Oracle Database Options and Packs for SAP Customers 1

I M P L E M E N T I N G A D ATA M A N A G E M E N T I N F R A S T R U C T U R E
F O R S A P W I T H O R A C L E D ATA B A S E O P T I O N S A N D PA C K S

Introduction between a pure Oracle Database and an Oracle Database

Database Editions
for SAP perspective:
Oracle Database is available in five editions, each suitable
• An option or pack offered by Oracle may not be
for different development and deployment scenarios.
certified for / supported by SAP. This article discusses
However, only Oracle Database Enterprise Edition is
only options and packs that are certified or planned to
certified and supported in SAP environments, as SAP
be certified in the near future. If in doubt, check the
applications are very demanding and cannot be run
latest version of SAP Note 105047.
efficiently without the enterprise computing features
provided by Oracle Database Enterprise Edition.
• Even if an option is certified, the use of some of its
features may not be permitted. As this is an overview
Database Options and Managements article, not all details can be discussed. If in doubt,
In addition, Oracle offers several database options, again, check SAP Note 105047.
management packs, and other products that enhance the
capabilities of Oracle Database for specific purposes. • Due to peculiarities of the SAP data model or application
They extend the power of Oracle Database Enterprise design, an Oracle Database option or management pack
Edition to meet customer- or application-specific may not be optional, but required. E.g. SAP Business
requirements in the areas of efficient use of disk space, Warehouse (BW) on Oracle Database requires Oracle
performance and scalability, high availability, security Partitioning.
and compliance, data warehousing and big data, and
manageability. • From a pure Oracle perspective, an option or pack is
licensed separately. However, an Oracle Database
Enterprise Edition license bought from SAP (ASFU)
Options and Packs in SAP Environments already includes some (but not all supported) options
This article is about database options and management and packs without additional payment. For details see
packs for SAP customers. There are some differences SAP Note 740897.

Figure 1: Oracle Database Enterprise Edition, Database Options (certified and required, or certified and optional)
and Enterprise Manager Packs (certified and required, or certified and optional).
2

Options, Packs and Database Versions Structure and Infrastructure

This article discusses Oracle Database options and manage- As we said before, database options extend the power of
ment packs for SAP as of April 2015. At this point in Oracle Database Enterprise Edition in the areas of efficient
time, the overwhelming majority of all SAP on Oracle use of disk space, performance and scalability, high availa-
installations are based on Oracle Database 11g. The certi- bility, security and compliance, data warehousing and big
fication of Oracle Database 12c has already started with data, and manageability. In this article, however, we will
a base certification in March 2015. (for details see the focus on one single aspect: Database options help implement
article “Oracle Database 12c for SAP – Roadmap and structure. When the amount of data in one single database
Base Certification Features” on page 5.) The major Oracle grows, when data coming from different sources or even
Database 12c-specific options (Database In-Memory, multiple, previously independent databases are consoli-
Multitenant) and features (in particular those related to dated in one single data management infrastructure (as
Information Lifecycle Management) will be certified in in Oracle Multitenant), the unstructured mass of data
the near future and are therefore included in this overview. will become unmanageable at a certain point. Therefore
consolidation requires differentiation. Or: Infrastructure
requires structure.

Table and Index Partitioning

Challenge: In more and more situations today the single partition and can ignore all other partitions
distribution of the data on disk turns out to be a („partition pruning“). This can reduce the runtime
problem: considerably.
(a) Single queries or complex batch jobs accessing a (b) If the indexes defined on a partitioned table are
certain subset of the table data need too much time partitioned as well, individual index partitions can be
to complete. dropped and rebuilt while all other partitions remain
(b) Data load (SAP BW) is either slow, because it untouched.
must update many indexes; or indexes are dropped (c) The data archiving strategy can be based on the
and rebuilt, in order to reduce load time, but this partition structure, and this can avoid disk space
slows down user queries. fragmentation.
(c) Data archiving results in heavily fragmented
databases. (d) Partitioning is one of the basis technologies for
information lifecycle management.
(d) Customer wants to implement information lifecycle
management (see Oracle DB 12c section of this Oracle Partitioning is certified
Certification/Support:
presentation). for all SAP NetWeaver applications.
Value Proposition: Oracle Partitioning divides tables Versions: Oracle Database 11g, Oracle Database 12c
and indexes into smaller units (called partitions) and Implementation: Partitioning (range partitioning) is
forces all data to be stored in the appropriate unit. configured and used by default in SAP BW on Oracle.
Partitions can be accessed and managed individually In SAP OLTP systems, it can either be implemented
and independently from each other. Therefore: using the SAP Partitioning Engine (which covers the
(a) Ideally a query now finds all relevant data in one data archiving issue) or by Oracle ACS for SAP.

The common denominator of all issues mentioned above may consist of certain subsets which should ideally be
is the fact that by default (and by definition) a table separated from other subsets. Oracle Partitioning allows
in the database is an unordered set of records with no users to implement such subsets by physically storing
guaranteed physical sequence whatsoever, whereas from related data as closely together as possible.
a user, application, or DBA perspective this set of data
 Oracle Database Options and Packs for SAP Customers 3

Figure 2 explains why storing related data as closely to- memory perspective (even if all users work with records
gether as possible makes such a difference. It shows database of the same color, all 8 blocks need to be cached completely in
blocks filled with records. The different colors represent database memory), therefore from a performance perspective
criteria such as different months or different locations. And (too much I/O means unsatisfactory performance), from
we assume that the applications accessing those data in most a database administration perspective (subsets of records
cases want to retrieve all records having the same color. having the same color cannot be managed independently),
and from an ILM perspective (“hot” and “cold” data cannot
be separated).

The situation shown on the right hand side, in contrast,

is optimal (again: under the circumstances described
above):
All records having the same color are now stored together
in one and the same database block. This is optimal from
an I/O perspective (a query looking for all records of a
certain color needs to read only 1 block), from a memory
perspective (if all users work with records of the same color,
Figure 2: Table Partitioning – Physically store subsets of related data as closely
together as possible
only 1 block needs to be cached in database memory),
therefore from a performance perspective (significantly less
I/O means significantly better performance), from a database
Under these circumstances, the situation shown on the administration perspective (subsets of records having the
left hand side is the worst that can be imagined: Each same color can be managed independently), and from an
database block contains one record of each color. Or, to put ILM perspective (“hot” and “cold” data can be separated).
it differently, all subsets of records having the same color
are distributed over all blocks. This is the worst possible Now, multiply the number of records and blocks shown
situation from an I/O perspective (a query looking for all on this slide. Then a partition is the subset of all blocks
records of a certain color needs to read 8 blocks), from a containing records of the same color.

