Show TOC

Background documentationServices for Security Lifecycle Management

 

The following services are available from Active Global Support to assist you in maintaining security in your SAP systems on an ongoing basis.

Security Chapter in the EarlyWatch Alert (EWA) Report

This service regularly monitors the Security chapter in the EarlyWatch Alert report of your system. It provides the following information:

  • Whether SAP Security Notes have been identified as missing on your system

    Analyze and implement the identified SAP Notes if possible. If you cannot implement the SAP Notes, the report should be able to help you decide on how to handle the individual cases.

  • Whether an accumulation of critical SAP NetWeaver authorizations has been identified

    Verify whether the accumulation of critical SAP NetWeaver authorizations is OK for your system. If not, correct the situation. If you consider the situation OK, check for any significant changes compared to previous EWA reports.

  • Whether standard users with default passwords have been identified on your system

    Change the corresponding passwords to nondefault values.

Security Optimization Service (SOS)

Use the Security Optimization Service for a more thorough security analysis of your system, including the following:

  • Critical authorizations in detail

  • Security-relevant configuration parameters

  • Critical users

  • Missing security patches

This service is available as a self-service within SAP Solution Manager, as a remote service, or as an on-site service.

Recommendation Recommendation

We recommend that you use the service regularly (for example, once a year) and in particular after significant system changes or in preparation for a system audit.

End of the recommendation.
Security Configuration Validation

Use Security Configuration Validation to monitor a system landscape continuously for compliance with predefined settings, for example, from your company-specific SAP security policy. This service primarily covers configuration parameters, but it also covers critical security properties like the existence of a nontrivial Gateway configuration or making sure that standard users do not have default passwords.

Security in the Run SAP Methodology / Secure Operations Standard

With the E2E Solution Operations Standard Security service, a best-practice recommendation is available on how to operate SAP systems and landscapes in a secure manner. It guides you through the most important security operation areas and links to detailed security information from SAP’s knowledge base wherever appropriate.

More Information

Services of Active Global Support

Topic

See

EarlyWatch Alert

http://service.sap.com/ewaInformation published on non-SAP site

Security Optimization Service / Security Notes Report

http://service.sap.com/sosInformation published on non-SAP site

Comprehensive list of Security Notes

https://service.sap.com/securitynotesInformation published on non-SAP site

Configuration Validation

https://service.sap.com/changecontrolInformation published on non-SAP site

Run SAP Roadmap, including the Security and the Secure Operations Standard

https://service.sap.com/runsapInformation published on non-SAP site

(See the Run SAP chapters 2.6.3, 3.6.3 and 5.6.3)