Output Management
SAPUI5 and Fiori
Since innovations through IoT (Internet of Things) or big data scenarios not only affect the SAP basis, but also highlight products and services for customers of their own company, the role of the SAP basis in relation to these scenarios and services must be clearly defined. In general, the SAP basis sees its responsibility here in the connectivity to the corporate network or the enterprise systems, which lie in the responsibility of the SAP basis. The support of the applications, based on the technologies as well as the associated services, is the responsibility of the respective department that offers this service. A SAP-based support service must be agreed and regulated during the conception.
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
ABAP Code Security - SAP Code Vulnerability Analyzer / Virtual Forge CodeProfiler for ABAP
The so-called SAP message server also belongs to the application layer. Only one instance of this server exists in the system. It mediates between the services and applications. In concrete terms, this means that the message server takes care of load balancing and determines, for example, on which application server a user logs on. Communication between application servers is also the domain of this message server.
Basically, an SAP Basis administrator is responsible for installing, configuring, managing, maintaining and servicing all technical components of an SAP system landscape. This includes activities such as application setup, monitoring, and troubleshooting.
For administrators, a useful product - "Shortcut for SAP Systems" - is available in the SAP basis area.
In addition to the database, the SAP system itself is installed.
Basis administrators often have basic ABAP knowledge, for example, and ABAP developers know the basics of SAP Basis.