Session 0804 Security Control Center by SAP Active Global Support Kristian Lehment, Senior Product Manager, SAP AG
|
|
- Ross Moody
- 8 years ago
- Views:
Transcription
1 Orange County Convention Center Orlando, Florida June 3-5, 2014 Session 0804 Security Control Center by SAP Active Global Support Kristian Lehment, Senior Product Manager, SAP AG
2 Abstract Running secure business systems requires not only a secure configuration during implementation but also regular validation to "stay clean". In this session, you will learn about the self services and tools available for security, which are centered around the Security section in the SAP EarlyWatch Alert report. Using the Security Optimization Service and the application Configuration Validation within SAP Solution Manager, you can validate if the system matches to your corporate security policy and you can move from pure reporting to continuous security validation in your "Security Control Center" as proposed by SAP Active Global Support SAP AG or an SAP affiliate company. All rights reserved. 3
3 IT Risk & Security Lifecycle for each single IT organization Develop an implementation plan covering the missing IT Security measures according the criticality of the related risk to be mitigated. Implement the security measures. Moni- Inventoring Inventory tory Collect and document all systems maintained/operated. Monitor changes in processes, infrastructure and risk situation. Planning / Implementation Information Classification Evaluate the operational risk resulting from the identified gaps Report the results of the risk assessment according the defined operational IT Risk Management process. For each IT organization All systems have to be assigned to a category of systems according the criticality of the data/information stored/processed on the system. Risk Assessment IT Security Requirements Compare implemented security measures vs. security requirements and identify existing gaps. Gap analysis The IT security measures based on the system classification have to be aligned with the business requirements. Compromises might have to be made on both sides. Remaining risks have to be identified and addressed with respective business owners 2014 SAP AG or an SAP affiliate company. All rights reserved. 5
4 IT Risk & Security Lifecycle for each single IT organization Develop an implementation plan covering the missing IT Security measures according the criticality of the related risk to be mitigated. Implement the security measures. Authentication Prove who you are. Passwords, SSO, Federation. Evaluate the operational risk resulting from the identified gaps Report the results of the risk assessment according the defined operational IT Risk Management process. Planning / Implementation User Management Maintain accounts. Identity Management and more. Authorizations Risk Assessment Who s allowed to do what? Privilege management. Analysis+Reporting Company wide consolidation of security settings. Moni- Inventoring Inventory tory For each IT organization Information Classification IT Security Requirements Collect and document all systems maintained/operated. Monitor changes in processes, infrastructure and risk situation. Investment on authorizations and user management ( putting locks on doors ) often endangered by negligent handling of baseline security measures ( leaving open the windows ) All systems have to be assigned to a category of systems according the criticality of the data/information stored/processed on the system. The IT security measures based on the system classification have to be aligned with the business System+Infrastructure Security requirements. Compromises might Gap analysis Compare implemented security have to be made on both sides. measures vs. security requirements Remaining risks have to be Code security, RFC gateway, network and interfaces. and identify existing gaps. identified and addressed with respective business owners 2014 SAP AG or an SAP affiliate company. All rights reserved. 6
5 IT Risk & Security Lifecycle for each single IT organization Develop an implementation plan covering the missing IT Security measures according the criticality of the related risk to be mitigated. Implement the security measures. Analysis+Reporting Company wide consolidation of security settings. Moni- Inventoring Inventory tory Collect and document all systems maintained/operated. Monitor changes in processes, infrastructure and risk situation. Evaluate the operational risk resulting from the identified gaps Report the results of the risk assessment according the defined operational IT Risk Management process. Planning / Implementation For each IT organization Information Classification Internal and external auditors are discovering these topics at the moment! All systems have to be assigned to a category of systems according the criticality of the data/information stored/processed on the system. Risk Assessment IT Security Requirements The IT security measures based on the system classification have to be aligned with the business System+Infrastructure Security requirements. Compromises might Gap analysis Compare implemented security have to be made on both sides. measures vs. security requirements Remaining risks have to be Code security, RFC gateway, network and interfaces. and identify existing gaps. identified and addressed with respective business owners 2014 SAP AG or an SAP affiliate company. All rights reserved. 7
6 Security in Operations The big picture
7 Innovation Control Center and Operation Control Center with premium access to Mission Control Center Innovation Control Center Build SAP like a factory Reduce implementation cost Reduce time to value Smoothen transition to operations Avoid unnecessary modifications Mission Control Center Enhanced Back Office Direct access to unmatched expertise from SAP and ecosystem Fast issue resolution SAP Solution Manager Operations Control Center Run SAP like a factory Improve business continuity Higher degree of automation Better business performance Reduce total cost of operations Customer SAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 9
8 Run SAP Like Factory Operations Control Center Business Process Operations Application Operations IT Infrastructure Operations Operations Control Center (OCC) Central Monitors/ Dashboards Status Core Business Processes Central Alert Inbox Event Management Status Business Users Status System Components Act Check Continuous Improvement Process Plan Do Problem Management (re-active / pro-active) Change Management Incident and Problem Management 2014 SAP AG or an SAP affiliate company. All rights reserved. 10
9 Security in Operations The Big Picture Management Dashboards Provide an overview on system landscape status For Security could also include the progress of getclean projects Mainly used for quick status overview as required by management and operations Incident Management Guided Procedures (Immediate Resolution) Alert Inbox with Work Items used as trigger for action For Security may contain Snapshot Spot Check Events (identified issues at time of check) Security critical events (complete independent of time of check) Change Management (Change Projects) 2014 SAP AG or an SAP affiliate company. All rights reserved. 12
10 Management Dashboards Security View Monitoring Stay Clean Views Monitoring Get Clean Projects Monitoring Security Alerts Situation Critical System Parameters Compliance of Systems 50 Target: System_Params Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, SAP* / SAP_ALL Compliance of Systems 47 Target: SAP_Star-SAP_ALL Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, Missing Security HotNews Compliance of Systems Target: Security_HotNews Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, 3 Secure AS Gateway Config Compliance of Systems 7 13 Target: Gateway_Security_Project Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, System w. Security Alerts Compliance of Systems 49 1 Target: Security_Alerts Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, System w. Security Alerts Compliance of Systems Target: Security_Alerts Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, See Configuration Validation based Management Dashboards for Examples 2014 SAP AG or an SAP affiliate company. All rights reserved. 13