Advanced Compression (Oracle Database 11g)

Challenge: Inmore and more cases today the size and As an additional benefit customers using Advanced
the expected future growth of the database becomes Compression may see a performance improvement.
a problem. Aspects of this problem include: Storage Additional (as opposed to essential) here means: It may,
cost, performance guarantees (SLAs), cloning and but it is not guaranteed to happen.
backup of database files within a reasonable time. Certification/Support:Oracle Advanced Compression is
Value Proposition: Oracle Advanced Compression uses certified for all SAP NetWeaver applications. Imple-
a different format for storing table data. Together mentations are supported by SAP.
with other compression technologies, which come Implementation: Oracle Advanced Compression can
with Oracle Database Enterprise Edition (e.g. Index be implemented easily in SAP environments, as SAP
Key Compression), it helps reduce the database size provides the tool BRSPACE, which is aware of all
by 50% or more. This is the essential benefit in the SAP-specific requirements. For details check SAP
sense that this is the effect Advanced Compression is Note 1431296.
designed for. And if the source database is smaller, the
creation of backup and other copies needs less time.
4

On the left-hand side, figure 3 shows a typical Oracle The maximum disk space savings which can be achieved
Database which forms an integral part of an SAP (in this depend on the characteristics of the data and the data
case: SAP ERP) system. Approximately one third of the characteristics depend on the SAP applications used.
allocated disk space is used for indexes (red), and two Usually SAP BW (BI) data can be compressed more
thirds contain table data (blue). Table data in turn can be efficiently than SAP ERP (ECC) data, and SAP CRM
divided into structured data (organized in columns) and data permit even higher disk space savings.
unstructured data (e.g. PDF or image files). Oracle Database 11g Advanced Compression offers more
Oracle Database 11g can compress all three types of data: than OLTP and SecureFiles compression. Backup files
• Index Key Compression is available for indexes. Index- created by RMAN and export files created by Data Pump
Organized Tables (IOTs) can be compressed as well. Both can be compressed substantially, even if tables and inde-
features are included in Oracle Database Enterprise xes in the production database are already compressed.
Edition, and do not require Advanced Compression. Additionally, redo log data can be compressed as well
before being shipped from the production to a standby
• OLTP Compression, a major feature of Advanced Com-
database (see the Data Guard section in this article).
pression, can be used to compress structured table
data. It is not restricted to OLTP systems, but can be
implemented in SAP BW systems as well.
• SecureFiles Compression (an Advanced Compression
feature, too) can be used to compress unstructured
table data.
If all features are implemented and all appropriate data-
base objects are compressed, customers have seen 55%
disk space savings on average. (This assumes a completely
reorganized database. If a fragmented database has not
been reorganized, the effects of reorganization and
compression are combined, in which case customers Figure 3: Oracle Database 11g Index Key Compression and Advanced Compression
have seen up to 80% disk space savings). (OLTP Compression, SecureFiles Compression)

Advanced Compression (Oracle Database 12c)

Challenge: (a)Data compression in Oracle Database 11g Certification/Support: Somenew features included in
has several limitations. In particular, tables having Oracle Database 12c Advanced Compression have
more than 255 columns cannot be compressed. already been certified in March 2015. Certification
(b) Data load is slowed down, if target tables are of the ILM features is planned for end of Q4 2015.
compressed. Implementation: Details will be provided at the time
(c) No support for automated Information Lifecycle of certification.
Management.
Related Feature: Oracle Database 12c Hybrid Columnar
Value Proposition: OracleDatabase 12c Advanced Compression (which is not included in Advanced
Compression lifts the 255-columns limitation and Compression, but is a feature available on Oracle‘s
allows more tables to be compressed. Completely Engineered Systems) provides stronger compression
new features (Heat Map, Automatic Data Optimiz- algorithms particularly suited for “cold” (i.e. historical)
ation) enable customers to implement deferred data data. Certification of HCC on Oracle Engineered
compression and sophisticated Information Lifecycle Systems is also planned for end of Q4 2015.
Management (ILM) strategies.
 Oracle Database Options and Packs for SAP Customers 5

