- Gebundenes Buch
- Merkliste
- Auf die Merkliste
- Bewerten Bewerten
- Teilen
- Produkt teilen
- Produkterinnerung
- Produkterinnerung
If you're a Basis administrator looking to keep your SAP system under lock and key, this is the book for you! Discover information on security-relevant issues, from identity and access management to network and backend security. Get the technical know-how to identify vulnerabilities, defend your system from internal and external threats, and pass audits. Secure your SAP system from the ground up!
Highlights include: Password security CommonCryptoLib Single sign-on (SSO) Authorizations Transport security Audit logging Patching Client locking RFC security Operating system and database…mehr
If you're a Basis administrator looking to keep your SAP system under lock and key, this is the book for you! Discover information on security-relevant issues, from identity and access management to network and backend security. Get the technical know-how to identify vulnerabilities, defend your system from internal and external threats, and pass audits. Secure your SAP system from the ground up!
Highlights include:
Password security
CommonCryptoLib
Single sign-on (SSO)
Authorizations
Transport security
Audit logging
Patching
Client locking
RFC security
Operating system and database security
Highlights:
Password securityCommonCryptoLibSingle sign-on (SSO)AuthorizationsTransport securityAudit loggingPatchingClient lockingRFC securityOperating system and database security
Highlights include:
Password security
CommonCryptoLib
Single sign-on (SSO)
Authorizations
Transport security
Audit logging
Patching
Client locking
RFC security
Operating system and database security
Highlights:
Password securityCommonCryptoLibSingle sign-on (SSO)AuthorizationsTransport securityAudit loggingPatchingClient lockingRFC securityOperating system and database security
Produktdetails
- Produktdetails
- SAP PRESS Englisch
- Verlag: Rheinwerk Verlag / SAP PRESS
- Artikelnr. des Verlages: 459/21481
- Seitenzahl: 574
- Erscheinungstermin: Oktober 2018
- Englisch
- Abmessung: 236mm x 184mm x 41mm
- Gewicht: 1187g
- ISBN-13: 9781493214815
- ISBN-10: 1493214810
- Artikelnr.: 52335516
- SAP PRESS Englisch
- Verlag: Rheinwerk Verlag / SAP PRESS
- Artikelnr. des Verlages: 459/21481
- Seitenzahl: 574
- Erscheinungstermin: Oktober 2018
- Englisch
- Abmessung: 236mm x 184mm x 41mm
- Gewicht: 1187g
- ISBN-13: 9781493214815
- ISBN-10: 1493214810
- Artikelnr.: 52335516
Joe Markgraf is a senior cloud architect and advisor for SAP HANA Enterprise Cloud at SAP. Before joining SAP he worked as a Basis and security administrator, contributing to both small- and large-scale SAP system implementations. He holds a business degree with a focus on information system management from Oregon State University. He enjoys playing vintage video games and shooting sports with his family in Washington State.
