The data centers and logical networks, as defined and operated by the network team, shall be declared within SAP Focused Run. These network segments, named Customer Networks, are used by LMDB as namespaces, to bundle and protect system definitions and collected metrics. This is reflected, as an example, in the below schema with A and B. Such Customer Network can be then also assigned to a customer (via so called Business Partners).

To declare a Customer Network, within SAP Focused Run using SSI Configuration, you shall have a clear understanding of the network layout and associated proxies and reverse proxies. You are asked to mention:

• As of FRUN 2.0 FP02 a Data Center ID is a maximum of 16 characters, such as “DATACENTER1”.
• A globally unique Customer ID (also known as CID), composed of 3 characters, like "ABC".
• A globally unique Customer Network name (belonging to a Data Center), like "ABC_Walldorf". Note: The Customer Network name must be limited to 40 characters.
• A unique Admin Request Parameter, also called "inbound fencing string", which is usually the hostname of the Reverse Proxy. Note: It is mandatory that this same value is also manually maintained in the reverse proxy configuration file, as explained to the Security Guide, chapter: Enable Network Communication Encryption.

Follow below rules:

• We recommend to use a combination of characters and digits. 
• Do not use spaces or special characters
• Use _ (underscore) characters, instead of - (minus).
• Spaces are only allowed for the Network Description. 
• The Data Center ID, Customer ID, Customer Network Name must be clear and consistent, because the Data Center ID might be used for access/authorization checking in further releases.

Pay attention to the terminology: In the context of SAP Focused Run, the term reverse proxy designates a pass-through from the managed objects of the customer network, to the FRUN system.

Finally, consider that a predefined customer network named LOCALNETWORK is created, while performing the initial set up of LMDB, as described in the Master Guide. 

This local network can be utilized within FRUN in case no specific security or data separation is required (and no proxy or reverse proxy is in place).

To create the customer network within SAP Focused Run, navigate to Infrastructure Administration / Global Settings & Network Configuration, within the Launchpad and:

Choose the Network Creation tab.

• Press New
• Specify the required values
• Press Save and Create

Note: Each time a customer network is created within SAP Focused Run, using SSI Configuration, a set of associated technical users are created. Refer to following chapters in the SAP Focused Run Security Guide for further details:

• Introduction to Data Separation
• Technical Users to Authenticate Data Send Requests to the SAP Focused Run system (ABAP)

Then select the Network Settings tab

Select the previously create Customer Network

Enter the Password of the existing sapadm OS user, relevant in that network segment

Note: The sapadm OS user dedicated to the SAP Host Agents. It is a reserved OS username and the password usually defined when installing a SAP Host Agent, or any SAP system. This OS user password shall be the same on all hosts that belong to a given customer network. It is currently not possible to define different sapadm OS user passwords for the hosts of a given customer network. Refer to the SAP Focused Run Security Guide, chapter Technical Users for Managed OS for further details.

• Details about SSL/TLS settings can be found in the SAP Focused Run Security Guide, in chapter Enable Network Communication Encryption.
• Press Save.

Finally:

The above customer network wizard creates users automatically with a generated password. Therefore, you shall define the password of the following technical users:

• FRN_LDDS_<CID> : User on SAP Focused Run system to authenticate Data Suppliers sending SLD payloads directly to LMDB.
• FRN_LDSR_<CID> : User on SAP Focused Run system to authenticate the SLDRs which are forwarding received SLD payloads.

Note: Do not simply use transaction SU01. Refer to the security guide for additional details.

Therefore, proceed as follow:

• Run the RSSI_CHANGE_NETWORK_PASSWORD (transaction SA38).
• Select the type of user, as mentioned above
• Select the Customer ID
• Provide a new password
• Select Change Password

As of SAP Focused Run 2.0 FP02, the Data Center can simply be changed in the “Global Settings & Network Configuration” application

• Go to the FRUN Launchpad
• Open the “Global Settings & Network Configuration” application
• Go to the “Network Administration” page
• Select the network you want to changed
• Change the Data Center (and any other field you would like to change)
• Press “Save”

For SAP Focused Run 2.0 FP01 and below, follow this procedure:

Note: Only experts shall use this report. Customer Networks are sensitives data. This procedure must only be used to change the Data Center (field:  Data Center 1).

Procedure:

• Ensure your user has the role SAP_FRN_LDB_ALL assigned
• Start transaction SA38
• Run report RLMDB_CUSTOMER_NETWORK_TOOLS
• Depending on what you want to do, check or uncheck the option: Prohibit save of any changes
• Press the "Execute" button
• Resize the displayed columns so, that you can see and edit column: Data Center 1
• Select the line/row for the Customer Network entity which you want to change
• Press the "Display/Change" button
• Edit (by simply (re)typing) the value in column: Data Center 1 (be careful to not change other fields)
• Press the "Save" button
• Exit the report
• Run report RLMDB_CUSTOMER_NETWORK_TOOLS
• Check option: Prohibit save of any changes
• Press the "Execute" button
• Review/confirm that the required change was saved