Base Certification Features Information Lifecycle Management

In Oracle Database 11g, the index and table compression Even more parameters can be introduced thanks to the
features have several limitations. That is why Oracle new features in Oracle Database 12c Advanced Com-
Database 12c Advanced Compression offers a new, more pression. One of them is location. When you have “hot”
efficient index compression algorithm (Advanced Index (current) and “cold” (historical) data in your database,
Compression) and increases the maximum number of and you have two different types of storage, too, then you
columns for tables to be compressed. For details see the can ask the question: Where? Where would like which
article “Oracle Database 12c for SAP – Roadmap and data to be stored?
Base Certification Features” on page 5.
Using Partitioning in addition to Advanced Compression,
Heat Map and Automatic Data Optimization
you can – or rather: you can have the system – move data
In addition to those improvements, Oracle Database 12c from one tablespace (= storage tier) to another, when they
Advanced Compression comes with two completely new “cool down”, thus freeing up space on a more expensive
features. Heat Map automatically tracks modification and storage tier for more important (“hot”) data. This is called
query timestamps at the row and segment levels, providing (automatic) storage tiering.
detailed insights into how data is being accessed. Auto-
matic Data Optimization (ADO) automatically moves and Hybrid Columnar Compression (HCC)
compresses data according to user-defined policies based Finally, if you run Oracle Database 12c on Oracle Exadata
on the information collected by Heat Map. or Oracle SuperCluster, you can introduce the question:
Deferred Compression How? How, i.e. using which algorithm, do you want data
Based on the information provided in the Advanced to be compressed?
Compression (Oracle Database 11g) section, it might
seem that compression simply reduces the disk space In addition to OLTP and SecureFiles Compression, this
needed, and has nothing to do with database structure. Engineered Systems support Hybrid Columnar Com-
However, this is an illusion. Even in Oracle Database 11g, pression. As the name implies, this technology utilizes
we need to distinguish between tables that benefit and a combination of both row and columnar methods for
tables that do not benefit from compression (if this were storing data. This hybrid approach achieves the com-
not the case, compression could be made the default), pression benefits of columnar storage, while avoiding the
i.e. between tables that should and tables that should performance shortfalls of a pure columnar format. The
not be compressed. compression rations that can be achieved by using HCC
are much higher than those seen with “normal” compres-
Nevertheless, this is still a very basic and inflexible sion. Therefore HCC is particularly suited for “cold” data.
distinction. Take, e.g., an SAP BW table that is used
for data load. On the one hand, such a table could be Due to the missing row-level locking feature, it had not
compressed, because for most of the time it is accessed been possible to certify Oracle Database 11g Hybrid
in read-only mode. On the other hand, it should not Columnar Compression for use in SAP environments.
be compressed, because this would slow down the load In Oracle Database 12c, however, this feature is available
operations considerably. In Oracle Database 11g the on Oracle Exadata and Oracle SuperCluster. On these
recommendation is: Do not compress such a table. machines it is now possible to implement (automatic)
compression tiering. This means that, while “hot” data
Heat Map and Automatic Data Optimization allow you remain uncompressed, “warm” data may be compressed
to introduce a new differentiating parameter: If a table using the standard compression algorithms (Advanced
or partition should be compressed, when would you like Compression) and “cold” data using Hybrid Columnar
it to be compressed? In Oracle Database 11g compression Compression.
happens immediately or not at all. In Oracle Database 12c
you can specify that data should be loaded today and
(automatically) compressed tomorrow.
6

Figure 4: Oracle Database 12c Advanced Compression – Support for Information Lifecycle Management (ILM)

Oracle Database In-Memory

Challenge: In more and more systems, meeting memory structure that stores data in column format
analytics performance requirements turns out to be instead of in row format. Setup of the Column Store
a challenge. This is true for long-running queries in is fast and easy. Having available in column format
BW. However, it can also happen in OLTP systems, can improve query performance substantially.
e.g. if a very flexible implementation of operational Certification/Support: Oracle
Database In-Memory is
planning/reporting allows users to create many, certified for all SAP NetWeaver applications.
slightly different query variants.
Versions: Oracle Database 12c
Value Proposition: OracleDatabase 12c In-Memory
allows administrators to dedicate a certain amount of Implementation:For an overview and pointers to
database server memory to the Column Store – a more detailed documents see SAP Note 2178980.

Memory: The New Dual-Format Architecture Oracle Database 12c In-Memory optimizes both analytics
Oracle Database has traditionally stored data in a row and mixed workload OLTP, delivering outstanding per-
format. This format is ideal for online transaction (OLTP) formance for transactions while simultaneously supporting
systems, as it allows quick access to all columns in a record. real-time analytics, business intelligence, and reports. This
A column format database stores each of the attributes breakthrough capability is enabled by the dual-format
about a transaction or record in a separate column structure. architecture of Oracle Database In-Memory. This archi-
This format is ideal for analytics, as it allows for faster tecture eliminates the tradeoff by representing tables
data retrieval when only a few columns are selected but simultaneously using traditional row format and a new
the query accesses a large portion of the data set. in-memory column format. The Oracle SQL Optimizer
automatically routes analytic queries to the column format
But what happens, when your system is characterized by and OLTP queries to the row format, transparently deli-
a mixed workload? Up until now you have been forced vering best-of-both-worlds performance. Oracle Database
to pick just one format and suffer the tradeoff of either 12c automatically maintains full transactional consistency
sub-optimal OLTP or sub-optimal analytics performance. between the row and the column formats, just as it main-
The only way to optimize for both OLTP and analytics tains consistency between tables and indexes today.
had been to copy data from OLTP systems to analytic
systems using complex ETL processes that add a great
deal of expense and latency.
 Oracle Database Options and Packs for SAP Customers 7

Disk: Nothing Has Changed • One or several table column(s) may contain data that
The new column format is a pure in-memory format. are not relevant for DSS queries. Again the database
Tables are stored on disk using Oracle’s existing row-based administrator may wish to restrict the data to be kept
(or – on Engineered Systems – hybrid columnar) formats. in the in-memory column store, but in this case the
Since there is no persistent columnar storage format, there goal is to define a vertical subset of the table data, i.e.
are no additional storage costs or storage synchronization to exclude one or more columns from the population
issues. Nor is there a need to modify the database. Oracle process. And again it is possible to make this happen,
Database 12c In-Memory can be implemented without a because Oracle Database In-Memory allows administ-
database migration or a table reorganization. rators to specify different in-memory characteristics for
different table columns.
As a result, the new Oracle Database 12c In-Memory fea-
ture is fully compatible with existing standard or optional • The Oracle Database has been optimized and tuned for
database features such as table and index compression, table decades to scale-up on SMP servers. Large SMP servers
encryption, and table partitioning. It is also compatible are well suited for in-memory workloads, too, because
with the scale-out architecture provided by Real Application all memory is accessible to all processors over an extremely
Clusters (RAC) and with all existing high availability high speed Backplane. In addition to being able to scale
technologies (such as Data Guard). These features work up, however, Oracle Database In-Memory can also scale
exactly the same way with and without Oracle Database out to very high memory and CPU capacities by using
In-Memory. all of the memory and processors in a cluster of servers
(RAC). In such environments, all objects populated
Easy to Implement and Manage
into memory will by default be distributed across all
In addition to being compatible at the database feature in-memory column stores in the cluster. On Oracle
and application level, Oracle Database In-Memory is easy Engineered Systems, objects can also be duplicated.
to implement and manage. Enabling Oracle Database This means that an object (or part of an object, e.g. a
In-Memory is as easy as setting the size of the in-memory partition) populated into the in-memory column store
column store and identifying tables or partitions to bring will have a mirrored copy placed on one of the other
into memory. Background processes populate data from nodes in the RAC cluster. Duplicating data provides
storage into in-memory columns while the database in-memory fault tolerance as it ensures data is still
remains fully active and accessible. accessible via the in-memory column store even if a
Fine-Grained Control node goes down or is taken down for maintenance.
An easy start based on intelligent defaults for typical
situations – this is what Oracle customers expect. In
addition, however, Oracle customers expect mechanisms,
which allow for fine-grained control and tuning. Oracle
Database 12c In-Memory provides such mechanisms.
Examples are:
• Tables can contain “cold” data, which are neither up-
dated anymore nor accessed by queries. If those tables
are very large, it would be a waste of memory to keep
them completely in the in-memory column store.
Therefore administrators may want to restrict the
population process to the data really needed by DSS
queries. Table partitioning allows them to make this
happen. If the table is partitioned in a useful way (e.g.
by month), this internal structure can be used to define
a horizontal subset of the table data to be kept in the
in-memory column store. Figure 5: Oracle Database 12c In-Memory – Dual memory format, single disk format
8

