SAP Basis System Retirement - NW Admin

Direkt zum Seiteninhalt
System Retirement
SWO1 Business Object Builder
The SAP Patch Manager offers two scenarios for inserting support packages or queues: Test Scenario Use the test scenario to determine whether conflicts or problems occur (e.g., unreleased repairs) or whether a modification match is necessary before the actual insertion. This scenario allows you to estimate and minimise the time and effort required to load support packages. In this scenario, no data is imported into the system, and you can continue to play in the event of an error without the error being corrected. You must select the test scenario explicitly. Note that once the test scenario has passed, the queue is empty and needs to be redefined. You must also explicitly choose the default scenario.

SAP's client concept enables a SAP system to be split into several logical sub-systems - clients. These subsystems can be used independently and in isolation as separate systems. But how should non-client transactions be treated? How can you prevent one client from accessing the other and why should you want to prevent that? In this blog post, I will answer these questions and discuss some negative examples. Why is it important to consider independent transactions separately? Imagine that every one of your employees is allowed to create or change a client in the production system, or worse, both. Creating and modifying a client in the production system is authorised and documented - you wonder what could possibly go wrong? The risk in this case is a loss of integrity of system and data, loss of confidentiality: With each new client, Superuser SAP* lives up to its comprehensive, cross-client rights and the assigned standard password.
Data backup and recovery
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.

SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis: www.sap-corner.de.


In practice, it is quite possible that the target specifications defined in the security concept do not match the current actual status. Therefore, especially with regard to SAP security, it must always be checked whether the necessary SAP basic settings also correspond to the minimum level. Although a manual check is possible, it is very time-consuming because the necessary regularizations have to be read, interpreted and technically implemented. The Security Architect - part of the Xiting Authorizations Management Suite (XAMS) software solution developed by Xiting - offers you the possibility to precisely examine the current status of the SAP Basis settings with the help of the integrated check mode, whereby it is also possible to check several systems via RFC, starting from a central system. The scope of the check of system settings and system security includes not only the SAP Basis settings presented here, but also other SAP Basis settings. The scope of the check mode can be extended by self-defined check IDs.

For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.

Therefore, call "Change Permissions Data".

So much information... how can you keep it so that you can find it again when you need it? Scribble Papers is a "note box" that makes this very easy.

A large amount of testing quickly pushes the cost-benefit ratio into the realm of inefficiency, because the time required for testing drives up costs.
NW BASIS
Zurück zum Seiteninhalt