Migration of your SAP system
Free-form recognition and document check
A role concept according to best practice protects you from potential attacks within your SAP landscape. However, to protect your system from unauthorized access via the network, a correct configuration of the SAP gateway is required. It enables the use of external programs via interfaces or the call of ABAP programs and serves as a technical component of the application server, which manages the communication of all RFC-based functions.
You can reduce the Queue selection. To do this, select the Support Package that should be the last in the queue. After that, the queue is recalculated. You can also start the recalculation explicitly with Queue. Note that you can only select Support Packages that are part of the software component you have selected (the mouse cursor will change its appearance accordingly). The support packages associated with the calculated queue are green. The highest support package of the previously selected software component is additionally marked with a green tick. The support packages that are no longer part of the queue are still visible in the list and can be selected again. If you want to set the queue for another software component, select New Component. Result You have defined a queue. Now insert the support packages in the queue [page 20]. Rules for the Queue The following rules apply to creating a Queue: If it is an FCS system, the first step is an FCS Support Package. If it is missing from the queue, it cannot be defined. Instead, you will receive an error message telling you the name of the missing FCS Support Package. You cannot insert an FCS support package in a non-FCS system (official state of delivery). Support packages for a selected component are queued in order. If support packages in the queue have connections to support packages of another component (further predecessor relationship, required CRT), the queue will be extended by additional support packages until all predecessor relationships are fulfilled. Note that the SAP Patch Manager takes into account the configuration of your SAP system and only adds support packages to the queue that can be inserted into your system.
SPAM permissions
New risks in SAP HANA: In addition to the known risks, there are also new risks from the use of SAP HANA. A very good example are frequently used web applications that represent something new in the SAP area. In contrast to an SAP ERP system, HANA systems consist mainly of web applications, which were considered optional in the previous versions. These web applications can be found by various search engines on the Internet. This also applies to SAP Portal or Netweaver. There are URL schemes that help locate the system. This also applies to other SAP systems that use Web applications. This makes the new technology vulnerable to typical web attacks. SQL Injection, ABAP Code Injection, or XSS are all included. All risks known for a normal SAP system also apply to a SAP-HANA system. The data is stored unencrypted in RAM. Only then does the system gain this speed advantage. This results in risks such as a read-out by memory scraping malware. These pick up data in memory. Encryption costs performance, so it is not used by default. Especially during a migration HANA runs in a parallel system, therefore at least one new system comes to your landscape. Also note: HANA has its own tools and settings that need to be known and configured. The bottom line is that the system simply needs more attention when operating. Many settings often result in more errors. Three - points - HANA Security Plan 1) Roles and permissions In a previous SAP system, roles and permissions are certainly one of the main pillars of a secure system. Roles and permissions work differently in a HANA system. There are two types of users: 1) Default (limited): With this type of user, there are different access methods to the database. For example, the JDBC or HTTP technologies are used to give two examples.
In this case, the term stands for the basic administration of SAP systems. In this context, responsible employees perform a number of classic tasks.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
These pick up data in memory.
The application servers provide the services for running SAP applications.