Practitioners for practitioners
IMPORT_PROPER In this step, the repository and table entries are recorded. There are the following reasons that may lead to the termination of this step: TP_INTERFACE_FAILURE: Unable to call tp interface. TP_FAILURE: The tp programme could not be run. For more information, see the SLOG or ALOG log file. TP_STEP_FAILURE: A tp-Step could not be performed successfully. The cause of the error can be found in the appropriate protocol, for example in the import or generation protocol. If the generation (tp-Step G) is aborted, you can either fix the errors immediately or after the commit is completed. In the latter case, you must do the following: To ignore the generation errors, select Additions Ignore Gen Error. Continue the playback. Buffer synchronisation problems can also cause generation errors. For more information, see Note 40584.
New risks in SAP HANA: In addition to the known risks, there are also new risks from the use of SAP HANA. A very good example are frequently used web applications that represent something new in the SAP area. In contrast to an SAP ERP system, HANA systems consist mainly of web applications, which were considered optional in the previous versions. These web applications can be found by various search engines on the Internet. This also applies to SAP Portal or Netweaver. There are URL schemes that help locate the system. This also applies to other SAP systems that use Web applications. This makes the new technology vulnerable to typical web attacks. SQL Injection, ABAP Code Injection, or XSS are all included. All risks known for a normal SAP system also apply to a SAP-HANA system. The data is stored unencrypted in RAM. Only then does the system gain this speed advantage. This results in risks such as a read-out by memory scraping malware. These pick up data in memory. Encryption costs performance, so it is not used by default. Especially during a migration HANA runs in a parallel system, therefore at least one new system comes to your landscape. Also note: HANA has its own tools and settings that need to be known and configured. The bottom line is that the system simply needs more attention when operating. Many settings often result in more errors. Three - points - HANA Security Plan 1) Roles and permissions In a previous SAP system, roles and permissions are certainly one of the main pillars of a secure system. Roles and permissions work differently in a HANA system. There are two types of users: 1) Default (limited): With this type of user, there are different access methods to the database. For example, the JDBC or HTTP technologies are used to give two examples.
You might be interested in:
After the addition of Java Stack (the applications developed in J2EE, BSP, JSP, etc.), the security standard for business processes was increased. Both ABAP and Java stack can be monitored from one platform. Netweaver supports standard protocols such as HTTP, SMTP, XML, SOAP, SSO, WEBDAV, WSDL, WMLSSO, SSL, X.509 and Unicode format (text processing representation).
The SAP Basis & Technology department deals intensively with SAP technologies and their application. The possibilities and limits are investigated and corresponding specifications and tools are developed in order to use the technologies profitably. The results and findings are made available to the other alogis areas and implemented in real-life customer projects.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
Due to the technology diversity, including in the SAP product portfolio, the support by a single silo unit SAP basis is almost impossible.
The selection shall also be justified.