5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 1/28

Session 1 –Track 3

Best Practices: Change Management, Enterprise Security, Disaster Recovery &

More 

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 2/28

Agenda

• Introductions

• Review standard architecture and identify common points offailure

• Evaluate common clustering and architecture design models to

assess points of failure• Demystify BO Enterprise security design and present security

modeling best practices

• Introduction to auditing in BOE

• Finally review governance processes surrounding BI-DLC (BI

Development Life Cycle)• Q&A

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 3/28

Introductions

• Customer Ambassador: Shahid Iqbal, Program Manager,Scotiabank Enterprise Data Warehouse

• Tom Wolniewicz, Senior BI / DW Solutions Architect,BroadstreetData

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 4/28

Standard Architecture

• Web Server

• Web Application Server

• BOE Enterprise Application (XI 3.1)• CMS

• FRS• Additional Components (PIK, LCM, Metadata Manager, Live

Office, etc.)

• Databases• Repository

• Audit• LCM/Metadata Manager

• Reporting

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 5/28

Standard Architecture

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 6/28

Standard Architecture

All on one server

Pros:

• Ease of initial setup

• Ease of migration (e.g. DEV -> QA -> PROD)

• Ease of patching/installing updates

Cons:

• Lack of fault tolerance (every component is a point of failure)

• Lack of scalability/load balancing

Recommended Use: Non-production environment e.g.Development/QA/Test

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 7/28

Clustering

Main Reasons to Cluster Server Components:

• Fault Tolerance

• Load Balancing

• Process Balancing• Geographical Distribution and Performance

• Disaster Recovery

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 8/28

Clustering

Items which need to be considered when clustering:

• Virtual or Physical Hardware & Locations

• Web/Application Servers

• BOE Services• Licensing

• Databases (Repository, Audit, LCM, Metadata Manager,Reporting)

• AD/LDAP Services (if AD/LDAP authentication is used)

• Network Storage (NAS/SAN)

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 9/28

Clustering

Design Pattern #1: Clustering for Performance Tuning  – 1 Server

• 1 x Web/Application Server

• 1 x SIA (Server Intelligence Agent)

• N x BOE Services (e.g. multiple Web Intelligence ProcessingServer)

• Repository & Reporting Databases on dedicated DB Server

• Network Storage (NAS/SAN)

• AD/LDAP Server

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 10/28

Clustering

Design Pattern #1: Clustering for Performance Tuning  – 1 Server 

User HTTP/App Server

BOE XI 3.1

Databases:• Repository• Reporting

• Other (LCM, etc)

NAS/SAN• FRS

(Input/Output Storage)

Active DiretctoryLDAP

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 11/28

Clustering

Design Pattern #2: Clustering for Fault Tolerance

• N x Web/Application Server

• N x SIA (Server Intelligence Agent)

• N x BOE Services (e.g. multiple Web Intelligence ProcessingServer)

• Repository & Reporting Databases on dedicated DB Server

• Network Storage (NAS/SAN)

• AD/LDAP Server

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 12/28

Clustering

Design Pattern #2: Clustering for Fault Tolerance

User

HTTP/App Server

BOE XI 3.1

Databases:• Repository• Reporting• Other (LCM, etc)

NAS/SAN• FRS

(Input/Output Storage)

Active Diretctory

LDAP

Reverse Proxy/ Load Balancing Appliance

HTTP/App Server

BOE XI 3.1

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 13/28

Clustering

Design Pattern #3: Disaster Recovery

• 1 x Active Web/Application Server w/ Stand-by

• 1 x SIA (Server Intelligence Agent) w/ Stand-by

• N x BOE Services (e.g. multiple Web Intelligence ProcessingServer)

• Repository & Reporting Databases on dedicated DB Server w/ Replication to DR DB

• Network Storage (NAS/SAN) w/ Replication to DR Environment

• AD/LDAP Server w/ Replication to DR Envirionment

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 14/28

Clustering

Design Pattern #3: Disaster Recovery

User

HTTP/App Server

BOEXI 3.1

Databases:• Repository• Reporting• Other (LCM, etc)