... Preface ... 19
... Target Audience ... 19
... System Administration: A Vast Field of Options ... 20
... What Is Basis? ... 21
... Structure of This Book ... 23
1 ... Introduction ... 25
1.1 ... Potential Threats ... 26
1.2 ... The Onion Concept ... 34
1.3 ... Risk and True Cost of Security ... 37
1.4 ... The Administrator's Role in Security ... 40
1.5 ... Summary ... 43
2 ... Configuring Profiles and Parameters ... 45
2.1 ... Understanding System Parameters ... 46
2.2 ... System Profiles ... 47
2.3 ... Profile and Parameter Structure ... 49
2.4 ... Static and Dynamic Parameters ... 53
2.5 ... Viewing and Setting Parameters ... 55
2.6 ... Key Security-Related Parameters ... 64
2.7 ... Controlling Access to Change Parameters ... 66
2.8 ... Summary ... 67
3 ... Restricting Transactional Access ... 69
3.1 ... Clients ... 71
3.2 ... Who Should Be Able to Lock and Unlock Transactions? ... 71
3.3 ... Which Transactions to Lock ... 71
3.4 ... Locking Transactions ... 73
3.5 ... Viewing Locked Transactions ... 76
3.6 ... Summary ... 78
4 ... Securing Clients ... 79
4.1 ... Client Settings ... 81
4.2 ... Client Logon Locking ... 89
4.3 ... Summary ... 92
5 ... Securing the Kernel ... 93
5.1 ... Understanding the Kernel ... 94
5.2 ... Common Cryptographic Library ... 102
5.3 ... Kernel Update ... 104
5.4 ... Summary ... 114
6 ... Managing Users ... 115
6.1 ... What Is a User ID in SAP? ... 115
6.2 ... Different User Types ... 115
6.3 ... The User Buffer ... 117
6.4 ... Creating and Maintaining a User ... 118
6.5 ... Copy a User ... 128
6.6 ... Change Documents for Users ... 129
6.7 ... Mass User Changes with Transaction SU10 ... 131
6.8 ... User Naming Convention ... 139
6.9 ... Security Policies ... 140
6.10 ... Maintain User Groups ... 145
6.11 ... Central User Administration ... 147
6.12 ... User Lock Status ... 151
6.13 ... User Classification ... 152
6.14 ... User-Related Tables ... 153
6.15 ... Securing Default Accounts ... 154
6.16 ... User Access Reviews ... 156
6.17 ... Inactive Users ... 157
6.18 ... Password and Logon Security ... 158
6.19 ... Segregation of Duties ... 163
6.20 ... Summary ... 165
7 ... Configuring Authorizations ... 167
7.1 ... Authorization Fundamentals ... 168
7.2 ... SAP Role Design Concepts ... 180
7.3 ... The Profile Generator ... 192
7.4 ... Assign and Remove Roles ... 219
7.5 ... Lock and Unlock Transactions ... 221
7.6 ... Transaction SUIM: User Information System ... 221
7.7 ... Role Transport ... 226
7.8 ... Common Standard Profiles ... 228
7.9 ... Types of Transactions ... 229
7.10 ... Table Authorizations ... 239
7.11 ... Printer Authorizations ... 249
7.12 ... Other Important Authorization Objects ... 249
7.13 ... Transaction SACF: Switchable Authorizations ... 253
7.14 ... Customizing Entries in Tables PRGN_CUST and SSM_CUST ... 255
7.15 ... Mass Maintenance of Values within Roles ... 257
7.16 ... Upgrading to a New Release ... 260
7.17 ... ABAP Debugger ... 267
7.18 ... Authorization Redesign and Cleanup ... 269
7.19 ... Introduction to SAP GRC Access Control ... 273
7.20 ... Summary ... 277
8 ... Authentication ... 279
8.1 ... What Is Single Sign-On? ... 279
8.2 ... Single Sign-On Technologies ... 284
8.3 ... SAP GUI Single Sign-On Setup ... 286
8.4 ... SAML ... 309
8.5 ... Summary ... 339
9 ... Patching ... 341
9.1 ... Patching Concepts: SAP's Approach to Patching ... 341
9.2 ... Application of Security SAP Notes ... 347
