SAP Basis Virtualization of your entire SAP system landscape (some companies additionally operate an SAP HCM system, for example, which also needs to be virtualized) - SAP Corner

Direkt zum Seiteninhalt
Virtualization of your entire SAP system landscape (some companies additionally operate an SAP HCM system, for example, which also needs to be virtualized)
Analysis and elimination of technical problems in the SAP Basis environment under the platforms ORACLE and Windows
The security of an SAP system requires protection against unauthorised access, e.g. through the secinfo and reginfo files. A cleanly implemented authorisation concept protects against attacks within the SAP system. However, it is also possible to attack your SAP system via the network. Through the RFC Gateway Server, your system communicates with external servers and programmes. One particularly effective way to protect against this are so-called Access Control Lists (ACL). Find out what this is and how you can use it to better protect your SAP system. The SAP Standard offers different approaches for gate protection. All methods combined can provide even greater safety. For example, it is possible to use Access Control Lists (ACL) to monitor exactly which external programmes and which hosts can communicate with the gateway. Another option is to configure the gateway to support Secure Network Communication (SNC). Finally, there are various security parameters for the gateway. This article focuses on the use of ACL files such as secinfo and reginfo files. What is an ACL? Access control lists are files in which permitted or prohibited communication partners can be recorded. For the gateway to use these ACL files, parameters must be set in the default profile of the SAP system and of course the files must be maintained accordingly. With the help of logs and traces, which can be configured for this purpose, a precise investigation can be made in advance of the activation, which connections currently run via the gateway. This allows them to prevent important applications with which your system communicates from being blocked by the ACL files. The rules in the ACL files are read from top to bottom of the gateway to decide whether to allow a communication request. If none of the rules matches the requesting programme, it will be blocked. Network-based ACL The network-based ACL file contains permitted and prohibited subnets or specific clients.

An important area of SAP Security is the analysis of the customer's own SAP programs, which are classically written in the proprietary SAP language ABAP. Here, too, as in all programming languages, security vulnerabilities can be programmed - whether consciously or unconsciously. However, the patterns of security vulnerabilities in ABAP code differ from those in Java stacks or Windows programs. The goal of these conventional programs is usually to either crash the program (buffer overflow) or to artificially execute the program's own code (code injection). Both is not possible in ABAP, since a crash of a process causes nothing else than the creation of an entry in the log database (Dump ST22) and a subsequent termination of the report with return to the menu starting point. So a direct manipulation as in other high level languages or servers is not possible. However, there are other manipulation possibilities.
Good teamwork skills, good communication skills and a service-oriented attitude with high self-motivation and willingness to perform
Different customers have different support requirements and concepts. We support them on-site as an extension of their internal team as well as through remote connections. Be it on an ad hoc basis (e.g. release upgrade, DB upgrade, optimization of Solution Manager) or on a permanent basis (e.g. monitoring of operations in SLR, fast reactions in defined exceptional cases, planned maintenance), we have the right team, the appropriate procedures (ITIL) and the modern tools to implement your requirements.

As we explained in SAP Basis, your SAP Basis administrator (or team) is directly responsible for keeping your SAP landscape healthy, online, and up-to-date. This includes:

For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.

Daily monitoring and maintenance of your systems.

SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.


If you want to set the queue for another software component, select New Component.
SAP Corner
Zurück zum Seiteninhalt