Session 1 Track 3

Best Practices: Change Management, Enterprise Security, Disaster Recovery & More

Agenda
Introductions Review standard architecture and identify common points of failure Evaluate common clustering and architecture design models to assess points of failure Demystify BO Enterprise security design and present security modeling best practices Introduction to auditing in BOE Finally review governance processes surrounding BI-DLC (BI Development Life Cycle) Q&A

Introductions
Customer Ambassador: Shahid Iqbal, Program Manager, Scotiabank Enterprise Data Warehouse

Tom Wolniewicz, Senior BI / DW Solutions Architect, BroadstreetData

Standard Architecture
Web Server Web Application Server BOE Enterprise Application (XI 3.1)
CMS FRS

Additional Components (PIK, LCM, Metadata Manager, Live Office, etc.) Databases
Repository Audit LCM/Metadata Manager Reporting

Standard Architecture

Standard Architecture
All on one server Pros: Ease of initial setup Ease of migration (e.g. DEV -> QA -> PROD) Ease of patching/installing updates

Cons: Lack of fault tolerance (every component is a point of failure) Lack of scalability/load balancing
Recommended Use: Non-production environment e.g. Development/QA/Test

Clustering
Main Reasons to Cluster Server Components:

Fault Tolerance Load Balancing Process Balancing Geographical Distribution and Performance Disaster Recovery

Clustering
Items which need to be considered when clustering:

Virtual or Physical Hardware & Locations Web/Application Servers BOE Services Licensing Databases (Repository, Audit, LCM, Metadata Manager, Reporting) AD/LDAP Services (if AD/LDAP authentication is used) Network Storage (NAS/SAN)

Clustering
Design Pattern #1: Clustering for Performance Tuning 1 Server

1 x Web/Application Server 1 x SIA (Server Intelligence Agent) N x BOE Services (e.g. multiple Web Intelligence Processing Server) Repository & Reporting Databases on dedicated DB Server Network Storage (NAS/SAN) AD/LDAP Server

Clustering
Design Pattern #1: Clustering for Performance Tuning 1 Server
Databases:
User

HTTP/App Server

Repository Reporting Other (LCM, etc)

NAS/SAN
FRS (Input/Output Storage)

BOE XI 3.1

Active Diretctory LDAP

Clustering
Design Pattern #2: Clustering for Fault Tolerance

N x Web/Application Server N x SIA (Server Intelligence Agent) N x BOE Services (e.g. multiple Web Intelligence Processing Server) Repository & Reporting Databases on dedicated DB Server Network Storage (NAS/SAN) AD/LDAP Server

Clustering
Design Pattern #2: Clustering for Fault Tolerance
Reverse Proxy/ Load Balancing Appliance
HTTP/App Server HTTP/App Server
User
Databases:
Repository Reporting Other (LCM, etc)

NAS/SAN
FRS (Input/Output Storage)

Active Diretctory LDAP

BOE XI 3.1

BOE XI 3.1

Clustering
Design Pattern #3: Disaster Recovery

1 x Active Web/Application Server w/ Stand-by 1 x SIA (Server Intelligence Agent) w/ Stand-by N x BOE Services (e.g. multiple Web Intelligence Processing Server) Repository & Reporting Databases on dedicated DB Server w/ Replication to DR DB Network Storage (NAS/SAN) w/ Replication to DR Environment AD/LDAP Server w/ Replication to DR Envirionment

Clustering
Design Pattern #3: Disaster Recovery
User

HTTP/App Server

HTTP/App Server

BOE XI 3.1
Databases:
Repository Reporting Other (LCM, etc)

BOE XI 3.1
Databases:
Repository Reporting Other (LCM, etc)

NAS/SAN
FRS (Input/Output Storage)

NAS/SAN
FRS (Input/Output Storage)

Active Diretctory LDAP

Active Diretctory LDAP

Security
BOE Security Modeling Approach Case Study

Using Access Levels (Custom definition) to manage rights Functional Security (Applications) Content Security (Folders/Universes/Inbox) Global (root level rights)

Security
Custom User Access Levels:

All User Rights (Report Consumer) Power User Rights (Report Edit/Create) Developer User Rights (Full Client/Crystal/Universe) Delegated Admin User Rights (Manage Folder Content/Schedule)

Security
Group Structure

Define Global Group with Sub groups for Content Security

Security
Folder Security

Assign Security using Groups and Custom Access Control List

Security
User Management

Managing Users by Groups:

Auditing
Using Audit Database we can Log various activities as defined in the CMC:

Auditing
A BO Universe Activity can then be utilized on the BOE Audit Database:

Auditing
BO Enterprise SDK can also be utilized for Security Audits to automate tasks like the following:
Group Membership User Mappings Group to Folder and Rights Mappings Object to Folder Mappings Finding Exceptions
Empty Groups Empty Folders Inactive Users Security Group Memberships (Administrators, other secured content groups)

Auditing
SDK Example: Retrieve list of all users:
private static String outputReport(IInfoStore infoStore) { String out = "UserID,User\n"; String query = "select * from CI_SYSTEMOBJECTS where si_kind='User' order by si_name"; IInfoObjects iList = null; try { iList = infoStore.query(query); for (int i=0; i<iList.size(); i++) { IInfoObject item = (IInfoObject) iList.get(i); out = out + item.getID() + "," + item.getTitle() + "\n"; } } catch (Exception e) { System.out.println(e.getMessage()); } return out;

Development Life Cycle

SAP BusinessObjects LifeCycle Manager provides a framework for Landscape migration and Versioning Can be implemented in one of two models:
Clustered Deployment Isolated Deployment

Development Life Cycle

Clustered Deployment Isolated Deployment

Development Life Cycle

Reference Resources
Business Objects XI 3.1 Administrators Guide: http://help.sap.com/businessobject/product_guides/boexir31/en/xi3-1_bip_admin_en.pdf Business Objects XI 3.1 Pattern Book for Windows: https://websmp202.sap-ag.de/~sapidb/011000358700000532872009E/xi31_bip_pattern_win_en.pdf Business Objects Enterprise Sizing Guide: http://www.sdn.sap.com/irj/boc/go/portal/prtroot/docs/library/uuid/e01588cd-c73e-2b10-018cfe083bc6e05e?QuickLink=index&overridelayout=true Business Objects Enterprise Deployment Planning Guide: https://websmp202.sap-ag.de/~sapidb/011000358700001647142008E/xi3-1_bip_deploy_plan_en.pdf Business Objects Backup and Recovery Best Practice Guide: http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/c0020482-ca8d-2c10-9badd1bd332bbb28?QuickLink=index&overridelayout=true Business Objects Monitoring Guide: http://help.sap.com/businessobject/product_guides/boexir3/en/xi3_monitoring_guide_en.pdf

Q&A

Thank You!