11 Achievements to be unlocked Security Reporting Operations Control Center Strong recommendations from SAP Cross system security validation Security Optimization Service Security dashboards and Alerts Required notes for Security Patch Process Integration of security validation into Operations Control Center 2014 SAP AG or an SAP affiliate company. All rights reserved. 14
12 Security Reporting using the SAP Solution Manager EarlyWatch Alert Strong recommendations from SAP, including security topics Security Optimization Service Extensive analysis about security, including recommendations System Recommendations Analysis about missing Security Notes Configuration Validation & Change Reporting Cross system analysis of security configuration Dashboards Show summary about Configuration Validation results Alerting based on SAP EarlyWatch Alert Alerting based on Security Audit Log Alerting based on Configuration Validation 2014 SAP AG or an SAP affiliate company. All rights reserved. 15
13 EarlyWatch Alert Strong recommendations from SAP including security topics
14 The Role of EarlyWatch Alert (EWA) for Security SAP EarlyWatch Alert (EWA) (see SAP EarlyWatch Alert is an important part of making sure that your core business processes work. It is a tool that monitors the essential administrative areas of SAP components and keeps you up to date on their performance and stability. SAP EarlyWatch Alert runs automatically to keep you informed, so you can react to issues proactively, before they become critical. Security in the EarlyWatch Alert: The EWA Report includes selected information on critical security observations SAP Security Notes: ABAP and Kernel Software Corrections Default Passwords of Standard Users Password Policy Gateway and Message Server Security Users with Critical Authorizations More detailed and additional information can be found with the help of the security self-services 2014 SAP AG or an SAP affiliate company. All rights reserved. 17
15 EarlyWatch Alert in the System Monitoring Work Center Filter sessions by your solution Generate HTML report 2014 SAP AG or an SAP affiliate company. All rights reserved. 18
16 EWA Summary 2014 SAP AG or an SAP affiliate company. All rights reserved. 19
17 EarlyWatch Alert Chapter Security Overview 2014 SAP AG or an SAP affiliate company. All rights reserved. 20
18 EarlyWatch Alert Chapter Security SAP Security Notes 2014 SAP AG or an SAP affiliate company. All rights reserved. 21
19 EarlyWatch Alert Chapter Security Default Passwords of Standard Users 2014 SAP AG or an SAP affiliate company. All rights reserved. 22
20 EarlyWatch Alert Chapter Security Password Policy (1/2) 2014 SAP AG or an SAP affiliate company. All rights reserved. 23
21 EarlyWatch Alert Chapter Security Password Policy (2/2) 2014 SAP AG or an SAP affiliate company. All rights reserved. 24
22 EarlyWatch Alert Chapter Security Users with Critical Authorizations 2014 SAP AG or an SAP affiliate company. All rights reserved. 25
23 Security Optimization Service Extensive analysis about security including recommendations
24 Value Proposition The SAP Security Optimization Service is designed to verify and improve the security of the SAP systems of customers by identifying potential security issues and giving recommendations on how to improve the security of the system Keeping the security and availability of customer SAP solutions high is a tremendous value to customers businesses - a value delivered by the SAP Security Optimization Service. Analysis is the key to this value, which is necessary to: Decrease the risk of a system intrusion Ensure the confidentiality of business data Ensure the authenticity of users Substantially reduce the risk of costly downtime due to wrong user interaction More information can be found under the alias SOS in the SAP Service Market Place SAP AG or an SAP affiliate company. All rights reserved. 27
25 SAP Security Optimization Service Overview The SAP Solution Manager offers the possibility to locally execute the SAP Security Optimization Service SAP Security Optimization SAP Security Optimization Self Service All completely automated checks in ABAP systems No additional costs for this service SAP Security Optimization Remote Service Broad range of security checks extending the Self-Service checks Performed by experienced service engineers Part of CQC service offering SAP Security Optimization Onsite Service Individual range of security checks, e.g. for the SAP Enterprise Portal Performed by specialists Additional costs for this service 2014 SAP AG or an SAP affiliate company. All rights reserved. 28
26 Security Optimization Service Scope of Remote Service and Self Service SAP NetWeaver Application Server ABAP Basis administration check User management check Super users check Password check Spool and printer authorization check Background authorization check Batch input authorization check Transport control authorization check Role management authorization check Profile parameter check SAP GUI Single Sign-On (SSO) check Certificate Single Sign-On (SSO) check External authentication check Scope of the SOS Self Service SAProuter SAProuttab check OS access check SNC check SAP Enterprise Portal Landscape check Configuration check Administration check SSL check Authorization check for portal content, user management and administration SAP NetWeaver Application Server Java Landscape check Configuration check SSL check Administration check 2014 SAP AG or an SAP affiliate company. All rights reserved. 29
27 Guided Self-Service for Security Optimization Create new Session 2014 SAP AG or an SAP affiliate company. All rights reserved. 30
28 Guided Self-Service for Security Optimization Execute Session 2014 SAP AG or an SAP affiliate company. All rights reserved. 31
29 Guided Self-Service for Security Optimization Maintain Questionnaire 2014 SAP AG or an SAP affiliate company. All rights reserved. 32
30 Deriving an Action Plan Deriving an Action Plan is easy... in theory. The SOS report is designed to already contain everything you need for it: a general introduction the findings and explanations risk ratings recommendations technical background information So just go ahead! 2014 SAP AG or an SAP affiliate company. All rights reserved. 33
31 Deriving an Action Plan... is not that easy when the report is huge When the SOS report is huge working on it as described on the slide before takes a lot of time and resources... and may even cause that nothing happens at all The goal of the SOS however is not to just produce a nice report but to have impact and improve the security of the respective system! Recommended solution: Identify Systematic Issues (e.g. issues with the authorization concept) and trigger a solution Identify Top Issues and solve them first! Identify Quick Wins and implement them Determine the remaining risk and either address the next set of Top Issues or get agreement, that the achieved level of security looks acceptable until the next scheduled run of the SOS 2014 SAP AG or an SAP affiliate company. All rights reserved. 34
32 How to Identify Top Issues Candidate Standard Users with Default Password Candidate: Standard Users with Default Passwords Threat: Standard users with default passwords allow anyone, who is able to establish a network connection to your system, to anonymously enter it and execute code under potentially high authorizations. In the SOS report look for section User Authorization Standard Users. Check-ID 0041 Action: Change the password Remark: Look for the other checks in this SOS section as well. They also contain valuable recommendations to protect your system from this threat! 2014 SAP AG or an SAP affiliate company. All rights reserved. 35
33 How to Identify Top Issues Candidate Insufficient Password Policy Candidate: Insufficient Password Policy Threat: Weak passwords may give unauthorized people access to potentially powerful accounts. This risks the confidentiality, integrity and availability of your data In the SOS report look for section Authentication Passwords Check-ID 0123 Action: Carefully review the whole Password section of the SOS. Decide on an appropriate password policy (if not already defined) and implement it with recommended settings as given suggested in the SOS report 2014 SAP AG or an SAP affiliate company. All rights reserved. 36
