SAP NetWeaver & SAP Gateway
Products and services at a glance
The tasks described above, which occur at rather irregular intervals and involve a certain degree of complexity due to the lack of routine or process know-how, should be examined in order to determine whether they can be performed more efficiently by an external service provider. One question to be answered is whether it is necessary to keep the necessary knowledge in the company in order to be able to react faster than the external service provider. For example, for business critical systems. Security aspects should also be considered, as external persons gain access to the system. From now on, outtasking performance must be regularly monitored and checked for quality and documentation. A complete dependence on the external partner must not arise.
An important area of SAP Security is the analysis of the customer's own SAP programs, which are classically written in the proprietary SAP language ABAP. Here, too, as in all programming languages, security vulnerabilities can be programmed - whether consciously or unconsciously. However, the patterns of security vulnerabilities in ABAP code differ from those in Java stacks or Windows programs. The goal of these conventional programs is usually to either crash the program (buffer overflow) or to artificially execute the program's own code (code injection). Both is not possible in ABAP, since a crash of a process causes nothing else than the creation of an entry in the log database (Dump ST22) and a subsequent termination of the report with return to the menu starting point. So a direct manipulation as in other high level languages or servers is not possible. However, there are other manipulation possibilities.
Load Support Packages into Other Systems
Hosting environments and third-party offerings have also contributed to these improvements. Public cloud environments such as Azure and AWS provide a layer of abstraction that eliminates the difficult task of maintaining the hardware that was required with SAP on-premises.
INTRODUCTION A growing number of SAP-based departments are facing major changes and challenges within the SAP product portfolio as well as in their own task environment. These result from influences of digitalisation, digital transformation, new technologies such as cloud computing or big data, but also developments such as customer experience or the Internet of Things. In order to overcome the challenges and to transform the existing SAP basis, recommendations for action are grouped in seven thematic areas. These topics cover the areas of skills and roles (cloud and supplier management, strengthening of the technology architect, focus on project work), marketing and self-understanding (creation of a service catalogue, regular exchange with the CIO, renaming of the SAP basis), new technologies and innovation (test and innovation lab, proactive & regular training), organisation in change (development of the two subject areas close to structure and application-orientated , virtual teams of experts), standardisation and automation (automation of routine tasks, outtasking of rare tasks), "cloudability", outsourcing & outtasking (assessment of usefulness for the cloud, use of appropriate service forms) and IT roadmap (influence of own IT roadmap). By reflecting on the thematic areas, methods and possibilities for implementing the recommendations are presented.
The "Shortcut for SAP Systems" tool is ideal for doing many tasks in the SAP basis more easily and quickly.
Rethinking the Permission Concept With the introduction of an Identity Management System and a workflow for permission granting, the existing roles should be scrutinised once again.
Installing, migrating, upgrading, optimizing, monitoring and resolving ongoing issues with SAP systems.