9.3 ... Implications of Upgrades and Support Packages ... 354
9.4 ... Evaluating Security with SAP Solution Manager ... 354
9.5 ... Summary ... 358
10 ... Securing Transports ... 359
10.1 ... Transport System Concepts ... 360
10.2 ... Transport Authorizations ... 373
10.3 ... Operating System-Level Considerations ... 376
10.4 ... Landscape Considerations ... 377
10.5 ... Summary ... 378
11 ... Auditing and Logging ... 379
11.1 ... External Audits ... 380
11.2 ... Internal Audits ... 381
11.3 ... Auditing Tools ... 382
11.4 ... Summary ... 409
12 ... Securing Network Communications ... 411
12.1 ... Choosing a Network Security Strategy ... 411
12.2 ... Securing Using Access Controls ... 412
12.3 ... Securing the Transport Layer ... 422
12.4 ... Connecting to the Internet and Other Networks ... 424
12.5 ... Summary ... 431
13 ... Configuring Encryption ... 433
13.1 ... Introduction to Cryptography ... 433
13.2 ... Enabling SSL/TLS ... 451
13.3 ... The Internet Connection Manager ... 468
13.4 ... SAP Web Dispatcher ... 481
13.5 ... Summary ... 487
14 ... Database Security ... 489
14.1 ... Platform-Independent Database Considerations ... 490
14.2 ... Securing the Database Connection ... 495
14.3 ... Logging and Encrypting Your Database ... 507
14.4 ... Summary ... 511
15 ... Infrastructure Security ... 513
15.1 ... Business Secure Cell Concept ... 514
15.2 ... Secure Landscape ... 515
15.3 ... Policy ... 519
15.4 ... Operating System Considerations ... 527
15.5 ... Monitoring ... 540
15.6 ... Virtualization Security Considerations ... 553
15.7 ... Network Security Considerations ... 555
15.8 ... Physical Security ... 560
15.9 ... Summary ... 561
1 ... The Authors ... 563
... Index ... 565
... Target Audience ... 19
... System Administration: A Vast Field of Options ... 20
... What Is Basis? ... 21
... Structure of This Book ... 23
1 ... Introduction ... 25
1.1 ... Potential Threats ... 26
1.2 ... The Onion Concept ... 34
1.3 ... Risk and True Cost of Security ... 37
1.4 ... The Administrator's Role in Security ... 40
1.5 ... Summary ... 43
2 ... Configuring Profiles and Parameters ... 45
2.1 ... Understanding System Parameters ... 46
2.2 ... System Profiles ... 47
2.3 ... Profile and Parameter Structure ... 49
2.4 ... Static and Dynamic Parameters ... 53
2.5 ... Viewing and Setting Parameters ... 55
2.6 ... Key Security-Related Parameters ... 64
2.7 ... Controlling Access to Change Parameters ... 66
2.8 ... Summary ... 67
3 ... Restricting Transactional Access ... 69
3.1 ... Clients ... 71
3.2 ... Who Should Be Able to Lock and Unlock Transactions? ... 71
3.3 ... Which Transactions to Lock ... 71
3.4 ... Locking Transactions ... 73
3.5 ... Viewing Locked Transactions ... 76
3.6 ... Summary ... 78
4 ... Securing Clients ... 79
4.1 ... Client Settings ... 81
4.2 ... Client Logon Locking ... 89
4.3 ... Summary ... 92
5 ... Securing the Kernel ... 93
5.1 ... Understanding the Kernel ... 94
5.2 ... Common Cryptographic Library ... 102
5.3 ... Kernel Update ... 104
5.4 ... Summary ... 114
6 ... Managing Users ... 115
6.1 ... What Is a User ID in SAP? ... 115
6.2 ... Different User Types ... 115
6.3 ... The User Buffer ... 117
6.4 ... Creating and Maintaining a User ... 118
6.5 ... Copy a User ... 128
6.6 ... Change Documents for Users ... 129
6.7 ... Mass User Changes with Transaction SU10 ... 131
6.8 ... User Naming Convention ... 139
6.9 ... Security Policies ... 140
