PGCS – Opentext VIM Solution

Technical Architecture
WORK IN PROGRESS

The Information Company

Prepared By:
OpenText

Thames Valley Park

420 Thames Valley Park Drive

Reading

RG6 1PU

United Kingdom

Date

Authors Alan Mildren; Thejaswi Reddy Thathi

Version 0.2
Release Date
Status Work in Progress
Contents
1 Introduction..................................................................................................... 5
2 Environments.................................................................................................. 6
3 Software Specifications.................................................................................7
3.1 Opentext Software....................................................................................7
3.2 Software Deployment – Production / UAT Servers...................................7
3.3 Software Deployment – QA / Dev Servers................................................8
3.4 Software Deployment – Clients.................................................................9
3.4.1 IC4S Validation Clients...................................................................9
3.4.2 Archive Server Administration Client............................................10
4 Hardware Specifications..............................................................................10
4.1 Production Servers.................................................................................10
4.2 UAT Servers........................................................................................... 11
4.3 Upper Landscape – QA/Dev - Servers....................................................11
4.4 Lower Landscape – QA/Dev - Servers....................................................12
4.5 Clients..................................................................................................... 12
4.5.1 IC4S Validation Clients.................................................................12
4.5.2 Archive Server Administration Client............................................12
5 Network Connections and Ports..................................................................13
5.1 Production and UAT Connections...........................................................13
5.2 Production Ports.....................................................................................14
5.3 UAT Ports...............................................................................................14
5.4 Upper & Lower Landscape - QA/Dev Connections.................................15
5.5 Upper Landscape - QA/Dev Ports...........................................................16
5.6 Lower Landscape – QA/Dev Ports..........................................................16
6 Encryption..................................................................................................... 17
6.1 Data in Transit (SSL/TLS).......................................................................17
6.2 Data at Rest............................................................................................ 17
7 Resilience...................................................................................................... 17
7.1.1 Hardware......................................................................................17
7.1.2 Application....................................................................................19
7.1.3 Backup and Restore.....................................................................19
Appendix A: Archive Center Configuration.......................................................20

Statement of Confidentiality
Copyright © 2020 Open Text Corporation. OpenText and Open Text are trademarks or registered
trademarks of Open Text Corporation. This list is not exhaustive. All other trademarks or registered
trademarks are the property of their respective owners. All rights reserved. For more information,
visit: http://www.opentext.com/2/global/site-copyright.html
Document Information

Revision History
Version Date Author(s) Description
No.

0.1 11th Nov 2020 Alan Mildren First Draft

0.2 20 Nov 2020
th
Thejaswi Reddy Thathi Updates for IC4S
Alan Mildren Updated to include SAP System names

Document Release and Approval

Name Title Organisation Signature Date
1 Introduction
Document is Work in Progress – dependency on Blueprinting Workshop “VIM Day 9” to complete.

This document describes the Technical Architecture and Infrastructure for the Opentext VIM
implementation for PGSC..

The implementation consists of the following Opentext products:

 Opentext Vendor Invoice Management (VIM)

 Opentext Business Center (BC)
 Opentext Intelligent Capture for SAP (IC4S)
 Opentext Archive Center

The system is used to store and process invoices received from vendors. Vendors send invoices to
PGSC as PDF attachments in emails. The Opentext BC software in SAP will poll and retrieve the emails
from the mailbox, archive the documents into Opentext Archive Center, call IC4S to extract business data
from the documents and complete processing of the incoming invoice in SAP. The IC4S Validation Client
is used to check/validate the invoice data extracted from the documents.
2 Environments
The Opentext VIM solution will be deployed in the following PGCS environments:

