Enterprise-grade SAP ERP network architecture with Oracle Database backend demonstrates defense-in-depth security across five VLANs. Traffic flows from WAN through DMZ components—SAProuter, WAF, outer firewall, reverse proxy, and VPN gateway—into a core layer managed by VLAN-trunked switches and inner firewall. VLAN 10 hosts SAP Central Instance with dispatcher, Oracle DB Server on port 1521, and multiple application servers; VLAN 20 isolates Solution Manager, internal SAProuter, monitoring, and log servers; VLAN 30 and 50 provide dedicated interface zones for external system integrations; VLAN 40 serves client access via SAP GUI and web clients. This template solves the challenge of securing SAP landscapes while maintaining connectivity to SAP Support Network and third-party systems. Fork this diagram on Diagrams.so to customize IP schemes, add your interface protocols, or export as .drawio for Visio-compatible documentation.