6.10 ... Maintain User Groups ... 145
6.11 ... Central User Administration ... 147
6.12 ... User Lock Status ... 151
6.13 ... User Classification ... 152
6.14 ... User-Related Tables ... 153
6.15 ... Securing Default Accounts ... 154
6.16 ... User Access Reviews ... 156
6.17 ... Inactive Users ... 157
6.18 ... Password and Logon Security ... 158
6.19 ... Segregation of Duties ... 163
6.20 ... Summary ... 165
7 ... Configuring Authorizations ... 167
7.1 ... Authorization Fundamentals ... 168
7.2 ... SAP Role Design Concepts ... 180
7.3 ... The Profile Generator ... 192
7.4 ... Assign and Remove Roles ... 219
7.5 ... Lock and Unlock Transactions ... 221
7.6 ... Transaction SUIM: User Information System ... 221
7.7 ... Role Transport ... 226
7.8 ... Common Standard Profiles ... 228
7.9 ... Types of Transactions ... 229
7.10 ... Table Authorizations ... 239
7.11 ... Printer Authorizations ... 249
7.12 ... Other Important Authorization Objects ... 249
7.13 ... Transaction SACF: Switchable Authorizations ... 253
7.14 ... Customizing Entries in Tables PRGN_CUST and SSM_CUST ... 255
7.15 ... Mass Maintenance of Values within Roles ... 257
7.16 ... Upgrading to a New Release ... 260
7.17 ... ABAP Debugger ... 267
7.18 ... Authorization Redesign and Cleanup ... 269
7.19 ... Introduction to SAP GRC Access Control ... 273
7.20 ... Summary ... 277
8 ... Authentication ... 279
8.1 ... What Is Single Sign-On? ... 279
8.2 ... Single Sign-On Technologies ... 284
8.3 ... SAP GUI Single Sign-On Setup ... 286
8.4 ... SAML ... 309
8.5 ... Summary ... 339
9 ... Patching ... 341
9.1 ... Patching Concepts: SAP's Approach to Patching ... 341
9.2 ... Application of Security SAP Notes ... 347
9.3 ... Implications of Upgrades and Support Packages ... 354
9.4 ... Evaluating Security with SAP Solution Manager ... 354
9.5 ... Summary ... 358
10 ... Securing Transports ... 359
10.1 ... Transport System Concepts ... 360
10.2 ... Transport Authorizations ... 373
10.3 ... Operating System-Level Considerations ... 376
10.4 ... Landscape Considerations ... 377
10.5 ... Summary ... 378
11 ... Auditing and Logging ... 379
11.1 ... External Audits ... 380
11.2 ... Internal Audits ... 381
11.3 ... Auditing Tools ... 382
11.4 ... Summary ... 409
12 ... Securing Network Communications ... 411
12.1 ... Choosing a Network Security Strategy ... 411
12.2 ... Securing Using Access Controls ... 412
12.3 ... Securing the Transport Layer ... 422
12.4 ... Connecting to the Internet and Other Networks ... 424
12.5 ... Summary ... 431
13 ... Configuring Encryption ... 433
13.1 ... Introduction to Cryptography ... 433
13.2 ... Enabling SSL/TLS ... 451
13.3 ... The Internet Connection Manager ... 468
13.4 ... SAP Web Dispatcher ... 481
13.5 ... Summary ... 487
14 ... Database Security ... 489
14.1 ... Platform-Independent Database Considerations ... 490
14.2 ... Securing the Database Connection ... 495
14.3 ... Logging and Encrypting Your Database ... 507
14.4 ... Summary ... 511
15 ... Infrastructure Security ... 513
15.1 ... Business Secure Cell Concept ... 514
15.2 ... Secure Landscape ... 515
15.3 ... Policy ... 519
15.4 ... Operating System Considerations ... 527
15.5 ... Monitoring ... 540
15.6 ... Virtualization Security Considerations ... 553
15.7 ... Network Security Considerations ... 555
15.8 ... Physical Security ... 560
15.9 ... Summary ... 561
1 ... The Authors ... 563
... Index ... 565