Environme Landscap Sap ECC

Description Location
nt e System
Production System
London Data Centre
Production Upper P17 Separate Servers for IC4S, Archive Center,
‘Secure Zone’
and Archive Center Database
Frankfurt Data
Similar architecture and sizing to
UAT Lower U17 Centre
Production
‘Secure Zone’
Reduced number of Servers and smaller
QA QA – Q17 data volume than production: Frankfurt Data
Upper
DEV Dev – D17  Archive Center and Database will Centre
be co-hosted on a single server
 that will be used for both QA and
Dev1
 Single IC4S Server will be used for
both QA and Dev
QA QA – Q22 Similar architecture and sizing to Upper Frankfurt Data
Lower
DEV Dev – D22 Landscape QA and Dev Centre

3 Software Specifications
3.1 Opentext Software
The Opentext VIM solution comprises the following Opentext products

Product Version Description Notes

Archive Center
Administration Client
Intelligent Capture for SAP
IC4S Validation Client
Business Center
20.2 Document archiving
20.2 UI for administering Archive Center
16.7.1 Patch2 OCR data extraction/validation Also known as IC4S
16.7.1 Patch7 UI to check/validate OCR output Installed on Client PC’s
16.3.5 Receive/process incoming documents Deployed within SAP

1
Opentext recommends using different SAP Content Repository names (and hence different Archive
names in Archive Server) in QA and Dev SAP Systems to separate the data in the Archive Server.
 Vendor Invoice Management 7.5 SP11 Invoice processing automation Deployed within SAP

The Opentext software can be downloaded from SAP Marketplace as:

- Archiving and Document Access for SAP (contains Archive Center and Administration Client)
- VIM
- Business Center
- Intelligent Capture for SAP

3.2 Software Deployment – Production / UAT Servers

The following table identifies the software (Opentext and non-Opentext) that will be installed on each of
the Production and UAT servers. Opentext will install the software unless otherwise noted. Details of
software deployed within SAP is described in the Technical Design Document

Server Vendor Product Version Notes

Installed by PGCS
Windows Server 2019
IIS & ASP .NET server components required
Microsoft Visual C++ Redistributable 2013
OCR Server
Visual C++ Redistributable 2015
.Net Framework 4.8 Requires version 4.8 or later
Opentext Intelligent Capture for SAP 16.7.1 Patch2
Windows Server 2019 Installed by PGCS
Visual C++ Redistributable 2017
Microsoft
.Net Framework 4.5.1 4.5 Service Pack 1 or later Service Pack
SQL Server Client Need to verify specific SQL Client detail
Archive Server
OpenJDK Java JDK 11.0.6 From https://wiki.openjdk.java.net
Apache Tomcat 9.0.37
Archive Center 20.2
Opentext
Administration Client 20.2
Database Windows Server 2019 Installed by PGCS
Microsoft
Server SQL Server 2019 Installed by PGCS
3.3 Software Deployment – QA / Dev Servers
The following table identifies the software (Opentext and non-Opentext) that will be installed on each of
the Upper and Lower Landscape QA/Dev servers. Opentext will install the software unless otherwise
noted. Details of software deployed within SAP is described in the Technical Design Document

Server Vendor Product Version Notes

Installed by PGCS
Windows Server 2019
IIS and ASP .NET server components required

Microsoft Visual C++ Redistributable 2013

OCR Server
Visual C++ Redistributable 2015
.Net Framework 4.8 Requires version 4.8 or later
Opentext Intelligent Capture for SAP 16.7.1 Patch2
Archive / DB Windows Server 2019 Installed by PGCS
Server
Visual C++ Redistributable 2017
Microsoft
.Net Framework 4.5.1 4.5 Service Pack 1 or later Service Pack
SQL Server 2019 Installed by PGCS
OpenJDK Java JDK 11.0.6 From https://wiki.openjdk.java.net
 Apache Tomcat 9.0.37
Archive Center 20.2
Opentext
Administration Client 20.2

3.4 Software Deployment – Clients

3.4.1 IC4S Validation Clients
Installation of IC4S validation client software will be done on all the user machines who will be validating
the invoice data extracted from OCR.

