Data Storage and Network Security for the SAP HANA...
Technology Blogs by SAP
Learn how to extend and personalize SAP applications. Follow the SAP technology blog for insights into SAP BTP, ABAP, SAP Analytics Cloud, SAP HANA, and more.
We do not have access to the file system or the operating system for the SAP HANA Service, so how we control data storage encryption and network security works differently compared to on-premise SAP HANA.
Root key management, however, still works the same, and to stay in control of how your system is encrypted, it is important to understand encryption root key management. In particular, because if you do not manage your data volume and backup encryption root keys properly, it may be difficult if not impossible to recover your database. Cloud or not.
Encryption is always On for the data and log volume, and for backups.
Tutorial Video
In the video tutorial below, we show how you can create encryption root key backups and how to access your keys. Network security and the Instance and SystemPKI SSFS are also covered.
You can use the Manage Keys app to change the root encryption keys, make a backup, or change the root key backup password.
There are encryption root keys for the data and log volume, for backups, and for the application encryption service. These keys are stored inside the Instance SSFS managed by the cloud provider. The password-protected backup of the root keys is stored and managed by you.
The certificates stored in the system PKI SSFS are also managed by the cloud provider. These certificates are used to encrypt communication between different server processes (indexserver <-> nameserver) or between different sites in case of system replication.
YouTube Playlist(s)
The tutorials has been posted to the following playlists:
The SAP HANA Academy provides free online video tutorials for the developers, consultants, partners and customers of SAP HANA.
Topics range from practical how-to instructions on administration, data loading and modeling, and integration with other SAP solutions, to more conceptual projects to help build out new solutions using mobile applications or predictive analysis.