Monitoring of systems
Information technology plays an even more important role in the age of digitalisation. Innovation without IT is unimaginable. But it is not just technology itself, but also how it is delivered that matters. The SAP basis sees itself as a partner and contact for new SAP technologies. Further details on the recommendation can be found in the Master's thesis in chapters 7.5 and 9.3.
New risks in SAP HANA: In addition to the known risks, there are also new risks from the use of SAP HANA. A very good example are frequently used web applications that represent something new in the SAP area. In contrast to an SAP ERP system, HANA systems consist mainly of web applications, which were considered optional in the previous versions. These web applications can be found by various search engines on the Internet. This also applies to SAP Portal or Netweaver. There are URL schemes that help locate the system. This also applies to other SAP systems that use Web applications. This makes the new technology vulnerable to typical web attacks. SQL Injection, ABAP Code Injection, or XSS are all included. All risks known for a normal SAP system also apply to a SAP-HANA system. The data is stored unencrypted in RAM. Only then does the system gain this speed advantage. This results in risks such as a read-out by memory scraping malware. These pick up data in memory. Encryption costs performance, so it is not used by default. Especially during a migration HANA runs in a parallel system, therefore at least one new system comes to your landscape. Also note: HANA has its own tools and settings that need to be known and configured. The bottom line is that the system simply needs more attention when operating. Many settings often result in more errors. Three - points - HANA Security Plan 1) Roles and permissions In a previous SAP system, roles and permissions are certainly one of the main pillars of a secure system. Roles and permissions work differently in a HANA system. There are two types of users: 1) Default (limited): With this type of user, there are different access methods to the database. For example, the JDBC or HTTP technologies are used to give two examples.
Recording of errors
The presentation layer is used to visualize the applications and data for the user. The presentation is done with the help of a graphical user interface (GUI). Furthermore, the presentation view consists of several modules, which are also summarized as SAP GUI. SAP Fiori is the presentation layer of the next generation and is therefore particularly user-friendly.
The results of the tests can be documented so that the development can be considered over a period of time. This way, you will be aware of the revision and of the relevant issues before the examination.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
As a result, installation costs will no longer run into the tens of thousands and migrations and upgrades will no longer consume millions.
Have you already experienced CMC tab configuration or have questions about the application? I welcome any suggestions you may make as a comment.