34 How to Identify Top Issues Candidate Users with full authorization for S_RFC Candidate: Users with full authorizations for S_RFC Threat: These users can be used to call any RFC function from outside the system In the SOS report look for section Basis Authorization Incoming RFC Check-ID 0241 Action: Limit users with authorization S_RFC with RFC_NAME=* to the minimum. Limit the RFC functions, for which a specific user is authorized to the required set or remove the authorization completely where possible 2014 SAP AG or an SAP affiliate company. All rights reserved. 37
35 Further Information and Contact Contact address Public information SAP Service Marketplace, using alias /SOS SAP Notes: Note SAP Security Optimization: Preparation & Additional Info Note Execution of the Security Optimization Self-Service Note Security Checks in the SAP EarlyWatch Alert Related SAP education training opportunities Search for ADM960: Security in SAP system environments 2014 SAP AG or an SAP affiliate company. All rights reserved. 38
36 System Recommendations Analysis about missing Security Notes
37 Where s The Risk Of Not Patching? Without closing the addressed vulnerabilities it cannot be ensured that business applications are operated in a duly manner because standard security measures such as authentication mechanisms authorizations implementations security settings (parameters) can potentially be fully circumvented This may in turn, negligently, lead to system / application misuse for various purposes loss of reputation (see the Sony incident as an example) falsified financial data and reporting -> issue for financial audits indirect losses through sabotage, direct losses through theft and more, like negative impact on the share price etc SAP AG or an SAP affiliate company. All rights reserved. 40
38 Security Notes in the Service Marketplace Security Notes Search The rightmost column Automatic check in EWA shows which security notes get checked in the EarlyWatch Alert and with the tool RSECNOTE SAP AG or an SAP affiliate company. All rights reserved. 41
39 System Recommendations To keep your SAP systems up-to-date and secure you have to apply various types of notes and patches. System recommendations show all relevant notes and patches for the selected systems and help you to easily keep all of your systems up-to-date Java patches Legal change notes Performance -relevant notes HotNews Security notes SAP System General SAP notes 2014 SAP AG or an SAP affiliate company. All rights reserved. 42
40 System Recommendations: Process Flow Customer SAP 1. Select system to check & update 3. Connect to SAP Global Support Backbone 2. Retrieve system information (SP level, patch level) 5. Send information back to the customer s SAP Solution Manager system 4. Provide information on latest relevant notes (for SP level, patch level) 6. Retrieve system information (implemented notes) 7. Calculate delta between OSS provided notes and already implemented notes. Show relevant notes of the system(s) via System Recommendations or Configuration Validation 2014 SAP AG or an SAP affiliate company. All rights reserved. 44
41 System Recommendation SAP Solution Manager Work Center Change Management Quick link for Easy Access Menu: WebDynpro WDC_NOTE_CENTER 2014 SAP AG or an SAP affiliate company. All rights reserved. 45
42 System Recommendations: Key Elements Filter by solution, product system, technical system and date Filter by application component Settings Structured recommendations BW reporting as of SolMan 7.1 SP 3 Multiple views Status management and filter Integration of Change Request Management and Maintenance Optimizer Export to Excel 2014 SAP AG or an SAP affiliate company. All rights reserved. 46
43 Cross-System check for System Recommendations Integrated BW Reporting as of SolMan 7.1 SP 3 List SAP notes not yet implemented in the systems of the selected solution, within the specified time period 2014 SAP AG or an SAP affiliate company. All rights reserved. 47
44 Maintenance Optimizer (MopZ) Step 4: Implementation Show relevant Security Notes The Maintenance Optimizer shows relevant security notes as well Example used here: The planned Support Package Upgrade of the ABAP part of a SolMan 7.1 from SP 5 to SP 7 reduces the count of notes by 50 from 373 to 322 (Most of these remaining notes are not software-related) 2014 SAP AG or an SAP affiliate company. All rights reserved. 48
45 Achievements unlocked Security Reporting Operations Control Center Strong recommendations from SAP in the security chapter of the EarlyWatch Cross system security validation Extensive checks in the Guided selfservice Security Optimization Service Security dashboards and Alerts Required notes for Security Patch Process by System Recommendations Integration of security validation into Operations Control Center system specific, get clean 2014 SAP AG or an SAP affiliate company. All rights reserved. 49
46 Configuration Validation & Change Reporting Cross system analysis of security configuration
47 Consider Customers Situation of Today Are the OS, DB, Software and Kernel on the certain / latest level? on all Systems?.. Please show me? Have we applied SAP Note xxxxx on all systems? please report implementation status for all systems? Have we imported Transport request xxxx (with important performance changes) on all systems? could I have a list of the systems where it is still missing? Are all our CRM systems compliant with the new Configuration Baseline?.. not compliant.. which systems? what exactly? Challenges Are security settings applied? on all systems? could you please confirm and report? A large number of systems Complex SAP Landscape Need to perform comparison of current configuration status against a defined target or standard configuration baselines with minimum efforts and ASAP 2014 SAP AG or an SAP affiliate company. All rights reserved. 51
48 What is Configuration Validation? The Idea behind Configuration Validation A reporting to understand how homogeneous the configuration of systems is Reference System Compared Systems Configuration Items Software Packages ABAP Notes Kernel level Transports... Parameters Configuration Validation System 1 Configuration Items ABAP Notes Software Packages Transports... Parameters... System N Configuration Items ABAP Notes Software Packages Transports... Parameters Compliance with Reference System Software Packages ABAP Notes... Transports System 1 System 2... System N Typical questions are: All systems on a certain OS level or DB level? Template configuration (SAP or DB parameter) applied on all systems? No kernel older than 6 month on all systems? Security policy settings applied? Security defaults in place? Have certain transports arrived in the systems? 2014 SAP AG or an SAP affiliate company. All rights reserved. 52
49 Configuration Validation Target System Maintenance 2014 SAP AG or an SAP affiliate company. All rights reserved. 53
50 Configuration Validation Drilldown Reporting Formatting Drilldown Instance Name 2014 SAP AG or an SAP affiliate company. All rights reserved. 54
51 New with Solution Manager 7.1 Critical User Authorizations: Analysis of user profiles AUTH_PROFILE_USER: User profile check store in the Target System (reference) defines that no user is allowed to have SAP_ALL profile Validation Output: The Users which have critical authorizations in the system SI7 (compared system) 2014 SAP AG or an SAP affiliate company. All rights reserved. 55
52 New Features of Configuration Validation 2014 SAP AG or an SAP affiliate company. All rights reserved. 56
53 New Features of Configuration Validation Solution Manager release Config Store with Project Attributes of ABAP Transports Weighted Security Item Reporting Documentation for Config Items Additional House Keeping Features for CCDB (anti-aging) X-Single Column Reporting for Configuration Validation 7.1 SP SAP AG or an SAP affiliate company. All rights reserved. 57