... Preface ... 19
... Target Audience ... 19
... System Administration: A Vast Field of Options ... 20
... What Is Basis? ... 21
... Structure of This Book ... 23
1 ... Introduction ... 25
1.1 ... Potential Threats ... 26
1.2 ... The Onion Concept ... 34
1.3 ... Risk and True Cost of Security ... 37
1.4 ... The Administrator's Role in Security ... 40
1.5 ... Summary ... 43
2 ... Configuring Profiles and Parameters ... 45
2.1 ... Understanding System Parameters ... 46
2.2 ... System Profiles ... 47
2.3 ... Profile and Parameter Structure ... 49
2.4 ... Static and Dynamic Parameters ... 53
2.5 ... Viewing and Setting Parameters ... 55
2.6 ... Key Security-Related Parameters ... 64
2.7 ... Controlling Access to Change Parameters ... 66
2.8 ... Summary ... 67
3 ... Restricting Transactional Access ... 69
3.1 ... Clients ... 71
3.2 ... Who Should Be Able to Lock and Unlock Transactions? ... 71
3.3 ... Which Transactions to Lock ... 71
3.4 ... Locking Transactions ... 73
3.5 ... Viewing Locked Transactions ... 76
3.6 ... Summary ... 78
4 ... Securing Clients ... 79
4.1 ... Client Settings ... 81
4.2 ... Client Logon Locking ... 89
4.3 ... Summary ... 92
5 ... Securing the Kernel ... 93
5.1 ... Understanding the Kernel ... 94
5.2 ... Common Cryptographic Library ... 102
5.3 ... Kernel Update ... 104
5.4 ... Summary ... 114
6 ... Managing Users ... 115
6.1 ... What Is a User ID in SAP? ... 115
6.2 ... Different User Types ... 115
6.3 ... The User Buffer ... 117
6.4 ... Creating and Maintaining a User ... 118
6.5 ... Copy a User ... 128
6.6 ... Change Documents for Users ... 129
6.7 ... Mass User Changes with Transaction SU10 ... 131
6.8 ... User Naming Convention ... 139
6.9 ... Security Policies ... 140
6.10 ... Maintain User Groups ... 145
6.11 ... Central User Administration ... 147
6.12 ... User Lock Status ... 151
6.13 ... User Classification ... 152
6.14 ... User-Related Tables ... 153
6.15 ... Securing Default Accounts ... 154
6.16 ... User Access Reviews ... 156
6.17 ... Inactive Users ... 157
6.18 ... Password and Logon Security ... 158
6.19 ... Segregation of Duties ... 163
6.20 ... Summary ... 165
7 ... Configuring Authorizations ... 167
7.1 ... Authorization Fundamentals ... 168
7.2 ... SAP Role Design Concepts ... 180
7.3 ... The Profile Generator ... 192
7.4 ... Assign and Remove Roles ... 219
7.5 ... Lock and Unlock Transactions ... 221
7.6 ... Transaction SUIM: User Information System ... 221
7.7 ... Role Transport ... 226
7.8 ... Common Standard Profiles ... 228
7.9 ... Types of Transactions ... 229
7.10 ... Table Authorizations ... 239
7.11 ... Printer Authorizations ... 249
7.12 ... Other Important Authorization Objects ... 249
7.13 ... Transaction SACF: Switchable Authorizations ... 253
7.14 ... Customizing Entries in Tables PRGN_CUST and SSM_CUST ... 255
7.15 ... Mass Maintenance of Values within Roles ... 257
7.16 ... Upgrading to a New Release ... 260
7.17 ... ABAP Debugger ... 267
7.18 ... Authorization Redesign and Cleanup ... 269
7.19 ... Introduction to SAP GRC Access Control ... 273
7.20 ... Summary ... 277
8 ... Authentication ... 279
8.1 ... What Is Single Sign-On? ... 279
8.2 ... Single Sign-On Technologies ... 284
8.3 ... SAP GUI Single Sign-On Setup ... 286
8.4 ... SAML ... 309
8.5 ... Summary ... 339
9 ... Patching ... 341
9.1 ... Patching Concepts: SAP's Approach to Patching ... 341
9.2 ... Application of Security SAP Notes ... 347
