How to Secure and Monitor Your SAP Systems from Cyber Threats without Third-Party Software

  • by Aman Dhillon, SAP Security Architect, Layer Seven Security
  • August 12, 2014
Aman Dhillon explains how to secure your SAP systems from cyber attacks using SAP Configuration Validation.
Learning Objectives

By reading this article you will learn how to:

  • Protect your SAP systems against cyber threats by leveraging diagnostics tools available in SAP Solution Manager without having to license third-party solutions. These tools include Change Analysis, End-to-End (E2E) Alerting, Management Dashboards, and, most importantly, Configuration Validation.
  • Schedule regular automated scans of managed systems to detect security vulnerabilities
  • Review metrics for changes in managed systems
  • Configure alerts for critical security events
  • Continuously monitor systems in near real-time to detect potential cyber threats


Key Concept

Configuration Validation (CV) is a standard diagnostics tool available in SAP Solution Manager 7.0 and up. It enables companies to perform vulnerability checks to detect and remove security weaknesses in SAP systems. This includes vulnerabilities in areas such as security-relevant profile parameters, default Internet Communication Framework (ICF) services, password policies, Remote Function Call (RFC) destinations, and missing security notes in managed systems.

You’ve read the data sheets for third-party security tools targeted at SAP systems. You’ve listened to the sales spin. You’ve even seen the demo. But before you fire off the PO, ask yourself one question: Is there an alternative?

Starting in 2014, the answer is yes. The trigger for this change has been the rapid evolution of standard SAP components capable of detecting misconfigurations that lead to potential security risks. The most important of these components is Configuration Validation (CV), packaged in SAP Solution Manager 7.0 and above and delivered with standard license agreements (Figure 1).

Aman Dhillon

Aman Dhillon is an SAP security architect at Layer Seven Security (www.layersevensecurity.com). Layer Seven Security serves customers worldwide to secure SAP systems from cyber threats and unlock the potential of Solution Manager for security monitoring. The company is headquartered in Toronto and is an SAP Services Partner.

See more by this author


Comments

No comments have been submitted on this article. 


Please log in to post a comment.

To learn more about subscription access to premium content, click here.