Security management, system audits, hardening and monitoring
Prerequisites
The database layer is used to store all company data and consists of the database management system (DBMS) and the data itself. In every NetWeaver system there is a database server on which the SAP database is located. It provides all other applications with the necessary data. The data is not only data tables, but also applications, system control tables and user data. All basic components ensure that the user has fast and reliable access to this data.
The integration of the SAP basis enables solutions to be introduced faster and better integrated into the existing system landscape. This is partly because the solutions are already known in advance and the necessary knowledge exists or is already planned. This will make it easier to implement the roadmap. It should also be noted that a clear strategy on digitisation and also on cloud products in general, as well as their possible uses, sets out a framework for action that all parties can follow. The participants thus know where the company wants to develop or orientate itself, what is possible and what is not possible or permitted. Thus, both companies and the parties have a valid point of reference at all times. This also leads to an increased acceptance within the SAP basis and a more practical implementation for the SAP basis, as the mentioned expertise is already present in the strategy. As a result, this makes it easier and cheaper to ensure operation in a manageable system landscape.
SAP Basis is the foundation of any SAP system. You can find a lot of useful information about it on this page: www.sap-corner.de.
Restore systems + DB
So-called Access Control Lists (ACL) offer a good possibility to secure your gateway in order to exclude unwanted external accesses to the database of the application server. With the help of the ACL files reginfo and secinfo an access control can be implemented, in which allowed as well as forbidden communication partners can be defined. The reginfo file controls the registration of external programs on the gateway, which means that rules can be defined that allow or prohibit programs. With the help of the file secinfo you can define which users are allowed to start an external program. To be able to use these files, you must set the parameters gw/reg_info and gw/sec_info (transaction RZ11). For more information, refer to SAP Note 1408081.
Administrators often need to replicate part or all of a database, for example, to create a system backup or test an upgrade before putting it into production. In the past, this was surprisingly difficult to do with most databases. With HANA, replication works instantly and offers richer features and better control than previous databases.
Use "Shortcut for SAP Systems" to accomplish many tasks in the SAP basis more easily and quickly.
The underlying information can be found in the master thesis in chapters 7.4 and 9.2.
So much information... how can you keep it so that you can find it again when you need it? That's what Scribble Papers is great for.
In addition, the object S_TCODE and the transactions to be searched for are filtered.