Deployment Options Comparison

The ownership model and connectivity sections discuss a number of reasons to choose one type of deployment over another. The following table compares some additional aspects of the deployment options for the event broker services in advanced event mesh for SAP Integration Suite.

Event Broker Services: Deployment Options Comparison

  SAP-Controlled Region Customer-Controlled Region

(Cloud-Based or On-Premises Kubernetes Cluster)
Public Region Dedicated Region
Connectivity Options for Event Broker Services

Public Internet
(secured)

Yes

Yes

Yes

Private Regional messaging (secured)

  

Yes

Yes

Private on-premises messaging

  

Yes

Yes

IaaS Cost

Included in service price

Yes

Yes

Customer responsibility
Bandwidth Cost

Managed by SAP and customer is billed

Yes

Yes

Not Applicable
Security

Hardened images

Yes

Yes

Yes

Vulnerability scan and fixes

Yes

Yes

  • Shared ownership model, but mainly the customer's responsibility since the cluster is in the customer's region.
  • Options vary depending on the customer's environment.

Encryption at rest and in transit

Yes

Yes

SAP supports self-managed encryption keys for some cloud providers. See Data at Rest for more information.

Network traffic isolation

  

Yes

Authentication and authorization

Yes

Yes

Yes

Operational Responsibilities

SAP

Yes

Yes

The operational responsibilities depend on the exact deployment configuration, but in general the customer owns the health of the Kubernetes cluster and SAP is responsible for the health of the advanced event mesh platform.