e40ffbe03bdc78f00f681/Cloud/en-US/dde01af51ddc49758dbbb03afcb...

Anyone familiar with this set-up / solution?

Former Member · ‎2017 Jul 31

You have the following two options if you want a complete on-prem option

- You can use SAP Web IDE personal edition, see below picture on how you can use this for productive usage,

- You can use the WebIDE available on HANA Express Edition, a free HANA edition for productive usage.

Here is my source for the above information

https://www.sapstore.com/medias/20160921-FrequentlyAskedQuestions-60009.pdf

Web IDE Question for Public Sector Defense Customer

Know the answer?

Need more details?

Accepted Solutions (0)

Answers (3)

Answers (3)

Re: Moving into MDG career

Re: SAP CPI: Not able to pick done file

Linkage between Portfolio item and PPM Project

Re: SAP CPI: Not able to pick done file

Re: Crystal Report Runtime License