- ホーム
- > 洋書
- > 英文書
- > Computer / General
Full Description
If you're a Basis administrator looking to keep your SAP system under lock and key, this is the book for you. Discover information on security-relevant issues, from identity and access management to network and backend security. Then get the technical know-how to identify vulnerabilities and defend your system from internal and external threats. Secure your SAP system from the ground up. Highlights include: Password security, CommonCryptoLib, Single sign-on (SSO), Authorizations, Transport security, Audit logging, Patching, Client locking, RFC security, Operating system and database security. With this book, you will be able to: Configure application, network, and infrastructure security. Set up identity and access management: roles, authorizations, SSO. Prepare for audits and learn to maintain your security setup long-term.
Contents
Preface
Target Audience
System Administration: A Vast Field of Options
What Is Basis?
Structure of This Book
Introduction
Potential Threats
The Onion Concept
Risk and True Cost of Security
The Administrator's Role in Security
Summary
Configuring Profiles and Parameters
Understanding System Parameters
System Profiles
Profile and Parameter Structure
Static and Dynamic Parameters
Viewing and Setting Parameters
Key Security-Related Parameters
Controlling Access to Change Parameters
Summary
Restricting Transactional Access
Clients
Who Should Be Able to Lock and Unlock Transactions?
Which Transactions to Lock
Locking Transactions
Viewing Locked Transactions
Summary
Securing Clients
Client Settings
Client Logon Locking
Summary
Securing the Kernel
Understanding the Kernel
Common Cryptographic Library
Kernel Update
Summary
Managing Users
What Is a User ID in SAP?
Different User Types
The User Buffer
Creating and Maintaining a User
Copy a User
Change Documents for Users
Mass User Changes with Transaction SU10
User Naming Convention
Security Policies
Maintain User Groups
Central User Administration
User Lock Status
User Classification
User-Related Tables
Securing Default Accounts
User Access Reviews
Inactive Users
Password and Logon Security
Segregation of Duties
Summary
Configuring Authorizations
Authorization Fundamentals
SAP Role Design Concepts
The Profile Generator
Assign and Remove Roles
Lock and Unlock Transactions
Transaction SUIM: User Information System
Role Transport
Common Standard Profiles
Types of Transactions
Table Authorizations
Printer Authorizations
Other Important Authorization Objects
Transaction SACF: Switchable Authorizations
Customizing Entries in Tables PRGN_CUST and SSM_CUST
Mass Maintenance of Values within Roles
Upgrading to a New Release
ABAP Debugger
Authorization Redesign and Cleanup
Introduction to SAP GRC Access Control
Summary
Authentication
What Is Single Sign-On?
Single Sign-On Technologies
SAP GUI Single Sign-On Setup
SAML
Summary
Patching
Patching Concepts: SAP's Approach to Patching
Application of Security SAP Notes
Implications of Upgrades and Support Packages
Evaluating Security with SAP Solution Manager
Summary
Securing Transports
Transport System Concepts
Transport Authorizations
Operating System-Level Considerations
Landscape Considerations
Summary
Auditing and Logging
External Audits
Internal Audits
Auditing Tools
Summary
Securing Network Communications
Choosing a Network Security Strategy
Securing Using Access Controls
Securing the Transport Layer
Connecting to the Internet and Other Networks
Summary
Configuring Encryption
Introduction to Cryptography
Enabling SSL/TLS
The Internet Connection Manager
SAP Web Dispatcher
Summary
Database Security
Platform-Independent Database Considerations
Securing the Database Connection
Logging and Encrypting Your Database
Summary
Infrastructure Security
Business Secure Cell Concept
Secure Landscape
Policy
Operating System Considerations
Monitoring
Virtualization Security Considerations
Network Security Considerations
Physical Security
Summary
The Authors
Index