The following software will be installed on the IC4S Validation Clients

Server Vendor Product Version Notes

IC4S Windows
Validation Visual C++ Redistributable 2013
Clients Microsoft
Visual C++ Redistributable 2015
.Net Framework 4.8 Requires version 4.8 or later
Requires version 3.0.18 or later
SAP .Net Connector 3.0.18
compiled with .Net Framework 4.0
Opentext IC4S Validation Client 16.7.1
 Patch7

3.4.2 Archive Server Administration Client

Archive Server Administration Client will be installed on the Archive Server host.

4 Hardware Specifications
The following tables contain the hardware specifications for the Opentext VIM implementation. Additional
installation prerequisites (user accounts, database configuration etc.) have been provided in separate
documents)

4.1 Production Servers

Server Specification Notes
OCR Server  OS Windows 2019 1.3GB RAM is required for each core +
 CPU 4 one core for Windows OS
 RAM 12GB 2.150 MB * No. of pages * No. of
(Notes 1) extraction nodes
 No. of Processing Nodes 3 3.Minimum of 20 GB + Trace files +
 No of Pages per Invoice 4 Data of documents waiting for
 No of Extraction Nodes 5 processing
 Disk space for extraction(GBytes) 3
(Notes 2)
 Disk space 35 GB (Notes 3)
Archive Server  OS Windows 2019 32GB memory is high for Archive Server
 CPU 4 (Minimum is 8GB, recommended is
16GB)
 Memory 32GB
Disk allocation as described is
 Drives: recommended best practice for Archive
o C: xxGB (O/S) Server installations
o D: 50GB (Software Install) Size the OS Drive in accordance with
o E: 30GB (BurnBuffer) PGCS standards.
o F: 100GB (Buffers)
o G: 1TB (Archive Content)
Database Server  OS Windows 2019 DBA to decide on appropriate
 CPU 4 location/size of SQL Server installation,
database file groups, tempdb,
 Memory 32GB
transaction logs, and backups in
 Database Storage: accordance with PGCS standards
o 100GB for Archive Server
Database data/index file groups

4.2 UAT Servers

Server Specification Notes
OCR Server  OS Windows 2019 1.3GB RAM is required for each core +
 CPU 4 one core for Windows OS
 RAM 12GB 2.150 MB * No. of pages * No. of
(Notes 1) extraction nodes
 No. of Processing Nodes 3 3.Minimum of 20 GB + Trace files +
 No of Pages per Invoice 4 Data of documents waiting for
 No of Extraction Nodes 5 processing
 Disk space for extraction(GBytes) 3
(Notes 2)
 Disk space 35 GB (Notes 3)
Archive Server  OS Windows 2019 32GB memory is high for Archive Server
 CPU 4 (Minimum is 8GB, recommended is
16GB)
 Memory 32GB
Disk allocation as described is
 Drives: recommended best practice for Archive
o C: xxGB (O/S) Server installations
o D: 50GB (Software Install) Size the OS Drive in accordance with
o E: 30GB (BurnBuffer) PGCS standards.
o F: 100GB (Buffers)
o G: 1TB (Archive Content)
Database Server  OS Windows 2019 DBA to decide on appropriate
 CPU 4 location/size of SQL Server installation,
database file groups, tempdb,
 Memory 32GB
transaction logs, and backups in
 Database Storage: accordance with PGCS standards
o 100GB for Archive Server
Database data/index file groups

