SAP Basis Implementation of security updates, patches and enhancement packages

Direkt zum Seiteninhalt
Implementation of security updates, patches and enhancement packages
Administration SAP & SAP HANA- Seminars - Online or Presence
New risks in SAP HANA: In addition to the known risks, there are also new risks from the use of SAP HANA. A very good example are frequently used web applications that represent something new in the SAP area. In contrast to an SAP ERP system, HANA systems consist mainly of web applications, which were considered optional in the previous versions. These web applications can be found by various search engines on the Internet. This also applies to SAP Portal or Netweaver. There are URL schemes that help locate the system. This also applies to other SAP systems that use Web applications. This makes the new technology vulnerable to typical web attacks. SQL Injection, ABAP Code Injection, or XSS are all included. All risks known for a normal SAP system also apply to a SAP-HANA system. The data is stored unencrypted in RAM. Only then does the system gain this speed advantage. This results in risks such as a read-out by memory scraping malware. These pick up data in memory. Encryption costs performance, so it is not used by default. Especially during a migration HANA runs in a parallel system, therefore at least one new system comes to your landscape. Also note: HANA has its own tools and settings that need to be known and configured. The bottom line is that the system simply needs more attention when operating. Many settings often result in more errors. Three - points - HANA Security Plan 1) Roles and permissions In a previous SAP system, roles and permissions are certainly one of the main pillars of a secure system. Roles and permissions work differently in a HANA system. There are two types of users: 1) Default (limited): With this type of user, there are different access methods to the database. For example, the JDBC or HTTP technologies are used to give two examples.

It is possible to specify a trace level for each rule in the ACL file to monitor each communication channel individually. It can be used with SNC without any further configuration. The use of the file is controlled by the gw/acl_file parameter by simply setting it to the appropriate file name. Use of external programmes If an external programme wants to communicate with your SAP system, it must first register at the gateway. The programmes which this is approved are controlled by the reginfo ACL file. This defines rules that allow or prohibit certain programmes. The syntax of the file allows you to define not only the name of the programme, but also the host on which the programme runs and hosts that can use and exit the programme. The gw/reg_info parameter must be set to use this file. In addition, there is the ACL file secinfo, which allows to configure which users can start an external programme. This defines rules that allow certain usernames from the SAP system to use certain external programmes. In addition, you can also define the hosts on which these programmes will run. For example, it is possible to allow a user to run the programme "BSP" on the host "XYZ", but not on the host "ABC". This file is controlled by the gw/sec_info parameter. Using the gateway as a proxy Since the gateway of your SAP system can also serve as a proxy server, the prxyinfo ACLDatei should also be activated via the gw/prxy_info parameter. Suppose you have 3 SAP systems in your network: SRC, TRG and PRX. If SRC cannot communicate directly with TRG, but both with PRX it would be possible to use the gateway of the PRX system as a proxy server, i.e. to communicate via it. So, in order to prevent this from happening to everyone, this property should be urgently restricted. As with the other ACL files, rules are defined which hosts can communicate with which hosts via the gateway. The syntax of the different ACL files may vary depending on the release level. It is therefore advisable to read them in the appropriate SAP documentation before activating the ACL files. You can also find more support for using ACL files in the SAP Community Wiki.

SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis: www.sap-corner.de.
OUTSOURCING NON-SAP PRODUCT MANAGEMENT
How are blockchain and digital currencies related? Blockchain technology provides the basis for the existence of a decentralised digital currency. Such a currency is an application that can be executed on the basis of an underlying blockchain. However, the blockchain offers many more applications, such as ownership, identification, communication, etc. , all of which want to get rid of a central controlling party. Blockchain: is the immutable transaction history of a decentralised community. Cryptocurrency: An application of blockchain technology to use a blockchain to secure information about the currency via cryptography. What is Mining? Mining is one of the most misunderstood things about cryptocurrencies. Most people believe that mining is a process in which a cryptocurrency is created. But that is wrong. Mining is a process in a decentralised system to build consensus. Consensus means consent and agreement on what happened and what didn't. In a central system, the central institution does that. For example, a bank with all its advantages and disadvantages. In a decentralised system, the Community decides. To avoid any disagreements, "Mining" is used as one of the possibilities.

As a member of the SAP Basis specialist team, your responsibilities will include the design, operation, administration, support and installation of an extensive SAP system landscape with over 50 systems for 17 universities and 2 institutions in Lower Saxony. Furthermore, you will monitor the SAP system landscape as well as its interfaces to external systems and carry out measures within the scope of software lifecycle management (e.g. note maintenance, support stacks, release upgrades) and change management (e.g. hardware migration, transport system and documentation). As part of the SAP Basis team, you will be the contact person for organizational and technical questions of the universities and in 3rd-level support for user inquiries.

"Shortcut for SAP Systems" simplifies tasks in the area of the SAP basis and complements missing functions of the standard.

An Emergency User is normally used when tasks are temporarily taken over outside the initial field of activity.

To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.


With the SPAM transaction, you can always find out about the record status of your system.
Zurück zum Seiteninhalt