9.3 ... Implications of Upgrades and Support Packages ... 354
9.4 ... Evaluating Security with SAP Solution Manager ... 354
9.5 ... Summary ... 358
10 ... Securing Transports ... 359
10.1 ... Transport System Concepts ... 360
10.2 ... Transport Authorizations ... 373
10.3 ... Operating System-Level Considerations ... 376
10.4 ... Landscape Considerations ... 377
10.5 ... Summary ... 378
11 ... Auditing and Logging ... 379
11.1 ... External Audits ... 380
11.2 ... Internal Audits ... 381
11.3 ... Auditing Tools ... 382
11.4 ... Summary ... 409
12 ... Securing Network Communications ... 411
12.1 ... Choosing a Network Security Strategy ... 411
12.2 ... Securing Using Access Controls ... 412
12.3 ... Securing the Transport Layer ... 422
12.4 ... Connecting to the Internet and Other Networks ... 424
12.5 ... Summary ... 431
13 ... Configuring Encryption ... 433
13.1 ... Introduction to Cryptography ... 433
13.2 ... Enabling SSL/TLS ... 451
13.3 ... The Internet Connection Manager ... 468
13.4 ... SAP Web Dispatcher ... 481
13.5 ... Summary ... 487
14 ... Database Security ... 489
14.1 ... Platform-Independent Database Considerations ... 490
14.2 ... Securing the Database Connection ... 495
14.3 ... Logging and Encrypting Your Database ... 507
14.4 ... Summary ... 511
15 ... Infrastructure Security ... 513
15.1 ... Business Secure Cell Concept ... 514
15.2 ... Secure Landscape ... 515
15.3 ... Policy ... 519
15.4 ... Operating System Considerations ... 527
15.5 ... Monitoring ... 540
15.6 ... Virtualization Security Considerations ... 553
15.7 ... Network Security Considerations ... 555
15.8 ... Physical Security ... 560
15.9 ... Summary ... 561
1 ... The Authors ... 563
... Index ... 565
... Target Audience ... 19
... System Administration: A Vast Field of Options ... 20
... What Is Basis? ... 21
... Structure of This Book ... 23
1 ... Introduction ... 25
1.1 ... Potential Threats ... 26
1.2 ... The Onion Concept ... 34
1.3 ... Risk and True Cost of Security ... 37
1.4 ... The Administrator's Role in Security ... 40
1.5 ... Summary ... 43
2 ... Configuring Profiles and Parameters ... 45
2.1 ... Understanding System Parameters ... 46
2.2 ... System Profiles ... 47
2.3 ... Profile and Parameter Structure ... 49
2.4 ... Static and Dynamic Parameters ... 53
2.5 ... Viewing and Setting Parameters ... 55
2.6 ... Key Security-Related Parameters ... 64
2.7 ... Controlling Access to Change Parameters ... 66
2.8 ... Summary ... 67
3 ... Restricting Transactional Access ... 69
3.1 ... Clients ... 71
3.2 ... Who Should Be Able to Lock and Unlock Transactions? ... 71
3.3 ... Which Transactions to Lock ... 71
3.4 ... Locking Transactions ... 73
3.5 ... Viewing Locked Transactions ... 76
3.6 ... Summary ... 78
4 ... Securing Clients ... 79
4.1 ... Client Settings ... 81
4.2 ... Client Logon Locking ... 89
4.3 ... Summary ... 92
5 ... Securing the Kernel ... 93
5.1 ... Understanding the Kernel ... 94
5.2 ... Common Cryptographic Library ... 102
5.3 ... Kernel Update ... 104
5.4 ... Summary ... 114
6 ... Managing Users ... 115
6.1 ... What Is a User ID in SAP? ... 115
6.2 ... Different User Types ... 115
6.3 ... The User Buffer ... 117
6.4 ... Creating and Maintaining a User ... 118
6.5 ... Copy a User ... 128
6.6 ... Change Documents for Users ... 129
6.7 ... Mass User Changes with Transaction SU10 ... 131
6.8 ... User Naming Convention ... 139
6.9 ... Security Policies ... 140
