What Trento 2.0 Means for a Secure SAP Platform? Changes in the SUSE’s tool to reduce risk and improve the reliability of the SAP environments


Besides Trento’s existing cluster and cloud best practices validations, Trento 2.0 highlights streamlining the implementation requirements and enables integration. With a new engine that addresses one of the main concerns of security teams, the requirement of an SSH connection to the SAP systems. And the addition of API versioning capabilities to enable the integration of Trento with SAP customers’ tools.  This blog will explain how Trento 2.0 announcement improves SAP platform reliability.

With the announcement SUSE’s commitment to delivering innovative solutions for SAP businesses remains unwavering. The Trento project has become crucial to ensure a secure SAP platform. It empowers organizations to run SAP operations confidently, implementing SAP platform Best Practices as a Code. In this way, SUSE is bringing to the SAP customers exciting features to reduce risks and ensure a reliable SAP platform demonstrating SUSE’s dedication to minimizing operational complexities and providing a robust SAP foundation.

A More Secure SAP Platform with Trento 2.0

A secure SAP platform needs to be founded on a reliable platform as the only way to ensure SAP operation. Therefore, keeping the SAP platform aligned with best practices is critical to achieving that goal. This alignment can be complex to track, mainly when a reliable SAP environment includes clusters to avoid unplanned downtimes and cloud environments that add multiple variables and dependencies. Trento addresses the challenges and risks associated with SAP platform configurations and operations, aiming to reduce potential pitfalls and streamline maintenance processes.

SUSE understands the complexities of SAP landscapes. With Trento SUSE Linux Enterprise Server for SAP applications (SLES for SAP) offers enterprise-supported capabilities to avoid best practices drift, avoiding error-prone configurations to simplify the management processes. By minimizing manual interventions and reducing the likelihood of errors or system downtime, Trento 2.0, and its premium content delivered into SLES for SAP, enables organizations to mitigate risks, enhance operational stability, and improve overall efficiency. To find out what Trento 1.0 had to offer you could refer to the blog Safeguard Your SAP S/4HANA deployment with SUSE Trento

Ensuring Reliability and Performance

A reliable SAP platform is crucial for businesses to deliver consistent performance and meet operational demands. SLES for SAP provides a solid foundation for SAP operations, ensuring high availability, scalability, and resilience. The solution incorporates intelligent monitoring and proactive maintenance features that enable businesses to identify and address potential issues before they impact critical processes. By ensuring a reliable SAP platform, Trento empowers organizations to provide uninterrupted services to their customers, drive productivity, and achieve their business objectives.

Enhancing Security and Compliance

While reducing risks and ensuring reliability are primary objectives of Trento 2.0, security remains a fundamental aspect of it. SLES for SAP incorporates its robust security capabilities, Trento support with premium content checks, and SUSE Manager, to protect SAP deployments against potential vulnerabilities and ensure compliance with industry regulations. By prioritizing security, SUSE enables organizations to safeguard their critical data, protect against unauthorized access, and meet stringent compliance requirements.

Leverage existing SAP customers’ management and monitoring tools with Trento APIs

When we look deeper into the new functionalities, new API versioning in Trento is excellent news for IT Managers. Integrating API capabilities into existing management and monitoring tools gives SAP customers a powerful way to leverage their current infrastructure. By seamlessly integrating APIs, organizations can tap into the vast potential of their SAP systems and leverage valuable data. This integration adds Trento’s intelligence and provides valuable information on the SAP platform and cluster health, enhancing operational efficiency and providing deeper insights into critical metrics to enhance operational efficiency. With API integration, businesses can bridge the gap between SAP platform status and their management and monitoring tools, enabling customers to monitor, analyze, and optimize their SAP landscape using familiar interfaces. This unified approach simplifies the management and monitoring of SAP systems and empowers businesses to mitigate the risks and keep the service uptime.

Removing security and network requirements

One challenge that every company faces when needs to deploy a new tool is the network and connection requirements. Each requirement needs the attention of the security and network teams. And opening an SSH connection with a user with elevated privileges from an external tool in a critical environment like SAP is something that can’t be done without consideration and triggers endless discussions that delay and sometimes stop the implementation. And with this spirit to simplify the adoption of Trento, SUSE has been working to remove implementation requirements.
There it is where the new engine, Wanda, shows its capabilities to reduce the complexity of the Trento implementation, removing the need for an SSH connection and the security concerns associated with the networking and security requirements.

Trento 2.0 check Engine workflow for the SAP platform

Trento 2.0 check Engine workflow for the SAP platform

Other relevant changes

The Trento 2.0 announcement includes other relevant changes, including adding new platform support.

Fast deployment

Another significant change is the deployment. Trento 2.0 installs over any CNCF-certified Kubernetes running on x86_64 architecture, including Rancher RKE1, RKE2, and K3s, in very few steps (When to use K3s and RKE2). The best example is the default installation method provisioning a minimal, single node, K3S Kubernetes cluster for running its components in Linux containers. Check Trento’s documentation for more info.

Trento 2.0 adds virtualization support.

Additionally, Trento 2.0 adds VMware to the current list of known platforms, along with Azure, AWS, GCP, and on-premise bare metal, which mainly covers most of the SAP customers’ environments and platforms, enabling Trento to implement specific checks for this platform. With this change, customers running SAP in these virtualization environments will have a better experience with deeper insights about the platform.


Trento 2.0 announcement improves SAP platform reliability. New engine and APIs versioning are mayor updates that enable customers to leverage all Trento potential. SUSE’s Trento 2.0 release marks a significant advancement in reducing risks and ensuring a reliable SAP platform for businesses. By simplifying deployment and management processes, minimizing operational complexities, and providing robust security measures, Trento Premium empowers organizations to run SAP operations efficiently and with peace of mind. As businesses strive for digital transformation and operational excellence, they can rely on SLES for SAP and SUSE’s expertise to reduce risks, ensure reliability, and optimize their SAP landscapes.
For more information on enhancing the security of your SAP platform, visit www.suse.com/secure-sap

(Visited 17 times, 1 visits today)
Sebastian Martinez
Sebastian Martinez   25+ years of experience in the tech industry and enjoying searching for creative solutions and staying up-to-date with technology trends.