Real Application Clusters (RAC)

Challenge: When the workload on a database server scale-out approach: 4, 6, or 8 small servers can handle
increases (due to new application versions, additional the same workload as one big server. However, they
applications, or more users), the traditional solution are much cheaper. And they can be added as needed.
is to replace the existing server with a bigger one
In this architecture, all Oracle instances are up and
(scale-up). Big servers, however, are very expensive.
running at the same time. Therefore no restart is
In order to guarantee high availability of the database required. If one of the RAC servers fails, the other
server, traditionally a failover cluster is implemented. instances can take over. A reconnect of the affected
Such a solution, however, has at least two disadvan- users is a matter of seconds, not of minutes.
tages: To summarize all this in a few words: The value
(a) A failover cluster relies on the concept that, at any proposition of Oracle Real Application Clusters
given moment, only one database instance running combines workload distribution, scalability, high
on one machine can be active. The other machine availability, better manageability, and cost savings.
(most probably an expensive server, too) is always idle. Certification/Support: Oracle
Real Application Clusters
(b) When a problem on the primary machine is detec- is certified for all SAP NetWeaver applications.
ted, an Oracle Database Server instance needs to be
Versions: Oracle Database 11g, Oracle Database 12c
started on the secondary machine. In this particular
situation, startup can take up to 30 minutes – which Implementation: Customers can use any general-pur-
means: up to 30 minutes unplanned downtime. pose machine (Unix, Linux, or Windows) certified
by SAP to build a RAC system. In addition, Oracle
Value Proposition: RealApplication Clusters (RAC)
offers Engineered Systems (Exadata, SuperCluster),
allows multiple instances to be up and running and
which make the implementation considerably easier.
to access the same database at the same time. As these
Oracle Grid Infrastructure provides a set of base
instances can and in most cases do run on different
technologies that simplify implementation and help
machines, customers have the option to implement a
save money.

Figure 6 illustrates the RAC benefits which have been can be implemented on the database level, too. In this
mentioned before: example, 5 SAP Application Server instances, running on
Scalability: Using RAC, the scale-out approach, which is 5 different machines, are connected to 4 Oracle Database
always supported on the SAP Application Server level, Server instances, running on 4 different machines.

Figure 6: Real Application Clusters (RAC) for scale-out and immediate (instance) failover
 Oracle Database Options and Packs for SAP Customers 9

High Availability: If one of the Oracle instances goes • Oracle Clusterware is the cross-platform cluster software
down, the affected SAP instance(s) is/are automatically required to run the RAC option for Oracle Database.
reconnected to one of the available Oracle instances. It enables the nodes to communicate with each other,
After this operation users can continue their work. The allowing them to form a cluster of nodes which beha-
failover occurs within seconds. ves as a single logical server. Similar to Oracle ASM,
which eliminates the need for a third-party cluster file
Oracle Grid Infrastructure provides the base technologies system, Oracle Clusterware eliminates the need for
that are required to enable RAC. It can be divided into third-party cluster management software.
two main components:
• In order to let multiple Oracle instances access the Oracle Clusterware can provide high availability and
database files at the same time, a cluster file system resource management for SAP resources just as it does for
is needed. Therefore Oracle provides Oracle Automatic Oracle resources. Therefore Oracle/SAP Development has
Storage Management (ASM). Unlike other, third-party created an Oracle Clusterware tool, SAP Control (SAPCTL),
cluster file systems, it is optimized for Oracle Database to enable customers to easily manage SAP high availability
files, and it comes for free. resources.

Data Guard and Active Data Guard

Challenge: RAC provides high availability by multi- Active Data Guard Far Sync, the main new feature
plying the number of Oracle instances. Such high with Oracle Database 12c, allows customers to combine
availability, however, is restricted to the instance high performance (a characteristic of asynchronous
level. Even in a RAC-based system, the database re- data shipping) and zero data loss (a characteristic of
mains a single point of failure. This means that DBA synchronous data shipping).
errors, data corruption, server or data center failures Certification/Support: Oracle
Data Guard is certified
can make the whole system unavailable. for all SAP NetWeaver applications. However, only
Value Proposition: Data Guard removes this single physical standby databases are supported, logical
point of failure. The technology allows customers to standby databases are not.
set up a standby (shadow) database as a copy of the Oracle Active Data Guard is certified for all SAP
primary (production) database and then keep the two NetWeaver applications. However, Real-Time Query
databases synchronized. Please note that Data Guard is not possible in SAP environments, because even
is included in Oracle Database Enterprise Edition. report generation is not a read-only operation.
It is not an option.
Versions: Oracle Database 11g, Oracle Database 12c
However, Active Data Guard is an option. In Oracle
Database 11g it offers additional features such as Auto- Implementation: Standard Oracle setup procedures
matic Block Repair and Fast Incremental Backup. apply. In the white paper “Oracle Standby Database”
SAP describes BR*Tools support.

