Incident Management
Back up and restore data
So-called Access Control Lists (ACL) offer a good possibility to secure your gateway in order to exclude unwanted external accesses to the database of the application server. With the help of the ACL files reginfo and secinfo an access control can be implemented, in which allowed as well as forbidden communication partners can be defined. The reginfo file controls the registration of external programs on the gateway, which means that rules can be defined that allow or prohibit programs. With the help of the file secinfo you can define which users are allowed to start an external program. To be able to use these files, you must set the parameters gw/reg_info and gw/sec_info (transaction RZ11). For more information, refer to SAP Note 1408081.
In practice, it is quite possible that the target specifications defined in the security concept do not match the current actual status. Therefore, especially with regard to SAP security, it must always be checked whether the necessary SAP basic settings also correspond to the minimum level. Although a manual check is possible, it is very time-consuming because the necessary regularizations have to be read, interpreted and technically implemented. The Security Architect - part of the Xiting Authorizations Management Suite (XAMS) software solution developed by Xiting - offers you the possibility to precisely examine the current status of the SAP Basis settings with the help of the integrated check mode, whereby it is also possible to check several systems via RFC, starting from a central system. The scope of the check of system settings and system security includes not only the SAP Basis settings presented here, but also other SAP Basis settings. The scope of the check mode can be extended by self-defined check IDs.
Creating a basis for the SAP landscape
Before SAP HANA was released, there was no SAP database - you had to install SAP ERP (or the application you were using) on a third-party database, such as Oracle or SQL Server. SAP developed the HANA database to fully leverage the power of SAP's next-generation S/4 software.
In the case of distributed or local SAP systems, it can also be helpful if departments or decentralized IT units can schedule their own jobs themselves. It is important that the associated approval processes can also be mapped and easily tracked. This brings convenience, flexibility and a degree of freedom without neglecting operational security. The integration of the business departments can relieve the IT administrator and turn background processing into an end-to-end process integrated into the organization.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
ADD_TO_BUFFER In this step, the queue is placed in the transport buffer of your system.
A role concept according to best practice protects you from potential attacks within your SAP landscape.