54 Configuration Validation: EGI session Get in-depth knowledge of the Configuration Validation functionality with the Expert Guided Implementation (EGI) service The EGI gives the participants the opportunity to set up ready-to-use Configuration Validation Reports in their own SAP Solution Manager Training, practical experience, remote consulting Empowering, Web session, 1-2 h. each morning SAP expert explains step-by-step configuration using training materials Execution, 2-3 h. on the same day Participants execute demonstrated steps within their own project, on their own SAP environment Expertise on demand, during execution Participants have direct access to an SAP expert who directly supports them remotely, if necessary, during the execution More information on available EGI topics and booking information can be found here: EGI Registration 2014 SAP AG or an SAP affiliate company. All rights reserved. 58
55 Dashboards Show summary about Configuration Validation results
56 Big Picture: Reporting / Alerting / Management Dashboard Configuration Validation Target Systems could be uses in several areas Configuration Validation Management Dashboard Reporting System Monitoring / Alerting 2014 SAP AG or an SAP affiliate company. All rights reserved. 60
57 Management Dashboards Security View Monitoring Stay Clean Views Monitoring Get Clean Projects Monitoring Security Alerts Situation Critical System Parameters Compliance of Systems 50 Target: System_Params Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, SAP* / SAP_ALL Compliance of Systems 47 Target: SAP_Star-SAP_ALL Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, Missing Security HotNews Compliance of Systems Target: Security_HotNews Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, 3 Secure AS Gateway Config Compliance of Systems 7 13 Target: Gateway_Security_Project Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, System w. Security Alerts Compliance of Systems 49 1 Target: Security_Alerts Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, System w. Security Alerts Compliance of Systems Target: Security_Alerts Systems: PR1, PR2, PR3, PR4, DEX, DEY, DEZ, See Configuration Validation based Management Dashboards for Examples 2014 SAP AG or an SAP affiliate company. All rights reserved. 61
58 New with Solution Manager 7.1 SP 3: Security Dashboards Dashboard Management Define dashboards to be used by others: WebDynpro ABAP Applications DASHBOARD_MANAGEMENT and GENERIC_DASHBOARD_VIEWER Proposal: Create individual dashboard blocks for different KPIs and include them into a specific security dashboard 2014 SAP AG or an SAP affiliate company. All rights reserved. 62
59 Alerting
60 Use Case for Security Alerts Red Alert Actions & Recommendations Resolution Green Rating Security Alert appears in Alert Inbox Alert Details recommends actions to resolve the alert, e.g. to implement a SAP Note, to change the passwords etc. Follow the recommendation. Assign alerts to processor for follow up and issue resolution Problem is solved. Next set of Alerts in Inbox is green 2014 SAP AG or an SAP affiliate company. All rights reserved. 64
61 Inbox & Reporting/Drill-Down Alert Inbox Unexpected Assignment of SAP_ALL Unexpected Assignment of SAP_ALL Reporting / Drill-Down 2014 SAP AG or an SAP affiliate company. All rights reserved. 65
62 Alerting based on SAP EarlyWatch Alert
63 SAP EarlyWatch Alert Integration into Operation You want to... Activate different checks for the next SAP EarlyWatch Alert (EWA) report Get all system alerts in one place Get access to SAP assistance Get business process relevant information in your EWA Continuous system improvement by leveraging EWA results EWA EWA EWA Why integrate EWA into operation? Optimize system behavior Reduce manual effort due to consolidated overview of critical EWA findings Start mitigating measures directly out of the reported issue 2014 SAP AG or an SAP affiliate company. All rights reserved. 67
64 EWA Results Now Available in Technical Monitoring Alert Inbox Advantages EWA results are in one place, with customizable views No need to check EWA reports manually every week Recommendations and guidelines for alert resolution are in the same place Processing of alerts in inbox supported by integration with incident management, alert assignment etc SAP AG or an SAP affiliate company. All rights reserved. 68
65 Consolidated Alert Overview Short Introduction The following information is shown in the Alert Inbox overview screen: Basic information, e.g. Issue Area, category, relevant system, current status etc. History information, e.g. How many alerts have been raised / Worst rating in the past / No. of status changes etc. Processing information, e.g. Processor name, current status (automatic confirmation, manual notification, incident etc.) 2014 SAP AG or an SAP affiliate company. All rights reserved. 69
66 Alert Details and Metrics Opening a specific alert displays the individual details of the alert Mark a line to see how to resolve the issue 2014 SAP AG or an SAP affiliate company. All rights reserved. 70
67 Alert Handling The handling of alerts is supported by Sending mail or SMS notifications Integration of Issue Management Assigning a person responsible to an alert 2014 SAP AG or an SAP affiliate company. All rights reserved. 71
68 Technical Details Prerequisites Solution Manager system and connected managed systems with activated EWA Alert Inbox for EarlyWatch Alert is available with Solution Manger 7.1 SP05 onwards Activation EWA integration into Alert Inbox is activated automatically. No manual configuration steps are required Currently, updates to the EWA Alert Inbox template are shipped via Support Packages. New template content has to be activated manually. In the future it is planned that new content will be imported and activated dynamically 2014 SAP AG or an SAP affiliate company. All rights reserved. 72
69 Alerting based on Security Audit Log
70 Overview Prerequisites The Security Audit Log is activated on managed system using transaction SM19 The Security monitor within the monitor set SAP CCMS Monitor Template is activated using transaction RZ20 Monitoring in general Security Monitor Activation Activate the corresponding alerts in the SAP Solution Manager Defining User Alerts in the SAP Solution Manager SAP AG or an SAP affiliate company. All rights reserved. 74
71 Recommended Filter settings for the Security Audit Log according to blog 1. Filter: Activate everything which is critical for all users '*' in all clients '*'. You may deactivate the messages of class User master record change (32) because you get change documents for users in transaction SUIM anyway. Consider to add messages AUO, AUZ, BU5, BU6, BU7, BU9, BUA, BUB BUC, BUH, AUP, AUQ. If you maintain logical file names using transaction FILE (see note ) than add messages CUQ, CUR, CUS, CUT. 2. Filter: Activate everything for users 'SAP*' in all clients '*' This includes the built-in user 'SAP*' as well as all users account names starting with 'SAP', e.g.'sapsupportx' because of rsau/user_selection = 1. To show log entries in for user 'SAP*' only, filter by 'SAP#*' in SM20 or use report RSAU_SELECT_EVENTS instead. 3. Filter: Activate everything for other support and emergency users, e.g. 'FF*' (FireFighter) in all clients '*' 4. Filter: Activate all events for the dialog activities 'logon' and 'transaction' for user 'DDIC' in all clients. This user should not be used in dialog mode. It's only required for specific activities while applying support packages or while importing transports (however in this case you can use another background user as well). 5. Filter: Activate everything for client '066'. This client is not used anymore and can be deleted (see ). 6. Filter: Activate RFC events (AUL, AUK, AU6, AU5) for a short time for selected users to identity RFC connection problems easily (see ) Filter: free for other project specific purpose 2014 SAP AG or an SAP affiliate company. All rights reserved. 75
72 Security monitor within the monitor set SAP CCMS Monitor Template Transaction RZ SAP AG or an SAP affiliate company. All rights reserved. 76
73 Alert Inbox in System Monitoring Limitation: No drilldown into details 2014 SAP AG or an SAP affiliate company. All rights reserved. 77
74 Alerting based on Configuration Validation
75 Setup Configuration Validation Target System Starting with SAP Solution Manager 7.1 SP6 specific alerts are available in the standard template based on target system 0ALERT: Alert: Expiring ABAP certificates Alert: Failed ABAP transports Alert: Global changes allowed Alert: Users with critical profiles In addition you can add use any target system of Configuration Validation: Alert: Configuration Validation Password policy settings Other Profile Parameter settings Standard users with known password RFC Gateway ACL etc SAP AG or an SAP affiliate company. All rights reserved. 79
