Experience in the administration of Windows or Linux server systems, databases or web applications
Installation of SAP milieus
The technology architect is well acquainted with the company's core business, has business process and project management expertise. As part of its activities, the technology architect does not exercise project management or project management. He develops and develops strategies and solutions in coordination with higher authorities, IT departments and also business units. It defines requirements for the implementation and operation, which it aligns with the operator or with the necessary expression of the Subject Matter Expert. He also takes care of new technologies in his field of activity and is thus a driver of innovation and a catalyst from a technical point of view. He also acts as a contact for enterprise architects in the company. However, this role will be much more coordinated in the future. The range of tasks will therefore increase in width. An additional requirement in the future will be the understanding of company policy.
New risks in SAP HANA: In addition to the known risks, there are also new risks from the use of SAP HANA. A very good example are frequently used web applications that represent something new in the SAP area. In contrast to an SAP ERP system, HANA systems consist mainly of web applications, which were considered optional in the previous versions. These web applications can be found by various search engines on the Internet. This also applies to SAP Portal or Netweaver. There are URL schemes that help locate the system. This also applies to other SAP systems that use Web applications. This makes the new technology vulnerable to typical web attacks. SQL Injection, ABAP Code Injection, or XSS are all included. All risks known for a normal SAP system also apply to a SAP-HANA system. The data is stored unencrypted in RAM. Only then does the system gain this speed advantage. This results in risks such as a read-out by memory scraping malware. These pick up data in memory. Encryption costs performance, so it is not used by default. Especially during a migration HANA runs in a parallel system, therefore at least one new system comes to your landscape. Also note: HANA has its own tools and settings that need to be known and configured. The bottom line is that the system simply needs more attention when operating. Many settings often result in more errors. Three - points - HANA Security Plan 1) Roles and permissions In a previous SAP system, roles and permissions are certainly one of the main pillars of a secure system. Roles and permissions work differently in a HANA system. There are two types of users: 1) Default (limited): With this type of user, there are different access methods to the database. For example, the JDBC or HTTP technologies are used to give two examples.
What should an SAP administrator be able to do?
Therefore, there can also be critical permissions, profiles, and roles that do not fit in the naming scheme defined by SAP. Manual identification of critical SAP permissions is difficult overall. However, tools are available that automatically check for critical permissions. In this case, the critical SAP permissions are usually predefined by special verification software. If the critical permissions, profiles, and roles are identified, they should be adjusted according to the permission planning. The system will then be checked to see if the desired system behaviour has been achieved or if malfunctions occur. This adjustment process may be complex in the event of major changes and should not be carried out on the production system.
The presentation layer is the interface to the users. Through a graphical interface, users enter data or interact with data through the applications. This presentation layer exchanges data with the application layer.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
Some useful tips about SAP basis can be found on www.sap-corner.de.
If this parameter is exceeded by a process, the query is cancelled before it could be executed.
Because hybrid landscapes are seen as the operating model of the future, it is necessary to develop monitoring strategies for this.