Data Guard can provide both zero data loss protection and performance, however, often makes it impractical to
near-immediate restoration of service should a production implement zero data loss protection when large distances
database become unrecoverable for any reason. This is separate the primary and replica database(s). Rather than
accomplished using the combination of Data Guard impact database performance, many enterprises will com-
synchronous redo transport and a replication-aware apply promise on data protection by implementing asynchro-
process at the standby database. The impact that any nous replication and accept that an unrecoverable outage
synchronous replication method can have on database will result in varying degrees of data loss.
10

Active Data Guard Far Sync, a new capability with Oracle Take for example an existing asynchronous Data Guard
Database 12c, eliminates the need to compromise by configuration with a primary in Boston and a standby
extending zero data loss protection to a replica database in San Francisco. Upgrade to zero data loss simply by
located at any distance from the primary database. Far using Active Data Guard to deploy a far sync instance
Sync provides zero data loss protection for a production within synchronous replication distance of Boston (less
database by maintaining a synchronized standby database than 150 miles). There is no disruption to the existing
located at any distance from the primary location, and environment nor is there any requirement for proprietary
can do so without performance impact and with minimal storage, specialized networking, more database licenses,
cost or complexity. A new type of Data Guard destination or complex management.
called a far sync instance receives changes synchronously
from a primary database and forwards them asynchronous-
ly to a remote standby. Production can be quickly failed
over, manually or automatically, to the remote standby
database with zero data loss.

A far sync instance is a light-weight entity that manages

only a control file and log files. It requires a fraction of
the CPU, memory, and I/O of a standby database. It does
not have user data files, nor does it run recovery. Its only
purpose is to transparently offload a primary database of
serving remote destinations. A far sync instance can save
network bandwidth by performing transport compression Figure 7: Active Data Guard Far Sync – High performance, zero data loss
using Oracle Advanced Compression. across large distance WAN

Oracle Multitenant

Challenge: Many SAP landscapes consist of a few Value Proposition: Oracle

Multitenant reduces resource
large and a considerable number of small or very consumption by separating “container” and “plug-
small systems. However, the existence of many small gable” databases. It simplifies administration by
SAP systems based on as many independent database moving standard operations to the “container data-
servers has several disadvantages: base” level.
• Many small systems (even virtualized ones) use Certification/Support: Oracle Multitenant is planned
too many hardware resources (memory, CPU) to be certified in 2016.
• Too much time is spent for the administration of Version: Oracle Database 12c
so many small database systems
Implementation: Details will be provided at the time
of certification.

Oracle Database 12c Multitenant introduces a new Consolidation Approaches

architecture that enables customers to easily consolidate Large enterprises may use hundreds or thousands of da-
multiple databases, without changing their applications. tabases. Often these databases run on different platforms
This new architecture delivers all the benefits of managing on multiple physical servers. A database may use only a
many databases as one, yet retains the isolation and fraction of the server hardware capacity. This is an expen-
resource prioritization of separate databases. sive approach which fails to maximize the usage of both
the hardware and human resources.
 Oracle Database Options and Packs for SAP Customers 11

A typical response to the management problem is to place Sharing of background processes, memory structures,
multiple databases on each server (either as direct installs or system-wide metadata, and database files results in consi-
using virtual machines). The problem is that the multiple derably decreased resource consumption. In addition, Oracle
database instances do not share background processes, Database 12c Resource Manager is extended with specific
system and process memory, or Oracle metadata. Another functionality to control the competition for resources between
response is to logically separate the data into schemas (schema PDBs within a CDB.
consolidation). The problem is that these virtual entities
are difficult to manage, secure, and transport. Manage Many Databases as One
By consolidating existing databases as pluggable data-
Oracle Multitenant Architecture bases, administrators can manage many databases as one.
Oracle Database 12c Multitenant is based on an approach Benefits include:
called database consolidation. It delivers a new architecture • The investment of time and effort to patch one CDB
that allows one single Container Database (CDB) to hold results in patching all of its many PDBs. To upgrade
many Pluggable Databases (PDBs). See figure 8. all PDBs hosted in a CDB, simply upgrade the CDB
and all hosted PDBs are upgraded “in-place”.
An existing database can simply be “plugged into” a CDB. • Instead of executing separate database backups, admini-
At any time, then, it can be unplugged and plugged strators only require to back up their database at the
into another CDB. Unplug/plug is even supported across CDB level. In other words, all PDBs consolidated into
Oracle Database software versions. a container will be backed up as one, and administra-
tors retain the flexibility to perform recovery operations
From the point of view of the client application connecting at individual PDB level, if required.
to the database server via Oracle Net, the PDB is the data-
base. A PDB is fully compatible with a non-CDB – a rule • Administrators maintaining standby systems in another
also known as the PDB/non-CDB compatibility guarantee. data center (using Data Guard or Active Data Guard)
will only need to set up a standby configuration at the
CDB level, to replicate all PDBs consolidated in that
Resource Utilization and Resource Management
container.
The many PDBs in a single CDB share its memory and
background processes. This enables consolidation of many
more databases compared to the old architecture, offering
similar benefits to schema-based consolidation but with
none of the major application changes required by that
approach.

Horizontal partitioning of the Oracle data dictionary (a con-

ceptual partitioning, not a physical table partitioning)
removes the need to store and manage system-wide meta-
data in every single database. The “lower” half (implemented
in the CDB) holds the system-wide metadata – and nothing
else, while the “upper” halves (implemented in the PDBs)
hold application-specific metadata – and nothing else.
Figure 8: Oracle Multitenant – New architecture for consolidating databases
and simplifying operations
Creating pluggable databases, moving pluggable databases
between containers, and cloning pluggable databases are
done with new SQL commands and take just seconds. When
the underlying file system supports thin provisioning, many
terabytes can be cloned almost instantaneously.
12

Oracle Advanced Security

Challenge: In order to read or update data in an Oracle Data Encryption and Backup Set Encryption protect
Database that is the data store of an SAP application, data in the production database files as well as their
the obvious and only choice for legitimate users is backup copies.
this particular application. Attackers, however, who Certification/Support: Oracle
Advanced Security
want to bypass SAP‘s user management and access is certified for all SAP NetWeaver applications.
control, could use either a network sniffing tool to Implementations are supported by SAP.
capture data in transit or some kind of file editor to
read data at rest, i.e. in a database file copy. Versions: Oracle Database 11g, Oracle Database 12c
Value Proposition: Oracle Advanced Security is a bundle Implementation: Advanced Security features are
of features that allow administrators to encrypt data activated either via the Oracle Net configuration or
and make it harder for attackers to understand what using SAP‘s BR*Tools. Details can be found in SAP
they see. Oracle Network Encryption can be used to Notes 973450, 974876, and 1324684.
protect data in transit, while Oracle Transparent

