Application of support patches, upgrades and installation of add-ons
Default Scenario
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
If you have modified SAP objects, you have to match these objects during playback. The transaction SPDD matches Dictionary objects, and the transaction SPAU Repository objects. Prerequisites SPAM prompts you for modification matching. How to Stop Inserting the Support Package (F12). SPAM will resume processing at RUN_SPDD or RUN_SPAU steps. To enable your developers to perform the modification synchronisation, create an order in the Transport Organiser [Extern] and under this task for the developers. Ask developers to perform the modification matching for their objects. Synchronisation of Dictionary Objects (SPDD): The developers can view the list of affected objects with the addition of Synchronise Modifications in the input image of the transaction SPAM. Synchronisation of Repository Objects (SPAU): Developers must call the transaction SPAU and then match it. Once the match is complete, developers must share the tasks and inform you. The comparison can be done in any client. Call SPAM. Select Insert Support Package Queue. You will be prompted again to perform the modification sync. Since it has already been completed, ignore the hint and select Next. SPAM completes the processing and returns the status.
RECOMMENDATIONS
Ten years ago, there wasn't much more for SAP Basis experts than SAP Solution Manager. And most Basis administrators only used it at all because SAP virtually forced them to use SolMan to download updates.
These cloud resources are integrated with existing on-premises resources and deployments on Amazon Web Services, Microsoft Azure and Google Cloud Platform. The result is a branching web of connections that, in its entirety, creates the Enterprise Hybrid Cloud.
Some missing SAP basic functions in the standard are supplied by the PC application "Shortcut for SAP Systems".
The fundamental question that should arise immediately after the decision to do so is whether the company creates the content itself or whether it relies on the content from external sources.
Nowadays, the base is known as Netweaver.