6.10 ... Maintain User Groups ... 145
6.11 ... Central User Administration ... 147
6.12 ... User Lock Status ... 151
6.13 ... User Classification ... 152
6.14 ... User-Related Tables ... 153
6.15 ... Securing Default Accounts ... 154
6.16 ... User Access Reviews ... 156
6.17 ... Inactive Users ... 157
6.18 ... Password and Logon Security ... 158
6.19 ... Segregation of Duties ... 163
6.20 ... Summary ... 165
7 ... Configuring Authorizations ... 167
7.1 ... Authorization Fundamentals ... 168
7.2 ... SAP Role Design Concepts ... 180
7.3 ... The Profile Generator ... 192
7.4 ... Assign and Remove Roles ... 219
7.5 ... Lock and Unlock Transactions ... 221
7.6 ... Transaction SUIM: User Information System ... 221
7.7 ... Role Transport ... 226
7.8 ... Common Standard Profiles ... 228
7.9 ... Types of Transactions ... 229
7.10 ... Table Authorizations ... 239
7.11 ... Printer Authorizations ... 249
7.12 ... Other Important Authorization Objects ... 249
7.13 ... Transaction SACF: Switchable Authorizations ... 253
7.14 ... Customizing Entries in Tables PRGN_CUST and SSM_CUST ... 255
7.15 ... Mass Maintenance of Values within Roles ... 257
7.16 ... Upgrading to a New Release ... 260
7.17 ... ABAP Debugger ... 267
7.18 ... Authorization Redesign and Cleanup ... 269
7.19 ... Introduction to SAP GRC Access Control ... 273
7.20 ... Summary ... 277
8 ... Authentication ... 279
8.1 ... What Is Single Sign-On? ... 279
8.2 ... Single Sign-On Technologies ... 284
8.3 ... SAP GUI Single Sign-On Setup ... 286
8.4 ... SAML ... 309
8.5 ... Summary ... 339
9 ... Patching ... 341
9.1 ... Patching Concepts: SAP's Approach to Patching ... 341
9.2 ... Application of Security SAP Notes ... 347
9.3 ... Implications of Upgrades and Support Packages ... 354
9.4 ... Evaluating Security with SAP Solution Manager ... 354
9.5 ... Summary ... 358
10 ... Securing Transports ... 359
10.1 ... Transport System Concepts ... 360
10.2 ... Transport Authorizations ... 373
10.3 ... Operating System-Level Considerations ... 376
10.4 ... Landscape Considerations ... 377
10.5 ... Summary ... 378
11 ... Auditing and Logging ... 379
11.1 ... External Audits ... 380
11.2 ... Internal Audits ... 381
11.3 ... Auditing Tools ... 382
11.4 ... Summary ... 409
12 ... Securing Network Communications ... 411
12.1 ... Choosing a Network Security Strategy ... 411
12.2 ... Securing Using Access Controls ... 412
12.3 ... Securing the Transport Layer ... 422
12.4 ... Connecting to the Internet and Other Networks ... 424
12.5 ... Summary ... 431
13 ... Configuring Encryption ... 433
13.1 ... Introduction to Cryptography ... 433
13.2 ... Enabling SSL/TLS ... 451
13.3 ... The Internet Connection Manager ... 468
13.4 ... SAP Web Dispatcher ... 481
13.5 ... Summary ... 487
14 ... Database Security ... 489
14.1 ... Platform-Independent Database Considerations ... 490
14.2 ... Securing the Database Connection ... 495
14.3 ... Logging and Encrypting Your Database ... 507
14.4 ... Summary ... 511
15 ... Infrastructure Security ... 513
15.1 ... Business Secure Cell Concept ... 514
15.2 ... Secure Landscape ... 515
15.3 ... Policy ... 519
15.4 ... Operating System Considerations ... 527
15.5 ... Monitoring ... 540
15.6 ... Virtualization Security Considerations ... 553
15.7 ... Network Security Considerations ... 555
15.8 ... Physical Security ... 560
15.9 ... Summary ... 561
1 ... The Authors ... 563
... Index ... 565