SAP Basis SE51 Screen Painter - SAP Basis

Direkt zum Seiteninhalt
SE51 Screen Painter
WE19 Test tool for IDoc processing
New risks in SAP HANA: In addition to the known risks, there are also new risks from the use of SAP HANA. A very good example are frequently used web applications that represent something new in the SAP area. In contrast to an SAP ERP system, HANA systems consist mainly of web applications, which were considered optional in the previous versions. These web applications can be found by various search engines on the Internet. This also applies to SAP Portal or Netweaver. There are URL schemes that help locate the system. This also applies to other SAP systems that use Web applications. This makes the new technology vulnerable to typical web attacks. SQL Injection, ABAP Code Injection, or XSS are all included. All risks known for a normal SAP system also apply to a SAP-HANA system. The data is stored unencrypted in RAM. Only then does the system gain this speed advantage. This results in risks such as a read-out by memory scraping malware. These pick up data in memory. Encryption costs performance, so it is not used by default. Especially during a migration HANA runs in a parallel system, therefore at least one new system comes to your landscape. Also note: HANA has its own tools and settings that need to be known and configured. The bottom line is that the system simply needs more attention when operating. Many settings often result in more errors. Three - points - HANA Security Plan 1) Roles and permissions In a previous SAP system, roles and permissions are certainly one of the main pillars of a secure system. Roles and permissions work differently in a HANA system. There are two types of users: 1) Default (limited): With this type of user, there are different access methods to the database. For example, the JDBC or HTTP technologies are used to give two examples.

The SAP Security for Administrators training block covers the basics of security when using SAP systems. Participants receive training in basic security measures in the form of prevention and monitoring.
Clear authorization concept
Hosting environments and third-party offerings have also contributed to these improvements. Public cloud environments such as Azure and AWS provide a layer of abstraction that eliminates the difficult task of maintaining the hardware that was required with SAP on-premises.

SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.

As we explained in SAP Basis, your SAP Basis administrator (or team) is directly responsible for keeping your SAP landscape healthy, online, and up-to-date. This includes:

Tools such as "Shortcut for SAP Systems" are extremely useful in basic administration.

In addition, when copies are transported to the test system, no import is created in the production system.

Another important point is that once a user has the necessary permissions to use the transaction DBACOCKPIT, it can potentially (with appropriate permissions on the tables) access the entire SAP system.

The freeware Scribble Papers puts an end to the confusing paper chaos. The tool is also suitable for storing, structuring and quickly finding text documents and text snippets of all kinds in addition to notes.
SAP BASIS
Zurück zum Seiteninhalt