SCC1 Client copy
Objectives of the training SAP HANA - Installation and Administration:
This is the heart of the SAP system. In the classic three-tier model, this would be the logic or control layer. One or more application servers host the necessary services for the various applications at this layer. These application servers provide all the services required by the SAP applications. In theory, a single server could fill this role. In practice, these services are in most cases distributed among several servers, each serving different applications.
In addition to scanning and identifying the respective security vulnerabilities of a program, it is also possible to stop tasks that are to be transported to other SAP systems with security vulnerabilities in the further transport process This applies, for example, to the CHARM process based on SAP Solution Manager. This forces a programmer to securely check the programs he or she is responsible for according to the same security criteria. If a program then still has security problems, it can either be released via the dual control principle or returned for further processing. Do you know of any other solutions for improving ABAP code security or have you already gained experience with the products mentioned above? I look forward to your comments!
Migration from a change of operating system, homogeneous/heterogeneous database
The presentation layer is based on the software components, collectively called "SAP GUI". This includes several possible implementation variants: for example, SAP GUI for HTML (Web GUI) and Web Dynpro for ABAP (WDA). Since the respective GUI depends entirely on the concrete application, the presentation layer looks very different in practice.
Why should we even have an individual SAP Security Check performed? Your SAP authorisation concept is designed to ensure the security and protection of data against unauthorised access and abuse. The technical complexity of SAP systems and the ongoing adaptations of business processes often lead to unknown security vulnerabilities. In addition, the increasing digital networking with business partners offers further attack points on your SAP system. SAP Security Check gives you an overview of the security situation of your SAP systems. This will identify potential risks that could jeopardise the safe operation of your IT landscape. Your starting situation The ongoing changes in your IT systems lead to unrecognised security vulnerabilities and your auditors will regularly report to you in the final report on abuses in the authorisation concept. The legal requirements (e.g. EU guidelines) to secure your business processes and IT systems have not yet been implemented and the increasing networking with business partners presents new challenges to your security system. The security-related system settings and permissions settings applied to your SAPS systems are poorly documented, which in many cases causes the system settings to allow extensive critical access unchecked. Critical SAP permissions, profiles, and roles identify permissions that allow critical operations to be performed in terms of security or from a legal or business perspective are called "critical permissions" by SAP. The granting of critical allowances must therefore generally be carried out with particular care and should therefore be planned in advance. Technical and organisational measures and processes must then ensure that the desired level of safety is implemented.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP basis.
In order to guarantee an optimal operation process a permanent operation is recommended.
Some useful tips about SAP basis can be found on www.sap-corner.de.
The legal requirements (e.g. EU guidelines) to secure your business processes and IT systems have not yet been implemented and the increasing networking with business partners presents new challenges to your security system.