76 Setup Configuration Validation Target System 0ALERT You can copy the target system and adjust the rules SAP AG or an SAP affiliate company. All rights reserved. 80
77 Setup Configuration Validation Target System SAP_ALL (Example) Config Store AUTH_PROFILE_USER Contains only one rule Use 0SECN template to create target system. Delete all config stores besides AUTH_PROFILE_USER 2014 SAP AG or an SAP affiliate company. All rights reserved. 81
78 Setup Technical Monitoring Step 1-3: Prerequisites Prerequisites: perform steps 1 3 which are not system specific 2014 SAP AG or an SAP affiliate company. All rights reserved. 82
79 Setup Technical Monitoring Step 4: Template Maintenance: Deriving a template and adding a target system Metric Number of non-compliant items is non active. It is necessary to active it. Create template for the SAP basis version your system is running on 1. Mark Template 2 2. Create Custom Template 3. New template appears SAP AG or an SAP affiliate company. All rights reserved. 83
80 Setup Technical Monitoring Step 4: Add target System SAP_ALL to metric number of non-compliant items Tab Metrics click on Number of noncompliant items 3 1. In tab data collection add target system 2. in tab Metrics Check Active 2 3. Save button is at the top SAP AG or an SAP affiliate company. All rights reserved. 84
81 Setup Technical Monitoring Step 5: Define Scope Choose a system Next 2014 SAP AG or an SAP affiliate company. All rights reserved. 85
82 Setup Technical Monitoring Step 6: Setup Monitoring 1. Assign Template for Technical System 2. Apply and activate it 3. Configuration Managed Object is the next step SAP AG or an SAP affiliate company. All rights reserved. 86
83 Verify Alert Settings using the Alerting Directory Browser Alerts from EWA Alerts from Template 0ALERT Alerts from ConfigVal 2014 SAP AG or an SAP affiliate company. All rights reserved. 87
84 Technical Monitoring Alert Inbox Personalized query for Security Configuration 2014 SAP AG or an SAP affiliate company. All rights reserved. 88
85 Technical Monitoring Alert Inbox Detail View Show report 2 Show Target report Systems 2014 SAP AG or an SAP affiliate company. All rights reserved. 89
86 Guided Procedures for regular Tasks You can create Guided Procedures for regular tasks Option to link Guided Procedures to alerts Accessible from Technical Administration Work Center via Guided Procedure Browser 2014 SAP AG or an SAP affiliate company. All rights reserved. 90
87 Achievements unlocked: Security Reporting Operations Control Center Strong recommendations from SAP in the security chapter of the EarlyWatch Extensive checks in the Guided selfservice Security Optimization Service Custom specific cross system security validation using application Configuration Validation Use of Configuration Validation for Security dashboards and Alerts Required notes for Security Patch Process by System Recommendations system specific, get clean Integration of security validation into Operations Control Center cross-system, stay clean 2014 SAP AG or an SAP affiliate company. All rights reserved. 91
88 SAP Enterprise Support Academy Learning from Experts to Experts The SAP Enterprise Support Academy is a dedicated platform for simplified access to and consumption of SAP Enterprise Support offerings How it can help What it offers Where to find more Easily access SAP Enterprise Support services Up-skill professionals Boost cross-functional collaboration between the business and IT units A comprehensive learning environment that allows the creation of individual learning plans and provides a personalized learning experience. Aggregated views on services and educational elements Home page: service.sap.com/esacademy News subscription Contact: sap_es_academy@sap.com 2014 SAP AG or an SAP affiliate company. All rights reserved. 92
89 Monthly ASUG Security Webcast Hosted by the ASUG Security SIG: E. g.: SAP AG or an SAP affiliate company. All rights reserved. 93
90 THANK YOU THANK YOU FOR PARTICIPATING Please provide feedback on this session by completing a short survey via the event mobile application. SESSION CODE: 0804 For ongoing education on this area of focus, visit
Checking Security Configuration and Authorization.. or how best to protect your data and keep the availability of your SAP solutions
Checking Security Configuration and Authorization.. or how best to protect your data and keep the availability of your SAP solutions SAP Active Global Support Security Services November 2015 Disclaimer
More informationSAP Secure Operations Map. SAP Active Global Support Security Services May 2015
SAP Secure Operations Map SAP Active Global Support Security Services May 2015 SAP Secure Operations Map Security Compliance Security Governance Audit Cloud Security Emergency Concept Secure Operation
More informationProcessed on SAP Solution Manager Service Center Release EHP 1 for Solution Manager 7.0 Telephone Service Tool 701_2011_1 SP0 Fax
SERVICE REPORT SAP Security Optimization Self-Service SAP System ID SAP Product Release DB System Customer Processed on SAP Solution Manager Service Center Release EHP 1 for Solution Manager 7.0 Telephone
More informationSAP SECURITY OPTIMIZATION
SAP SECURITY OPTIMIZATION ABAP Checks This documents shows the description of all checks which are executed by the SAP Security Optimization Service for an ABAP system (Version from May 2014). Author:
More informationProactive Monitoring and Alerting to support Stabilization after Go-Live!
Orange County Convention Center Orlando, Florida June 3-5, 2014 Proactive Monitoring and Alerting to support Stabilization after Go-Live! Marci Braybrooks, IBIS America Community Facilitator, ASUG SIG
More informationBusiness Process and Interface Monitoring
SAP Standard for E2E Solution Operations Document Version: 1.0 2015-02-12 SAP Solution Manager 7.1 Typographic Conventions Type Style Example Description Words or characters quoted from the screen. These
More informationOverview Application Incident Management. David Birkenbach ALM Solution Management August 2011
Overview Application Incident David Birkenbach ALM Solution August 2011 How the New SAP Solution Manager Supports Business & IT SAP Solution Manager 7.1 provides: Better coverage of the complete customer
More informationSAP Standard for Remote Supportability
SAP Standard for E2E Solution Operations Document Version: 1.0 2014-12-12 SAP Solution Manager 7.1 Typographic Conventions Type Style Example Description Words or characters quoted from the screen. These
More informationHow To Manage Work Mode On An It Calendar On An Apa System
SAP Solution Manager 7.1 Technical Administration Work Center Setup Q2, 2011 Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase decision.
More informationCloud-based Managed Services for SAP. Service Catalogue
Cloud-based Managed Services for SAP Service Catalogue Version 1.8 Date: 28.07.2015 TABLE OF CONTENTS Introduction... 4 Managed Services out of the Cloud... 4 Cloud-based Flexibility, Efficiency and Scalability...
More informationSAP Change Control - One Integrated Process to Manage Software Solution Deployments SAP AG
SAP Change Control - One Integrated Process to Manage Software Solution Deployments SAP AG Disclaimer This presentation outlines our general product direction and should not be relied on in making a purchase
More informationSAP Cybersecurity Solution Brief. Objectives Solution Benefits Quick Facts
SAP Cybersecurity Solution Brief Objectives Solution Benefits Quick Facts Secure your SAP landscapes from cyber attack Identify and remove cyber risks in SAP landscapes Perform gap analysis against compliance
More informationExpert Guided Implementation (EGI) for Security Optimization. SAP Active Global Support
Expert Guided Implementation (EGI) for Security Optimization SAP Active Global Support Agenda Overview Customer benefits Technical prerequisites Schedule 2011 SAP AG. All rights reserved. 2 EGI for Security
More informationAdministration Guide. BlackBerry Enterprise Service 12. Version 12.0
Administration Guide BlackBerry Enterprise Service 12 Version 12.0 Published: 2015-01-16 SWD-20150116150104141 Contents Introduction... 9 About this guide...10 What is BES12?...11 Key features of BES12...