NAS/SAN• FRS

(Input/Output Storage)

Active Diretctory

LDAP

HTTP/App Server

BOEXI 3.1

Databases:• Repository• Reporting• Other (LCM, etc)

NAS/SAN• FRS

(Input/Output Storage)

Active Diretctory

LDAP

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 15/28

Security

BOE Security Modeling Approach Case Study

• Using Access Levels (Custom definition) to manage rights

• Functional Security (Applications)

• Content Security (Folders/Universes/Inbox)• Global (root level rights)

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 16/28

Security

Custom User Access Levels:

• All User Rights (Report Consumer)

• Power User Rights (Report Edit/Create)

• Developer User Rights (Full Client/Crystal/Universe)• Delegated Admin User Rights (Manage Folder Content/Schedule)

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 17/28

Security

Group Structure

• Define Global Group with Sub groups for Content Security

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 18/28

Security

Folder Security

• Assign Security using Groups and Custom Access Control List

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 19/28

Security

User Management

• Managing Users by Groups:

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 20/28

Auditing

• Using Audit Database we can Log various activities as defined inthe CMC:

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 21/28

Auditing

• A BO Universe “Activity” can then be utilized on the BOE Audit

Database:

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 22/28

Auditing

BO Enterprise SDK can also be utilized for Security Audits toautomate tasks like the following:

• Group Membership User Mappings

• Group to Folder and Rights Mappings

• Object to Folder Mappings

• Finding Exceptions – Empty Groups

 – Empty Folders

 – Inactive Users

 – Security Group Memberships (Administrators, other secured content groups)

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 23/28

Auditing

SDK Example: Retrieve list of all users:

private static String outputReport(IInfoStore infoStore) {

String out = "UserID,User\n";

String query = "select * from CI_SYSTEMOBJECTS where si_kind='User' order by si_name";

IInfoObjects iList = null;

try {

iList = infoStore.query(query);for (int i=0; i<iList.size(); i++) {

IInfoObject item = (IInfoObject) iList.get(i);

out = out + item.getID() + "," + item.getTitle() + "\n";

}

}

catch (Exception e) {

System.out.println(e.getMessage());

}

return out;

}

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 24/28

Development Life Cycle

SAP BusinessObjects LifeCycle Manager provides a framework forLandscape migration and Versioning

• Can be implemented in one of two models: – Clustered Deployment

 – Isolated Deployment

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 25/28

Development Life Cycle

Clustered Deployment Isolated Deployment

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 26/28

Development Life Cycle

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 27/28

Reference ResourcesBusiness Objects XI 3.1 Administrator’s Guide:

http://help.sap.com/businessobject/product_guides/boexir31/en/xi3-1_bip_admin_en.pdf 

Business Objects XI 3.1 Pattern Book for Windows:

https://websmp202.sap-ag.de/~sapidb/011000358700000532872009E/xi31_bip_pattern_win_en.pdf 

Business Objects Enterprise Sizing Guide:

http://www.sdn.sap.com/irj/boc/go/portal/prtroot/docs/library/uuid/e01588cd-c73e-2b10-018c-

fe083bc6e05e?QuickLink=index&overridelayout=true 

Business Objects Enterprise Deployment Planning Guide:

https://websmp202.sap-ag.de/~sapidb/011000358700001647142008E/xi3-1_bip_deploy_plan_en.pdf 

Business Objects Backup and Recovery Best Practice Guide:

http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/c0020482-ca8d-2c10-9bad-d1bd332bbb28?QuickLink=index&overridelayout=true 

Business Objects Monitoring Guide:

http://help.sap.com/businessobject/product_guides/boexir3/en/xi3_monitoring_guide_en.pdf 

5/13/2018 Best Practices - Change Management, Enterprise Security, Disaster Recovery & More - slidepdf.com

http://slidepdf.com/reader/full/best-practices-change-management-enterprise-security-disaster-recovery-more 28/28

Q&A

Thank You!