SAP Basis Table logging and table protection - NW Admin

Direkt zum Seiteninhalt
Table logging and table protection
Job Management Concept
A trick often used by administrators is to allow for time buffers before starting the next job. The buffer times are necessary because it is not possible to predict exactly how long a job will take to complete, since the duration depends on many incalculable parameters. Since it makes little sense to run backups and SAP jobs at the same time, these tasks are usually done one after the other rather than in parallel. In more complex environments, data backup durations, time buffers and job runtimes add up to such an extent that the time available is no longer sufficient to perform all activities within the available time corridor. Tools that work with status dependencies and then automatically start the next job when its predecessor job has been processed without errors can help here.

Why should we even have an individual SAP Security Check performed? Your SAP authorisation concept is designed to ensure the security and protection of data against unauthorised access and abuse. The technical complexity of SAP systems and the ongoing adaptations of business processes often lead to unknown security vulnerabilities. In addition, the increasing digital networking with business partners offers further attack points on your SAP system. SAP Security Check gives you an overview of the security situation of your SAP systems. This will identify potential risks that could jeopardise the safe operation of your IT landscape. Your starting situation The ongoing changes in your IT systems lead to unrecognised security vulnerabilities and your auditors will regularly report to you in the final report on abuses in the authorisation concept. The legal requirements (e.g. EU guidelines) to secure your business processes and IT systems have not yet been implemented and the increasing networking with business partners presents new challenges to your security system. The security-related system settings and permissions settings applied to your SAPS systems are poorly documented, which in many cases causes the system settings to allow extensive critical access unchecked. Critical SAP permissions, profiles, and roles identify permissions that allow critical operations to be performed in terms of security or from a legal or business perspective are called "critical permissions" by SAP. The granting of critical allowances must therefore generally be carried out with particular care and should therefore be planned in advance. Technical and organisational measures and processes must then ensure that the desired level of safety is implemented.
SPAM Support Package Manager
This option is useful if several transactions are to be checked simultaneously for their existing assignment to a particular user. This variant must first identify all roles that have already been assigned to the user. This is done in the transaction SE16N by entering the table AGR_USERS. In addition, the limit of the maximum hit number can be set in this image. The user concerned must now be entered here. Furthermore, the output should be limited to the roles only. After the query is executed, all the roles assigned to the previously entered user are displayed. These are now completely marked and copied. Then in the transaction SE16N a step back is taken and this time the table AGR_1251 is selected. Now all the roles that have been copied previously are inserted here. In addition, the object S_TCODE and the transactions to be searched for are filtered. Warning: When entering transaction codes, be sure to be case-sensitive! At this point, the output can also be limited to the roles and object values (in this case, the transactions). After the query is executed, the transactions entered will now show those that the user can already perform. In addition, the role assigned to the transaction is shown. In conclusion, the SUIM is only partially suitable for identifying certain transactions with user assignment. Although the search using the S_TCODE permission object also allows you to view multiple transactions. However, since the result is missing the assignment of transactions considered to roles, the SUIM transaction can only be usefully used to check a single transaction for its existing assignment to a particular user.

SAP Basis refers to the administration of SAP system that includes activities like installation and configuration, load balancing, and performance of SAP applications running on Java stack and SAP ABAP. This includes the maintenance of different services related to database, operating system, application and web servers in SAP system landscape and stopping and starting the system. Here you can find some useful information about SAP Basis:

Migrations occur, for example, when a customer decides to host his systems at Rödl & Partner and the SAP systems therefore have to be migrated from in-house operation or from the original hosting provider to our data center. Also in the course of a conversion to S/4HANA, the data is migrated from the original database type to an SAP HANA database. This is also done with the tool "SUM" (Software Update Manager) via the so-called "DMO" (Database Migration Option).

"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.

Conversely, the application server passes information that the user enters via the GUI on to the database.

To store all the information on the subject of SAP - and others - in a knowledge database, Scribble Papers is suitable.

For many companies, the topic of security automation still offers a lot of potential in terms of time savings and process optimisation.
Zurück zum Seiteninhalt