Introduction 
This guide should not be regarded as a
substitute for a daily operational manual as recommended by SAP.
Target Group
· Technology consultants
· System administrators
The information contained in this document is not contained in the installation and configuration guides or the technical manuals and upgrade guides of the components cited below. Such guides are only relevant for a certain phase of the software life cycle, whereas security guides provide information that is relevant for all life cycle phases.
Why Is Security Necessary?
With the increasing use of distributed systems and the Internet for managing business data, greater emphasis is being placed on the need for security. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation of your system must not result in loss of information or processing time. These security requirements apply equally to SAP ERP Central Component. This document is designed to help you make SAP ERP Central Component secure.
About this Document
The security guides give you an overview of the information for secure operation of SAP ERP Central Component. SAP ERP Central Component covers the core components Accounting, Logistics, and Human Resources and other components used across these core components. This guide cross-references information in existing security guides where available, or other relevant documentation where security aspects are discussed.
As SAP ERP Central Component is based on and uses SAP NetWeaver technology, it is essential you consult the SAP NetWeaver security guide: see SAP Help Portal at help.sap.com ® Documentation ® SAP NetWeaver ® Release/Language ® SAP NetWeaver ® Security ® SAP NetWeaver Security Guide.
To view all of the security guides published by SAP, see SAP Service Marketplace at service.sap.com/securityguide.
Overview of the Main Sections
The security guide comprises the following main sections:
·
Before You
Start
This section contains information about why security is necessary, how to use
this document, and references to other security guides that are a basis for
this security guide.
·
Technical System
Landscape
This section is an overview of the technical components and communication
paths used by SAP ERP Central Component.
·
User Management and
Authentication
This section provides an overview of the following user management and
authentication aspects:
¡ Recommended tools for user management.
¡ Required user types for SAP ERP Central Component
¡ Standard users delivered with SAP ERP Central Component
¡ Overview of the user synchronization strategy, if several components or products are integrated
¡ Overview of integration options in single sign-on environments
·
Authorizations
This section provides an overview of the authorization concept that is
applicable to SAP ERP Central
Component.
·
Network and Communication
Security
This section provides an overview of the communication paths used by SAP ERP Central Component and the security mechanisms
to be used. It also includes our recommendations for the network topology to
restrict access at the network level.
·
Data Storage
Security
This section provides an overview of the critical data used by SAP ERP Central Component, and also the security mechanisms
to be used.
·
Security for Third-Party or
Additional Applications
This
section provides security information that applies to third-party or
additional applications that are used together with SAP
ERP Central Component.
·
Trace and Log
Files
This section provides an overview of the trace and log files that contain
security-relevant information and that enable you to reproduce activities
where, for example, there has been a breach of security.
·
Appendix
This section provides references to secondary sources of
information.