SAP Solution Manager
SAP BASIS OPERATIONS
In addition to scanning and identifying the respective security vulnerabilities of a program, it is also possible to stop tasks that are to be transported to other SAP systems with security vulnerabilities in the further transport process This applies, for example, to the CHARM process based on SAP Solution Manager. This forces a programmer to securely check the programs he or she is responsible for according to the same security criteria. If a program then still has security problems, it can either be released via the dual control principle or returned for further processing. Do you know of any other solutions for improving ABAP code security or have you already gained experience with the products mentioned above? I look forward to your comments!
The entry screen gives a brief overview of the status of the last queued. In case of incomplete support packages, the last (aborted) step of the SPAM will be displayed. System: Check the correct function of the transport tools using Tool Transport Tool. Make sure there is enough space (the size of the OCS files multiplied by 2) in the transport directory (see the R/3 profile parameter DIR_TRANS with the AL11 transaction or the SE38 transaction and the report RSPARAM). Make sure that there is enough space, especially in the subdirectories trans/EPS/in and trans/data. Use the latest SPAM update. Verify that the SPAM update offered in the SAPNet - R/3 frontend or the SAPNet - Web Frontend is newer than the one available in your system. You can see the version of the SPAM update available in your system in the title bar of the SPAM image. We recommend that you always run the latest SPAM update first [page 14] to avoid problems when playing. The insertion of a SPAM update is analogous to the insertion of support packages. There must be no incomplete support packages in your system. To do this, under Folder in the SPAM, select Aborted Support. Packages and select View. Support packages should not be displayed. The status light should be green. If not, view the detailed status and log information for all support packages in the system. Select Jump Status or Jump Log. Load Activities Support Package [page 15] Define Queue [page 17] Insert Queue [page 20] If necessary: Sync Modifications [Page 22] Verify Protocols [Page 23] Confirm Queue [Page 24].
SYSTEM CHANGEABILITY AND CLIENT SETTINGS
Another way to secure your gateway using the SAP standard is to encrypt communication using Secure Network Communication (SNC). In the case of unprotected data communication paths between different client and server components of the SAP system that use the SAP protocol RFC or DIAG, the data exchange takes place in plain text and there is a risk that this can be read. With the help of SNC, you can create end-to-end encryption (E2EE), which can be used to secure communication between two components, such as between the application server and SAP GUI. In addition, SNC encryption provides the basis for using SAP Single Sign-On (SSO) as a security solution, which significantly reduces the internal effort of password management.
An SAP administrator has the task of controlling a company's SAP system and ensuring its proper functioning. He/she maintains and monitors SAP applications and is also responsible for their development.
Tools such as "Shortcut for SAP Systems" complement missing functions in the SAP basis area.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
Important: In the end, all instances must be green.
SAP Basis means system administration and platform basis of SAP systems - quasi the operating level behind the SAP applications in the company.