REDUCTION OF CUSTOMER SPECIFICATIONS
CG3Z Upload file
In the past, when we deployed SAP environments, we first had to work out a detailed sizing and architecture and pass it on to the procurement team, which then ordered the systems and installed them in the data center. From there, it went on to the network team, the storage team, the operating system team, and the database team. So it was not uncommon for three to six months to pass between the architecture design and the installation of a new SAP system.
Since jobs and backups should run at set times for organizational or technical reasons, automating them is a good idea. In simple, clear system environments, many SAP Basis administrators help themselves with SAP CPS (Central Process Scheduling) and simple ABAP batch jobs that start operations or other jobs. Since the desires and the system environments usually grow continuously, this approach becomes complex and confusing over time and troubleshooting often becomes difficult. As a result, maintainability often falls by the wayside and error-proneness can increase. If different jobs are strung together to form chains, further problems arise.
SAP Basis as a job title
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
Understanding the structure and functioning of the system is especially important for IT administration. It is not for nothing that "SAP Basis Administrator" is a separate professional field. On the page www.sap-corner.de you will find useful information on this topic.
A role concept according to best practice protects you from potential attacks within your SAP landscape. However, to protect your system from unauthorized access via the network, the SAP Gateway must be configured correctly. It enables the use of external programs via interfaces or the call of ABAP programs and serves as a technical component of the application server, which manages the communication of all RFC-based functions.
"Shortcut for SAP Systems" makes it easier and quicker to complete a number of SAP basis tasks.
The Outside-In process involves knowledge from external sources in idea generation.
These are two relatively simple examples of Security Check tools' rulebook.
A note box in which data of all kinds can be quickly filed and retrieved. This is what Scribble Papers promises. At first, the program looks very spartan. But once a small structure is in place, you realise the great flexibility of this little helper.