4.3 Upper Landscape – QA/Dev - Servers

Server Specification Notes
OCR Server  OS Windows 2019 1.3GB RAM is required for each core + one
 CPU 4 core for Windows OS
 RAM 12GB 2.150 MB * No. of pages * No. of extraction
(Notes 1) nodes
 No. of Processing Nodes 3 3.Minimum of 20 GB + Trace files + Data of
 No of Pages per Invoice 4 documents waiting for processing
 No of Extraction Nodes 5
 Disk space for extraction(GBytes) 3
(Notes 2)
 Disk space 35 GB (Notes 3)
Archive /  OS Windows 2019 Size the OS Drive in accordance with
Database Server  CPU 4 PGCS standards.
 Memory 32GB DBA to decide on appropriate location/size
of SQL Server installation, database file
 Drives: groups, tempdb, transaction logs, and
o C: xxGB (O/S) backups in accordance with PGCS
o D: 50GB (Software Install) standards
o E: 100GB (Archive Content)
 o F: 50GB (BurnBuffer, Buffers)
 Database Storage:
o 100GB for Archive Server
Database data/index file groups

4.4 Lower Landscape – QA/Dev - Servers

Server Specification Notes
OCR Server  OS Windows 2019 1.3GB RAM is required for each core + one
 CPU 4 core for Windows OS
 RAM 12GB 2.150 MB * No. of pages * No. of extraction
(Notes 1) nodes
 No. of Processing Nodes 3 3.Minimum of 20 GB + Trace files + Data of
 No of Pages per Invoice 4 documents waiting for processing
 No of Extraction Nodes 5
 Disk space for extraction(GBytes) 3
(Notes 2)
 Disk space 35 GB (Notes 3)
Archive /  OS Windows 2019 Size the OS Drive in accordance with
Database Server  CPU 4 PGCS standards.
 Memory 32GB DBA to decide on appropriate location/size
of SQL Server installation, database file
 Drives: groups, tempdb, transaction logs, and
o C: xxGB (O/S) backups in accordance with PGCS
o D: 50GB (Software Install) standards
o E: 100GB (Archive Content)
o F: 50GB (BurnBuffer, Buffers)
 Database Storage:
o 100GB for Archive Server
Database data/index file groups

4.5 Clients
4.5.1 IC4S Validation Clients
Dedicated hardware is not required. Installation of validation client will be done on all the user machines
who will be validating the invoice data extracted from OCR

4.5.2 Archive Server Administration Client

Dedicated hardware is not required. Administration Client will be installed on the Archive Server.
5 Network Connections and Ports
5.1 Production and UAT Connections
The network connections are shown in the following diagram – Architecture for Prod (P17) and UAT (U17)
is the same:
The following tables identify the connections between servers and ports used. These details can be used
to ensure the required firewall ports are open.

5.2 Production Ports

Source Target Protocol Notes
 Server Port2
TBC3 Archive Server 3389 TCP RDP Remote Desktop Connection
TBC OCR Server 3389 TCP RDP Remote Desktop Connection
SAP ECC P17 Mail Server 465 TCP SMTP/SSL Connection to retrieve email
SAP ECC P17 Archive Server 8443 TCP HTTPS SAP ArchiveLink Connection
SAP ECC P17 OCR Server 443 TCP HTTPS/RFC SSL Certificates
OCR Server SAP ECC P17 8443 TCP HTTPS/RFC SSL Certificates
Archive Server SQL Server 1433 TCP TDS Archive Server DB connection
IC4S Validation Clients SAP ECC P17 TCP HTTPS/RFC Need to verify connection details…

5.3 UAT Ports

Target
Source Protocol Notes
Server Port
TBC Archive Server 3389 TCP RDP Remote Desktop Connection
TBC OCR Server 3389 TCP RDP Remote Desktop Connection
SAP ECC U17 Mail Server 465 TCP SMTP/SSL Connection to retrieve email
SAP ECC U17 Archive Server 8443 TCP HTTPS SAP ArchiveLink Connection
SAP ECC U17 OCR Server 443 TCP HTTPS/RFC SSL Certificates
OCR Server SAP ECC U17 8443 TCP HTTPS/RFC SSL Certificates
Archive Server SQL Server 1433 TCP TDS Archive Server DB connection
IC4S Validation Clients SAP ECC U17 TCP HTTPS/RFC Need to verify connection details…