More informationThe Road to Technical Monitoring with SAP Solution Manager
The Road to Technical Monitoring with SAP Solution Manager Heiko Zuerker ALM230 Copyright 2012 Rockwell Automation, Inc. All rights reserved. Agenda Rockwell Automation s SAP and Solution Manager Landscape
More informationSecurity FAQs (Frequently Asked Questions) for Xerox Remote Print Services
Security FAQs (Frequently Asked Questions) for Xerox Remote Print Services February 30, 2012 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation
More informationUser Manual. Version 3.12. connmove GmbH Version: 3.12. www.connmove.de Seite 1 von 33
User Manual Version 3.12 connmove GmbH Version: 3.12 www.connmove.de Seite 1 von 33 Table of Contents Introduction... 4 cmwatcher Blog... 4 System Requirements... 4 Architecture Recommendations... 5 Integration
More informationSAP SECURITY OPTIMIZATION
SAP SECURITY OPTIMIZATION Java Checks This documents shows the description of all checks which are executed by the SAP Security Optimization Service for an Java system (Version from May 2014). Author:
More informationSAP SECURITY OPTIMIZATION
SAP SECURITY OPTIMIZATION ABAP Checks This document shows the description of all checks which are executed by the SAP Security Optimization Service for an ABAP system (Version from July 2011). Author:
More informationHow to Configure Solution Manager 7.1 Technical Monitoring for an SAP HANA Database
How to Configure Solution Manager 7.1 Technical Monitoring for an SAP HANA Database by Jereme Swoboda, SAP Solution Manager and NetWeaver Consultant, NIMBL This document is for your personal use only.
More informationIT Service Management by SAP Africa (ITSM) Dirk Smit ALM Engagement Manager
IT Service Management by SAP Africa (ITSM) Dirk Smit ALM Engagement Manager Optimize IT Operations Process Support Business Goals CIO CEO/CFO Reliable Business Support Changes to improve IT services are
More informationBest Practices Report
Overview As an IT leader within your organization, you face new challenges every day from managing user requirements and operational needs to the burden of IT Compliance. Developing a strong IT general
More informationInception of the SAP Platform's Brain Attacks on SAP Solution Manager
Inception of the SAP Platform's Brain Attacks on SAP Solution Manager Juan Perez-Etchegoyen jppereze@onapsis.com May 23 rd, 2012 HITB Conference, Amsterdam Disclaimer This publication is copyright 2012
More informationSAP Standard for Data Volume Management
SAP Standard for E2E Solution Operations Document Version: 1.0 2014-12-12 SAP Solution Manager 7.1 Typographic Conventions Type Style Example Description Words or characters quoted from the screen. These
More informationSAP Secure Support. Key SAP Solution Manager Functions in a High Security Infrastructure with Separate Network. SAP AG, Walldorf/Rot, December 2013
SAP Secure Support Key SAP Solution Manager Functions in a High Security Infrastructure with Separate Network SAP AG, Walldorf/Rot, December 2013 SAP AG 2013 Page 1 of 23 Contents 1 Introduction... 3 2
More informationAdministrator's Guide
Administrator's Guide Copyright SecureAnywhere Mobile Protection Administrator's Guide November, 2012 2012 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark and SecureAnywhere
More informationHow to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions
How to leverage SAP NetWeaver Identity Management and SAP Access Control combined solutions Introduction This paper provides an overview of the integrated solution and a summary of implementation options
More informationSetup Guide Central Monitoring of SAP NetWeaver Proces Integration 7.3 with SAP Solution Manager 7.1. Active Global Support February 2011
Setup Guide Central Monitoring of SAP NetWeaver Proces Integration 7.3 with SAP Solution Manager 7.1 Active Global Support February 2011 Agenda Overview Landscape Setup Recommended Setup SLD/LMDB Synchronization
More informationSecurity and Your SAP System When Working with Winshuttle Products
Security and Your SAP System When Working with Winshuttle Products 2014 Winshuttle, LLC. All rights reserved. 2/14 www.winshuttle.com Background Companies running SAP systems are accustomed to configuring
More informationSAP SECURITY CLEARING THE CONFUSION AND TAKING A HOLISTIC APPROACH
SAP SECURITY CLEARING THE CONFUSION AND TAKING A HOLISTIC APPROACH WWW.MANTRANCONSULTING.COM 25 Mar 2011, ISACA Singapore SOD SAS70 Project Controls Infrastructure security Configurable controls Change
More informationSAP Standard for Job Scheduling Management
SAP Standard for E2E Solution Operations Document Version: 1.0 2014-12-12 SAP Solution Manager 7.1 Typographic Conventions Type Style Example Description Words or characters quoted from the screen. These
More informationEncrypted Email Users Guide. Revised 6/8/2015
Encrypted Email Users Guide Revised 6/8/2015 Contents Encrypted email service overview Registering, activating and maintaining an account Online Help Accessing the encrypted email portal screens Downloading
More informationGO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown
GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android with TouchDown GO!Enterprise MDM for Android, Version 3.x GO!Enterprise MDM for Android with TouchDown 1 Table
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationCompliance & SAP Security. Secure SAP applications based on state-of-the-art user & system concepts. Driving value with IT
Compliance & SAP Security Secure SAP applications based on state-of-the-art user & system concepts Driving value with IT BO Access Control Authorization Workflow Central User Management Encryption Data
More informationAdministration Guide BES12. Version 12.3
Administration Guide BES12 Version 12.3 Published: 2015-10-30 SWD-20151028105551254 Contents Introduction... 11 About this guide...12 How to use this guide... 13 Steps to administer BES12... 13 Examples
More informationRemote Connectivity Infrastructure
Remote Connectivity Infrastructure SAP Active Global Support & Maintenance Go-to-Market November 2014 Public Remote Connectivity Infrastructure Table of Contents Introduction General Architecture SAProuter
More informationUser Manual for Web. Help Desk Authority 9.0
User Manual for Web Help Desk Authority 9.0 2011ScriptLogic Corporation ALL RIGHTS RESERVED. ScriptLogic, the ScriptLogic logo and Point,Click,Done! are trademarks and registered trademarks of ScriptLogic
More informationALM 271 From End-User Experience Monitoring to Management Dashboards and Reporting Stefan Lahr, SAP Active Global Support September, 2011
ALM 271 From End-User Experience Monitoring to Management Dashboards and Reporting Stefan Lahr, SAP Active Global Support September, 2011 Disclaimer This presentation outlines our general product direction
More informationNMS300 Network Management System
NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate
More informationDiskBoss. File & Disk Manager. Version 2.0. Dec 2011. Flexense Ltd. www.flexense.com info@flexense.com. File Integrity Monitor
DiskBoss File & Disk Manager File Integrity Monitor Version 2.0 Dec 2011 www.flexense.com info@flexense.com 1 Product Overview DiskBoss is an automated, rule-based file and disk manager allowing one to
More informationKaseya 2. Quick Start Guide. for Network Monitor 4.1
Kaseya 2 VMware Performance Monitor Quick Start Guide for Network Monitor 4.1 June 7, 2012 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private
More informationSAP Standard for Security
SAP Standard for E2E Solution Operations Document Version: 1.0 2014-12-12 SAP Solution Manager 7.1 Typographic Conventions Type Style Example Description Words or characters quoted from the screen. These
More informationGlobalnest SAP Technical Services
GLOBALNEST SAP TECHNICAL SERVICES GLOBALNEST TECHNICAL SERVICES: 1. SAP BASIS SERVICES. 2. SAP SOLUTION MANAGER SERVICES. 3. SAP ABAP SERVICES. WHY GLOBALNEST? KEY BENEFITS: No need to hire, train or retain
More informationKaseya 2. Quick Start Guide. for Network Monitor 4.1
Kaseya 2 Syslog Monitor Quick Start Guide for Network Monitor 4.1 June 5, 2012 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector
More informationCorreLog Agent For SAP SAP Audit Log Monitor Interface
orrelog CorreLog Agent For SAP SAP Audit Log Monitor Interface This application note describes how to install configure the CorreLog to accept and format SAP audit files. The information herein supplements
More informationSession 1604 Interactive Discussion Forum with ASUG Solution Manager SIG Leadership: Capitalizing on SAP Solution Manager for your business and IT
Session 1604 Interactive Discussion Forum with ASUG Solution Manager SIG Leadership: Capitalizing on SAP Solution Manager for your business and IT initiatives Disclaimer This presentation outlines our
More informationSystem Administration Training Guide. S100 Installation and Site Management
System Administration Training Guide S100 Installation and Site Management Table of contents System Requirements for Acumatica ERP 4.2... 5 Learning Objects:... 5 Web Browser... 5 Server Software... 5
More informationKaseya 2. User Guide. for Network Monitor 4.1
Kaseya 2 Ping Monitor User Guide for Network Monitor 4.1 June 5, 2012 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations.