Protecting Data in Transit: Oracle Network Encryption Protecting Data at Rest: Oracle Transparent Data Encryption

In SAP environments, users do not directly connect to the Oracle Transparent Data Encryption (TDE) is applied to
Oracle Database server. They connect to an SAP application data in the files which make up the production databa-
server instance, and the SAP application server instance se (as opposed to backup files, which will be discussed
in turn connects to the Oracle Database server. So, in this in the next paragraph). As the name indicates, TDE is
case, the application server instance is the Oracle client, transparent to the application; no application changes are
and Oracle’s network encryption encrypts all data traveling required. Starting with SAP NetWeaver version 7.20,
between application server and database server. you can use BRSPACE to set the encryption attribute on
a tablespace level. BRSPACE can also be used to manage
Oracle’s network encryption requires Oracle software, the wallet, which stores the encryption keys.
which is not installed on end-user devices. Therefore
other technologies or products must be used to protect Transparent Data Encryption comes in two flavors. The
the communication between SAP users and SAP appli- first one (available since Oracle Database 10g) is called
cation servers. Column Encryption, because you select just a few of the
many SAP tables, or even individual columns of these tables
However, people do not only attempt to read data in that contain sensitive data and encrypt them. Everything
transit, they can also try to intercept and modify them. else remains unencrypted. The second one (available since
Therefore, in addition to network encryption, Oracle also Oracle Database 11g) is called Tablespace Encryption. It
supports crypto-checksumming to ensure data integrity. allows you to encrypt complete tablespaces, which may
Both encryption and crypto-check- summing are completely contain hundreds, thousands, or tens of thousands of tables.
transparent to the application, and in both areas the system
administrator can chose between several algorithms.1 Protecting Data at Rest: Oracle Backup Encryption
If you decide to use column encryption in your database
backups then it is generally much easier to steal backups
of the database files than can the production database itself.
1Please note: As of June 2013, network encryption and crypto-checksumming are no longer part Therefore, the third set of features in Oracle Advanced
of Oracle Advanced Security. They are included without additional cost in all licensed editions
of all supported releases of the Oracle database. Security is related to backup encryption.
 Oracle Database Options and Packs for SAP Customers 13

If you simply backup your database files, only those co-

lumns that are encrypted in the production database files
are encrypted in the backup copies. However, combining
Oracle Recovery Manager (Oracle RMAN) and Oracle
Advanced Security, whole backup sets (that is, all data)
can be encrypted.

Figure 9: Oracle Advanced Security – Encrypt data in transit or at rest

Database Vault

Challenge: Data encryption does not help, if attackers role correlations. Oracle Database Vault allows com-
do not use third-party tools, but Oracle tools to panies to implement and enforce concepts such as
bypass the SAP applications. This is particularly the segregation of duties or the four eyes principle.
dangerous in the case of privileged database users
Certification/Support: Oracle Database Vault is certified
(database administrators). And it is particularly rele-
vant, if database administration is outsourced or data for all SAP NetWeaver applications. Implementations
are stored in the cloud. are supported by SAP.
Value Proposition: Oracle Database Vault replaces the Versions: Oracle Database 11g, Oracle Database 12c
traditional database privilege management strategy Implementation: Database Vault is managed using the
with a new, more flexible and more powerful one. Oracle Database Vault Administrator (DVA).
It goes far beyond traditional user–privilege or user–

Privileged database users – like database administrators who is supposed to manage the database structure, is
– can use DBA tools and directly connect to the databa- by default able to read (and even change) all data in the
se, thus bypassing SAP’s security checks (see figure 10). database?
Against this kind of threat, encryption does not help. If
someone is able to connect successfully using a sufficient- Oracle Database Vault
ly privileged account, and if he or she then sends a query, A solution to this problem requires a new privilege
the Oracle Database will generously deliver the result management strategy in the database. This strategy
set to this user. If the requested data is encrypted, Oracle should continue to provide system privileges and object
will decrypt it. From an Oracle Database perspective the privileges, but it should get rid of implicitly granted
request sent by this user seems to be a perfectly valid object privileges.
request.
This is exactly what Oracle Database Vault does. It repla-
This can happen, because traditionally, if you were ex- ces the traditional, somewhat clumsy privilege manage-
plicitly granted a sufficient number of system privileges, ment strategy with a new, more flexible one. It elimina-
you implicitly received object privileges for all tables as tes all implicit grants and instead provides a means to
well. For decades people found this acceptable. Recently, explicitly define access rights as well as the circumstances
however, companies began to ask: Is it really necessary under which they are effective. This goes far beyond
and is it really desirable that a database administrator, traditional user – privilege or user – role correlations.
14

Oracle Database Vault allows companies to implement Oracle has actually done this, saving customers the time
and enforce concepts such as the segregation of duties or that is needed to implement the boring basics of an
the four eyes principle. application-specific security policy, and protecting these
companies from forgetting to implement some of the
Oracle Database Vault for SAP basics. As of today, Oracle provides a whole family of
Oracle Database Vault, as sold by Oracle, is just a tool box. predefined application-specific Oracle Database Vault
It is true that it comes with predefined realms and roles, policies, and Oracle Database Vault for SAP is a member
but those are realms for system tables and very general of this family.
(if fundamental) roles. These predefined components allow
Oracle Database Vault to be functional and allow you to
use it, but they do not protect your application-specific
data. That is because Oracle does not know anything about
your applications and your data. Oracle can only give you
a toolbox, and it is up to you to determine your security
requirements and translate these requirements into an
access control policy.

But there is an important difference. As long as customers

use home grown applications, it is simply not plausible
for Oracle to do more. However, if thousands or tens of
thousands of companies use a certain standard application Figure 10: Oracle Database Vault – Privileged user access control and analysis
and the security requirements of all these companies are
(at least to a certain point) identical, because they are
results of the application design, then it makes much
more sense for Oracle to analyze the requirements and
implement a basic security policy.

