Patches
Provision resources in minutes instead of weeks
In addition to the database, the SAP system itself is installed. This installation is planned using a tool from SAP, the "Maintenance Planner", and then carried out using the SWPM (Software Provisioning Manager) and SUM (Software Update Manager) tools.
Job scheduling: your system needs to run various automatic background jobs that consume resources. Your administrator must carefully schedule these tasks when user demand is low so they don't impact performance.
Use digitally signed SAP hints by installing Note 2408073
The default permissions to open and use a launchpad are the SAP_UI2_USER_700. The role for the administration is SAP_UI2_ADMIN_700. In the administration interface, the launchpad can be customised, so this permission should only be released to a few users for administration.
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
"Shortcut for SAP Systems" makes many tasks in the area of the SAP basis much easier.
One particularly effective way to protect against this are so-called Access Control Lists (ACL).
The website www.sap-corner.de offers many useful information about SAP basis.
Examples include the use of cloud services or applications in the IoT and big data environment.