More informationGO!Enterprise MDM Device Application User Guide Installation and Configuration for Android
GO!Enterprise MDM Device Application User Guide Installation and Configuration for Android GO!Enterprise MDM for Android, Version 3.x GO!Enterprise MDM for Android 1 Table of Contents GO!Enterprise MDM
More informationAdministrators Help Manual
Administrators Help Manual Lepide Active Directory Self Service Lepide Software Private Limited Page 1 Administrators Help Manual for Active Directory Self-Service Lepide Active Directory Self Service
More informationSysPatrol - Server Security Monitor
SysPatrol Server Security Monitor User Manual Version 2.2 Sep 2013 www.flexense.com www.syspatrol.com 1 Product Overview SysPatrol is a server security monitoring solution allowing one to monitor one or
More informationAndroid App User Guide
www.novell.com/documentation Android App User Guide ZENworks Mobile Management 2.7.x August 2013 Legal Notices Novell, Inc., makes no representations or warranties with respect to the contents or use of
More informationLANDesk Server Manager. Single Console Multi-Vendor Management Solution
LANDesk Server Manager Single Console Multi-Vendor Management Solution LANDesk Server Manager Single Console Multi-Vendor Management Solution Challenge Data center infrastructure is increasing in size
More informationAltiris IT Analytics Solution 7.1 SP1 from Symantec User Guide
Altiris IT Analytics Solution 7.1 SP1 from Symantec User Guide Altiris IT Analytics Solution 7.1 from Symantec User Guide The software described in this book is furnished under a license agreement and
More information2 Performance Indicators for BWP
Analysis from 19.09.2011 Until 25.09.2011 Report: BWP Installation: 0020188132 Session: 1000000002826 EarlyWatch Alert - Productive 1 Service Summary During the EarlyWatch Alert Service, we did not detect
More informationLAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL. for INFORMATION RESOURCES
LAMAR STATE COLLEGE - ORANGE INFORMATION RESOURCES SECURITY MANUAL for INFORMATION RESOURCES Updated: June 2007 Information Resources Security Manual 1. Purpose of Security Manual 2. Audience 3. Acceptable
More informationKaseya 2. Installation guide. Version 7.0. English
Kaseya 2 Kaseya Server Setup Installation guide Version 7.0 English September 4, 2014 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept
More informationTenable Network Security Support Portal. January 12, 2015 (Revision 14)
Tenable Network Security Support Portal January 12, 2015 (Revision 14) Table of Contents Introduction... 3 Activate Tenable Support Portal... 3 Locate Your Customer ID... 6 Manage Your Activation Codes...
More informationNessus Enterprise Cloud User Guide. October 2, 2014 (Revision 9)
Nessus Enterprise Cloud User Guide October 2, 2014 (Revision 9) Table of Contents Introduction... 3 Nessus Enterprise Cloud... 3 Subscription and Activation... 3 Multi Scanner Support... 4 Customer Scanning
More informationHP Service Manager. Software Version: 9.40 For the supported Windows and Linux operating systems. Processes and Best Practices Guide (Codeless Mode)
HP Service Manager Software Version: 9.40 For the supported Windows and Linux operating systems Processes and Best Practices Guide (Codeless Mode) Document Release Date: December, 2014 Software Release
More information4. Getting started: Performing an audit
4. Getting started: Performing an audit Introduction Security scans enable systems administrators to identify and assess possible risks within a network. Through GFI LANguard N.S.S. this is performed automatically,
More informationHow-To Guide Manual Testing with SAP Solution Manager
SAP Solution Manager How-To Guide Manual Testing with SAP Solution Manager Applicable Releases: Solution Manager 7.0 EHP1 and above Target groups: Test Engineers, Quality Experts, Technology Consultants,
More informationIT Service Management in SAP Solution Manager
Nathan Williams IT Service Management in SAP Solution Manager Bonn Boston Contents at a Glance PART I Introduction 1 An Overview of IT Service Management... 29 2 User Interfaces for SAP ITSM Functions
More informationHow to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On
How to Implement the X.509 Certificate Based Single Sign-On Solution with SAP Netweaver Single Sign-On How to implement the X.509 certificate based Single Sign-On solution from SAP Page 2 of 34 How to
More informationUsing Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4
WHITEPAPER Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4 An in-depth look at Payment Card Industry Data Security Standard Requirements 10, 11,
More informationWorkflow Templates Library
Workflow s Library Table of Contents Intro... 2 Active Directory... 3 Application... 5 Cisco... 7 Database... 8 Excel Automation... 9 Files and Folders... 10 FTP Tasks... 13 Incident Management... 14 Security
More informationWatchDox Administrator's Guide. Application Version 3.7.5
Application Version 3.7.5 Confidentiality This document contains confidential material that is proprietary WatchDox. The information and ideas herein may not be disclosed to any unauthorized individuals
More informationvcenter Support Assistant User's Guide
vcenter Support Assistant 5.5 This document supports the version of each product listed and supports all subsequent versions until the document is replaced by a new edition. To check for more recent editions
More informationIntegrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal
Integrating Autotask Service Desk Ticketing with the Cisco OnPlus Portal This Application Note provides instructions for configuring Apps settings on the Cisco OnPlus Portal and Autotask application settings
More informationVirto Password Reset Web Part for SharePoint. Release 3.1.0. Installation and User Guide
Virto Password Reset Web Part for SharePoint Release 3.1.0 Installation and User Guide 2 Table of Contents OVERVIEW... 3 SYSTEM REQUIREMENTS... 3 OPERATING SYSTEM... 3 SERVER... 3 BROWSER... 4 INSTALLATION...