2
Ports listed are the default ports
3
We assume RDP will be used to login to the Archive Centre Servers to do the software installation, but
we don’t yet know where we will connect from.
5.4 Upper & Lower Landscape - QA/Dev Connections
The network connections are shown in the following diagram – Architecture for Upper Landscape
Dev(D17) /QA (Q17) and Lower Landscape Dev(D22) / QA(Q22) is the same:
5.5 Upper Landscape - QA/Dev Ports
Source Target Protocol Notes
 Server Port
TBC Archive Server 3389 TCP RDP Remote Desktop Connection
TBC OCR Server 3389 TCP RDP Remote Desktop Connection
SAP ECC Q17 Mail Server 465 TCP SMTP/SSL Connection to retrieve email
SAP ECC Q17 Archive Server 8443 TCP HTTPS SAP ArchiveLink Connection
SAP ECC Q17 OCR Server 443 TCP HTTPS/RFC
SAP ECC D17 Mail Server 465 TCP SMTP/SSL Connection to retrieve email
SAP ECC D17 Archive Server 8443 TCP HTTPS SAP ArchiveLink Connection
SAP ECC D17 OCR Server 443 TCP HTTPS/RFC
OCR Server SAP ECC Q17 8443 TCP HTTPS/RFC SSL Certificates
OCR Server SAP ECC D17 8443 TCP HTTPS/RFC SSL Certificates
IC4S Validation Clients SAP ECC Q17 TCP HTTPS/RFC Need to verify connection details…
IC4S Validation Clients SAP ECC D17 TCP HTTPS/RFC Need to verify connection details…

5.6 Lower Landscape – QA/Dev Ports

Target
Source Protocol Notes
Server Port
TBC Archive Server 3389 TCP RDP Remote Desktop Connection
TBC OCR Server 3389 TCP RDP Remote Desktop Connection
SAP ECC Q22 Mail Server 465 TCP SMTP/SSL Connection to retrieve email
SAP ECC Q22 Archive Server 8443 TCP HTTPS SAP ArchiveLink Connection
SAP ECC Q22 OCR Server 443 TCP HTTPS/RFC
SAP ECC D22 Mail Server 465 TCP SMTP/SSL Connection to retrieve email
SAP ECC D22 Archive Server 8443 TCP HTTPS SAP ArchiveLink Connection
SAP ECC D22 OCR Server 443 TCP HTTPS/RFC
OCR Server SAP ECC Q22 8443 TCP HTTPS/RFC SSL Certificates
OCR Server SAP ECC D22 8443 TCP HTTPS/RFC SSL Certificates
IC4S Validation Clients SAP ECC Q22 TCP HTTPS/RFC Need to verify connection details…
IC4S Validation Clients SAP ECC D22 TCP HTTPS/RFC Need to verify connection details…
6 Encryption
6.1 Data in Transit (SSL/TLS)
Traffic between servers will be encrypted with SSL. Signed certificates will be required for the
Servers/Services where SSL terminates.

The ‘Root CA Certificate’ will be needed in the Trust Store on the clients that connect to the service.

The following table shows the SSL end-points and clients for which certificates will be required:

Certificate Requirements:

Environment Server where Certificate is needed

Archive Server - Tomcat
Production
OCR (IC4S) Server
Archive Server - Tomcat
UAT
OCR (IC4S) Server
Archive Server - Tomcat
Upper Landscape QA/Dev
OCR (IC4S) Server
Archive Server - Tomcat
Lower Landscape QA/Dev
OCR (IC4S) Server

6.2 Data at Rest

What is the requirement?

 Encryption of the archived documents can be enabled in Archive Server if needed

 The database holds the ‘pointers’ to the archived documents so is not typically encrypted (SAP
holds the ‘metadata’ associated with the documents)

7 Resilience
The following information was taken from PGCS Visio “PGCS Opentext_Arch_290920”> - Details TBC

In accordance with PGCS business decision, dedicated infrastructure will not be provisioned to provide
High Availability but will instead rely on underlying VMWare ESX capabilities.