Real Application Testing (RAT)

Challenge: Database software patches or upgrades, system. Therefore Oracle Real Application Testing
modified database server configurations, and the im- allows customers to capture production database
plementation of new database features/options can workload and replay it on a test system. Combining
improve performance, availability and security of the these two steps, allows for the true effects of the
database server and the whole system. In particular changes to be understood using a real-life workload
if the implementation must take into account custo- before they are implemented in production systems.
mer- or application-specific characteristics, adminis- Certification/Support: OracleReal Application Testing
trators will want to know in advance how the new is certified for all SAP NetWeaver applications.
feature or configuration works in the production Implementations are supported by SAP.
system.
Versions: Oracle Database 11g, Oracle Database 12c
Value Proposition: The main problem with many test
systems is that the workload applied to them is smaller Implementation: Asthis is a database-only feature,
than or different from the workload of the production no SAP tool support is required. For details see SAP
system, and that a new feature or configuration works Note 1426980.
well in the test system, but not in the production
 Oracle Database Options and Packs for SAP Customers 15

Oracle Real Application Testing enables you to perform SQL Performance Analyzer
real-world testing. By capturing production database Database Replay delivers half of what Oracle calls Real
workloads and assessing the impact of system changes Application Testing; the other half is provided by another
before production deployment, it minimizes the risk of tool, SQL Performance Analyzer. The main difference
instabilities associated with changes. Oracle Real Appli- between these two tools is the scope involved: Whereas
cation Testing comprises two components: Database Database Replay applies to the capture and replay of all
Replay and SQL Performance Analyzer. activities in a database, SQL Performance Analyzer allows
you to capture specific SQL statements and replay them.
Database Replay The latter offers a significant advantage for SQL tuning,
Load testing today is generally done using tools that allow because you can tweak the SQL statement issued by an
testing teams to generate synthetic workloads based on application and assess its impact.
what they expect users to do on a system. These workloads
can then be replayed by application virtual users, which SQL Performance Analyzer (SPA) can predict and prevent
simulate the end users by submitting requests to the SQL execution performance problems caused by environ-
application. Although widely used, this approach has a ment changes. It provides a granular view of the impact
number of shortcomings when it comes to testing database of environment changes on SQL execution plans and
level changes: statistics by running the SQL statements serially before
and after the changes.
• Creating the synthetic workload can take a considerable
time and requires programming expertise.
• User behavior is not well understood, so many possible
workflows are often missed in the synthetic tests.
• Production scale database concurrency is near impos-
sible to simulate with these tools.
• A full application stack is required for testing as these
tools simulate end users.

The Database Replay feature included in Oracle Real Appli-

cation Testing provides DBAs and system administrators
with the ability to faithfully, accurately and realistically
rerun actual production workloads, including online user
and batch workloads, in test environments. By capturing
the full database workload from production systems,
including all concurrency, dependencies and timing,
Database Replay enables you to realistically test system
changes by essentially recreating production workloads
Figure 11: Real Application Testing (RAT) – Capture and replay real database
on the test system, something that a set of scripts can ne- workload
ver duplicate. With Database Replay, DBAs and system
administrators can test:
• Database upgrades, patches, parameter, schema changes,
etc.
• Configuration changes such as conversion from a single
instance to RAC, ASM, etc.
• Storage, network, interconnect changes.
• Operating system, hardware migrations, patches,
upgrades, parameter changes.
16

Enterprise Manager Packs

Challenge: Monitoring and manage a complete IT provided by SAP. These tools include SAP-specific
infrastructure often can be challenging. Adminis- knowledge and are therefore easy to use. On the other
trators may end up with a considerable number of hand there are the powerful Oracle Enterprise Ma-
management tools designed for this or that particular nager and its packs. However, in some cases Oracle
purpose. Enterprise Manager or one of its packs are required
Value Proposition: Oracle, being a vendor of the whole – either because there is no BR*Tools support for an
IT stack from hardware via databases to applications, Oracle Database feature (example: Database Vault) or
realized that there is a need for an integrated enter- because SAP and Oracle functionality are integrated
prise management tool. However, in order to avoid so completely that the former is not possible without
unnecessary complexity, Oracle Enterprise Manager the latter (example: SAP DBA Cockpit and Enterprise
Grid/Cloud Control is divided into a base product Manager Diagnostics Pack).
and several packs dedicated to special features. With Versions: Oracle Database 11g, Oracle Database 12c
or without packs – Oracle Enterprise Manager always Implementation: For general information about using
provides a complete view of the IT landscape. Oracle Enterprise Manager in SAP environments see
Certification/Support: Generally
speaking, SAP on SAP Notes 355770 and 1028068. Special use cases
Oracle customers have a choice. On the one hand are discussed in additional notes and white papers.
there is the BR*Tools family of management tools

SAP DBA Cockpit and Enterprise Manager Diagnostics Pack

• Automatic Database Diagnostic Monitor (ADDM):
ADDM builds upon the data captured in AWR. ADDM
The Oracle Diagnostic Pack provides automatic per-
makes it possible for the Oracle Database to diagnose
formance diagnostic and advanced system monitoring
its own performance and determine how any identified
functionality. The Diagnostic Pack includes the follo-
problems could be resolved. ADDM runs automati-
wing features:
cally after each AWR statistics capture and makes the
• Automatic Workload Repository (AWR): AWR performance diagnostic data available immediately.
is a built-in repository within every Oracle Database that ADDM examines data captured in AWR and performs
contains operational statistics about that particular analysis to determine the major issues on a proactive
database and other configuration and usage information. basis, recommends solutions and quantifies expected
At regular intervals, the Oracle Database takes a snapshot benefits.
of all its performance statistics and workload informa-
tion and stores it in AWR. AWR forms the foundation
• Active Session History (ASH): All active database
for most of the self-management functionality of Oracle
sessions are automatically sampled once every second
Database. It is the source of information that gives the
and stored in the ASH. The data is captured in a rolling
Oracle Database a historical perspective on how it is
buffer in database memory. The ASH data shows where
being used and enables it to make decisions, which are
accurate and specifically tailored for the system‘s environ-
the database is currently spending its time and high-
ment. Most of the self-managing features of the Oracle lights any performance bottlenecks. As ASH captures
Database rely heavily on the information captured in the session state with many performance attributes, the
AWR. The data in AWR is also useful for diagnosing in-memory ASH data can be very effectively used to
all types of performance issues ranging from persistent understand the database workload profile and pro-actively
or comparative performance diagnosis. diagnose any transient performance issue, such as a CPU
spike or an I/O storm, that occurs for a very short
duration.
 Oracle Database Options and Packs for SAP Customers 17