More informationProviding Patch Management With N-central. Version 7.1
Providing Patch Management With N-central Version 7.1 Contents Patch Management 3 Introduction 3 Monitoring for Missing Patches 3 Setting up Patch Management in N-central 4 Adding a WSUS Server to N-central
More informationHP IMC Firewall Manager
HP IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW102-20120420 Legal and notice information Copyright 2012 Hewlett-Packard Development Company, L.P. No part of this
More informationVtiger CRM Outlook Plugin Documentation
Vtiger CRM Outlook Plugin Documentation Outlook Plugin Version 1.0.04 Different Solutions GmbH support@different-solutions.com http://www.different-solutions.com Support Forum: http://forum.vtiger.de Date:
More informationSAP Netweaver Application Server and Netweaver Portal Security
VU University Amsterdam SAP Netweaver Application Server and Netweaver Portal Security Author: Nick Kirtley Supervisors: Abbas Shahim, Frank Hakkennes Date: 28-09-2012 Organization: VU University Amsterdam,
More informationIntegrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal
Integrating ConnectWise Service Desk Ticketing with the Cisco OnPlus Portal This Application Note explains how to configure ConnectWise PSA (Professional Service Automation) application settings and Cisco
More informationOperational Analytics for APO, powered by SAP HANA. Eric Simonson Solution Management SAP Labs eric.simonson@sap.com
Operational Analytics for APO, powered by SAP HANA Eric Simonson Solution Management SAP Labs eric.simonson@sap.com Solution Overview Data Replication Solution in Detail Demand Solution in Detail Supply
More informationBusiness User driven Scorecards to measure Data Quality using SAP BusinessObjects Information Steward
September 10-13, 2012 Orlando, Florida Business User driven Scorecards to measure Data Quality using SAP BusinessObjects Information Steward Asif Pradhan Learning Points SAP BusinessObjects Information
More informationJunos Pulse for Google Android
Junos Pulse for Google Android User Guide Release 4.0 October 2012 R1 Copyright 2012, Juniper Networks, Inc. Juniper Networks, Junos, Steel-Belted Radius, NetScreen, and ScreenOS are registered trademarks
More informationOperating Manual QUESTOR
QUESTOR AS 273 Management Software Document: KSW3s527.0004 / en 2010.08 Edition: August 2010 QUESTOR TABLE OF CONTENT 1 Product description EN-4 1.1 Purpose... EN-4 1.2 System components... EN-4 1.2.1
More informationUser Guide for VMware Adapter for SAP LVM VERSION 1.2
User Guide for VMware Adapter for SAP LVM VERSION 1.2 Table of Contents Introduction to VMware Adapter for SAP LVM... 3 Product Description... 3 Executive Summary... 3 Target Audience... 3 Prerequisites...
More informationRun SAP Like a Factory
2013 SAPSA Run SAP Like a Factory Timo Rajamäki, SAP Active Global Support Nordic November 2013 Agenda What is Run SAP Like a Factory OCC Operation Control Center Application Operations Business Process
More informationEnterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid clouds.
ENTERPRISE MONITORING & LIFECYCLE MANAGEMENT Unify IT Operations Enterprise IT is complex. Today, IT infrastructure spans the physical, the virtual and applications, and crosses public, private and hybrid
More informationWindows Operating Systems. Basic Security
Windows Operating Systems Basic Security Objectives Explain Windows Operating System (OS) common configurations Recognize OS related threats Apply major steps in securing the OS Windows Operating System
More informationTable of Contents INTRODUCTION... 2 HOME PAGE... 3. Announcements... 7 Personalize & Change Password... 8 Reminders... 9 SERVICE CATALOG...
Table of Contents INTRODUCTION... 2 HOME PAGE... 3 Announcements... 7 Personalize & Change Password... 8 Reminders... 9 SERVICE CATALOG... 11 Raising a Service Request... 12 Edit the Service Request...
More informationData Consistency Management Overview January 2014. Customer
Data Consistency Management Overview January 2014 Customer Agenda Motivation SAP Solution Manager as Tool for Data Consistency Management Transactional Correctness (TC) Guided Self Service Data Consistency
More informationHP A-IMC Firewall Manager
HP A-IMC Firewall Manager Configuration Guide Part number: 5998-2267 Document version: 6PW101-20110805 Legal and notice information Copyright 2011 Hewlett-Packard Development Company, L.P. No part of this
More informationCathay Business Online Banking
Cathay Business Online Banking A QUICK GUIDE TO CATHAY BUSINESS ONLINE BANKING R6119 CATHAY 8_5x11 Cover V2.indd 1 6/11/13 5:50 PM Welcome Welcome to Cathay Business Online Banking (formerly known as Cathay
More informationMonitoring and Management of Landscapes with SAP NetWeaver Administrator. Dieter Krieger, SAP AG
Monitoring and Management of Landscapes with SAP NetWeaver Administrator Dieter Krieger, SAP AG Overview of SAP NetWeaver Administrator Setting up SAP NetWeaver Administrator Using SAP NetWeaver Administrator
More informationMultiSite Manager. User Guide
MultiSite Manager User Guide Contents 1. Getting Started... 2 Opening the MultiSite Manager... 2 Navigating MultiSite Manager... 2 2. The All Sites tabs... 3 All Sites... 3 Reports... 4 Licenses... 5 3.
More informationSAP R/3 Security Assessment Framework
NII CONSULTING SAP R/3 Security Assessment Framework Version 1.0 N E T W O R K I N T E L L I G E N C E (IN D I A ) P VT. L TD. Contents Objective... 3 Methodology... 4 Phase 1: User Authentication... 4
More informationITM204 Post-Copy Automation for SAP NetWeaver Business Warehouse System Landscapes. October 2013
ITM204 Post-Copy Automation for SAP NetWeaver Business Warehouse System Landscapes October 2013 Disclaimer This presentation outlines our general product direction and should not be relied on in making
More informationSystem Monitoring Quick Overview. Product Management SAP AG
System Monitoring Quick Overview Product Management SAP AG Agenda Overview The Challenge of Monitoring A Landscape System Monitoring with SAP Solution Manager Summary Further Information SAP 2009 / Page
More informationEM12c Monitoring Best Practices
EM12c Monitoring Best Practices Author: Rob Zoeteweij Date: 13 October 2012 http://oemgc.wordpress.com Some weeks ago I posted an article on my blog after attending Ana McCollum s presentation Beyond the
More informationAD Self-Service Suite for Active Directory
The Dot Net Factory AD Self-Service Suite for Active Directory Version 3.6 The Dot Net Factory, LLC. 2005-2011. All rights reserved. This guide contains proprietary information, which is protected by copyright.
More informationConfiguration and Utilization of the OLAP Cache to Improve the Query Response Time
Configuration and Utilization of the OLAP Cache to Improve the Query Response Time Applies to: SAP NetWeaver BW 7.0 Summary This paper outlines the steps to improve the Query response time by using the
More informationCRM for Business Intelligence
CRM for Business Intelligence Real-time visibility into your business Strategise effectively and make informed business decisions with timely, accurate insight into your organisation. Maximizer CRM 2015
More information