7.1.1 Hardware
VMWare Site Recovery Manager (SRM) will be used to replicate and failover the Production Servers from
the London data center to the Frankfurt data center. The following diagram has been extracted from a
Visio document provided by PGCS:
7.1.2 Application
All application components are ‘single instance’ so there is no resilience at the application layer – if a
single service fails (e.g. the SQL Server), the system will not be available.

7.1.3 Backup and Restore

The Opentext Archive Server and Database hold the archived documents and should be backed up
regularly. Schedule is dependent on the Recovery Point Objective (RPO) – TBC

The minimum backup requirements are:

Component Backup Requirements

Archive Server Database
Archive Server
OCR (IC4S) Server
Database in Full Recovery Mode to allow ‘point in time’ restore
Database backup files and transactions logs backed up
The following should be backed up:
 Buffer drives
 Archive Content Drives
 Software Installation Drive
The following should be backed up:
 Software Installation Drive
Appendix A: Archive Center Configuration
The Archive Center requires configuration – the following describes the Archive Center configuration
design:

Pool Types: Options available are:

Pool Type Pros Cons

Write-at-Once (ISO)
Multiple documents are written
to an ISO file when sufficient
documents have collected in
the Buffe.
Originally intended for storing
archive documents on optical
media.
Single File (FS)
Individual files are written to
the storage area via the Buffer
Massively reduces the number of
files held in the content storage
area – benefits for system
management such as
Backup/Restore etc.
Physical deletion of individual files
is possible
New files are written to the final
storage area every time the
PoolWrite job runs
Not able to physically delete individual
documents – all documents in the ISO
must be marked for deletion before
any files are deleted.
New files are only written to the final
storage area when sufficient new files
have collected in the Buffer to write the
ISO. On low volume systems, files may
exist only in the Buffer for lengthy
periods, or even permanently
Unless managed, individual volumes
may end up containing millions of files.
This can result in challenges for (e.g.)
backup or copying the files to a new
server.

Storage Tiers – do we want one?

Config Element Details Notes

Authentication Archive Server will be configured to use
‘Internal’ authentication (i.e. not OTDS)
Volumes The following Volumes will be created:
 1 x Hard Disk Volume on a
dedicated drive for the Buffer
 1 x Hard Disk Volume for each
Logical Archive – all sharing the
same dedicate drive
Storage Devices A storage device will be created for each
Archive
Buffers A single Buffer will be created on the
Buffer volume and used by all Logical
Archives
Storage Devices None
Original Archives The number and name of Logical
There is no functional requirement for OTDS
in the solution. If this should be required in
future (e.g. to support SAP ILM archiving),
OTDS can be introduced and the
authentication method switched to use OTDS
All data will be stored on local drives
attached to the server
Only if using Single File
Only if using ISO…
The system will use ‘Single File’ archiving.
The Logical Archive Name must match the
 Archives will be added when the details name of the SAP Content Repository
are known.
The following settings will be applied to NOTE: LL & UL environments will use a
the Archives (provisional…) single Archive Server for Dev and Test.
 Archive Config - Security: The logical archive names (and therefore the
o Authentication (SecKey) SAP Content repository names) must be
Enabled for Read, Create, different in DEV and QA.
Update, Delete
o SSL
May use
o Document Deletion
Is Allowed
 Archive Config - Settings:
o Compression: Enabled
o Encryption: TBC
o Audit enabled: TBC
 Archive Config – Retention
o No Retention
 Archive Config – Timestamps
o No Timestamps
Pools A single Pool will be created for each Options are:
Original Archive: - Single File (FS) – documents are stored
 Pool Type: TBC in the content storage individually
- Write-at-once (ISO) – an ISO file
containing multiple documents is stored
in the content storage

There is no requirement to configure the following areas of Archive Center:

 Caches (Global cache will be used)

 Cache Servers
 Known Servers
 Scan Stations