Secure Your SAP Landscape with SAP Solution Manager 7.2
5 Integrated Applications to Help Protect Business-Critical SAP Systems from Cyberattacks
Firewalls, intrusion detection systems, and antivirus solutions may not protect SAP systems against advanced cyberattacks. However, this does not necessarily mean that SAP customers have to license third-party vulnerability scanning or threat detection solutions to deal with the risk. The answer to their security questions may be closer than they realize. Bundled with standard and enterprise SAP support agreements, SAP Solution Manager 7.2 includes five integrated applications to safeguard SAP systems against cyberthreats: Service Level Reporting (SLR), Dashboard Builder, System Recommendations, Interface and Connection Monitoring (ICMon), and Monitoring and Alerting Infrastructure (MAI).
1. Service Level Reporting
SLR performs scheduled vulnerability scans in SAP systems and automatically distributes the results via email or SFTP. SLR reports, which are customizable and run in any language, can also be forwarded to SAP Enterprise Portal and Microsoft SharePoint. The reports include gap assessments against compliance frameworks such as Payment Card Industry Data Security Standard (PCI DSS) or the Sarbanes-Oxley Act (SOX); risk ratings to support prioritization; correction instructions; and links to relevant SAP Notes and recommendations.
2. Dashboard Builder
Dashboard Builder provides a flexible, user-friendly framework for creating and displaying dashboards that monitor security-relevant key performance indicators (KPIs) in SAP systems and landscapes. Dashboard Builder offers a variety of data visualizations, including column, line, pie, and scatter graphs. The dashboards support one-click navigation from summarized results to detailed values using drill-down capabilities.
3. System Recommendations
System Recommendations provides an end-to-end platform for discovering, analyzing, and applying security patches for SAP systems. It connects to the SAP Support Portal to detect missing security-related SAP Notes and download corrections. System Recommendations integrates with the ABAP Call Monitor (transaction SCMON), Usage and Procedure Logging (UPL), and Solution Documentation to identify business processes, reports, and transactions affected by SAP Notes.
4. Interface and Connection Monitoring
ICMon maps system connections in SAP landscapes to identify vulnerable interfaces that could be targeted by attackers. Topologies display connections including trusted remote function call (RFC) connections and connections with stored credentials. This can be used to identify vulnerable connections that could be exploited for RFC hopping or pivoting attacks. ICMon also collects usage data for connections and generates alerts for dangerous RFC or HTTP calls.
5. Monitoring and Alerting Infrastructure
MAI continuously monitors configuration, event, and user data in SAP files and tables, and generates automatic alerts for potential threats and suspected security breaches. MAI triggers email and SMS notifications for security alerts. Guided procedures provide best practices and standard operating procedures for investigating security incidents. The Alert Consumer Connector in MAI can integrate alerts with security information and event management (SIEM) platforms for correlation and forensic analysis.