Oracle Diagnostics Pack diagnostics and analysis features ting system. The application takes care of pre- and post
such as ADDR, ASH, and AWR are tightly integrated -patching steps such as shutdown and startup of services,
with SAP‘s DBA Cockpit. Therefore DBA Cockpit has a and dictionary changes, if required. It also leverages the
mandatory requirement for Oracle Diagnostics Pack. flexible Deployment Procedure framework, that lets users
add custom steps for specific actions within the patching
Database Lifecycle Management Pack process.
The Provisioning and Patch Automation Pack automates
the deployment of software, applications, and patches. The Provisioning and Patch Automation Pack also comes
It makes critical data center operations easy, efficient and with out-of-box Deployment Procedures to provision
scalable, resulting in lower operational risk and cost of the Oracle Database (both single instance database and
ownership. The ability to provision the entire software RAC), Oracle Clusterware and Oracle Automatic Storage
stack that includes the operating system, middleware and Management from “gold images” following the best
database, supplemented by comprehensive reporting tools, practices for maximum availability. The gold images are
make the Provisioning and Patch Automation Pack an tested and approved software images and can be patched
extremely significant entity in overall system management to any level before deployment.
space.
For SAP environments, the MOPatch utility is integrated
The Provisioning and Patch Automation Pack includes with the deployment procedures of Oracle Enterprise
an end-to-end patching solution that works seamlessly Manager to automate the orchestration of patching for
across a wide range of products and customer environments. Oracle Databases. See white paper “Patching of Oracle
The patching application automates the deployment of Databases in SAP Environments using Oracle Enterprise
Oracle patches for the database and the underlying opera- Manager”.

Figure 12: Oracle Enterprise Manager Diagnostics Pack and SAP DBA Cockpit
18

Summary Subsets and Access Patterns

In a certain sense, the Oracle Database has always been a When determining a specific partitioning strategy it is
data management infrastructure, and therefore there has important to not only look at the data but to consider
always been a need to provide support for two opposite the access patterns as well. Partitioning a table by month
goals: consolidation, and separation or differentiation. may turn out to be useless or even negatively impact
Oracle has always been a multi-user, multi-schema, and performance, if most queries access the data by location.
possibly multi-application database. Therefore – apart
from the very basic split of the available data into different However, distinguishing subsets of data by access pattern
tables – there was a need to separate application-specific in new, previously impossible ways is the main goal of
schemas. For performance reasons, there was a need to many Oracle Database 12c features and options.
separate the files used for user/application data from those
used for redo log or undo information. Being a complete Heat Map, a feature included in Advanced Compression,
data management system, the Oracle Database has automatically tracks modification and query timestamps,
nevertheless always provided adapters, gateways, and thus providing detailed insights into how data is being
other means that allow interactive users and batch jobs to accessed. Automatic Data Optimization automatically
join data stored in the Oracle Database with data coming moves and compresses data according to user-defined
from other, external data sources. policies based on the information collected by Heat Map.
This means that storage and compression tiering can be
However, as a result of the growing amount of data, in- implemented, i.e. the selection of different storage media
creasing workload, and shrinking maintenance windows and different compression algorithms for different subsets
that many customers experience, Oracle needed to provide of data which are defined by different access characteristics.
additional, more sophisticated solutions. This has happe-
ned in Oracle Database 10g, in Oracle Database 11g, and Oracle Database In-Memory allows administrators to dis-
again in Oracle Database 12c. tinguish between different types of transactions as well
as different data representations in memory and to avoid
Defining Subsets of Data the trade-off which results from the requirement to pick
Released for the first time several versions and many years one single data format for all types of transactions and
ago, Table and Index Partitioning is still a good example applications. Based on the new In-Memory option, Oracle
of data differentiation and a powerful technology. Therefore Database 12c can provide data used by OLTP transactions
it has been discussed at the very beginning of this article. in row format, and at the same time data used by analytics
It is used to define subsets of table data which can be in column format.
accessed and managed independently.
Workload Distribution
Other options focus on workload distribution. A prominent
example is Real Application Clusters (RAC), which allows
customers to split the system workload and let many
servers, running at least as many Oracle instances, handle
the workload. It is up to the customer to decide whether
all instances should handle the same type (or mixture) of
workload(s) or different instance should be responsible for
different types of workload (e.g. interactive transactions
vs. batch jobs).
 Oracle Database Options and Packs for SAP Customers 19

Figure 13: Oracle’s multi-tiered data management infrastructure

In addition to enabling workload distribution, RAC To put it simply, Multitenant is about the distinction
increases the system availability. This is even more true for between those administration tasks that should be execu-
Data Guard. Nevertheless, Data Guard does not require the ted for every single database individually (because there
standby database to be idle. It can be used for operation are differences) and those that can be executed once for all
such as backup or – under certain conditions – reporting. or at least for a certain group of databases (because there
In other words: Data Guard helps implement workload are no differences). E.g. to apply a certain patch to 25
distribution as well. database systems means to repeat the very same process
25 times. Therefore Oracle Multitenant moves this
Data Access Policies operation to the Container Database layer, where it can
In a somewhat different sense, Oracle‘s security options are be done once for all Pluggable Databases. On the other
related to access patterns as well. In particular Database hand, a point-in-time recovery is an operation to be per-
Vault lets security administrators define and enforce access formed on the PDB level, as it should not affect other PDBs.
policies which prevent privileged users from reading or
manipulating data they are not supposed to access. Phrases In addition, the Provisioning and Patch Automation Pack
such as “segregation of duties” make it very clear that even allows administrators to automate those operations which
here we are talking about the balance between separation are similar in all cases. Examples are the deployment of
and combination. Oracle patches or the provisioning of new systems based
on “gold images”.
Database Administration
Monitoring and Testing
Oracle Database 12c Multitenant moves the data manage-
Will your systems benefit from these features? How can
ment infrastructure principle to a completely new level:
you be sure? And how should the features be implemented
We do not simply talk about an infrastructure for many
tables or many users. We talk about an infrastructure for in order to have a positive impact on your systems? Real
many databases. And here consolidation clearly requires Application Testing will help you to answer these and similar
separation. questions.