- Created by Toby Johnston, last modified on Nov 08, 2017
This page provides guidance on various security settings and options of the BI Platform Support Tool.
Persistance of data on client
Run the BI Platform Support Tool using your Windows user id and not a shared user account
When defining a landscape configuration, this data is stored on the client in the file preferences.xml under your user account Windows profile. For example:
it is recommended to run the BIPST client using your specific user account and not a shared user account.
Any sensitive landscape configuration data stored in the preferences.xml is encrypted. However, it is recommended not to share the preferences.xml file.
Set a data retention setting if your organization requires it
In BIPST version 2.1, you have the option of how long to retain either Landscape Analysis Report data and Landscape Configuration data. Once the retention timeout has expired, this data will be deleted from the client where it is stored. To access retention settings, click on Preferences→General→Data Retention settings.
Do not persist any data on the client
To configure the client to never persist and cache either Landscape Analysis Report data and/or Landscape Configuration data, set the Data Retention setting to When application is closed.
Data retention audit log
Anytime a data retention setting is enforced, an audit log will be generated under the directory <BIPST_INSTALL>/bin/logging. Landscape configuration data that has been deleted will have an audit log entry in landscape_data_retention_audit.log and Landscape Analysis Report data will have an audit log entry in analysis_data_retention_audit.log
The BIPST is a client application which communicates to remote server hosts via several different data sources / protocols. This section links to documentation that explains how to secure this communication using secure socket layer configuration (SSL).
The SAP BusinessObjects BI Platform provides the ability to secure Corba communications (for example connections to the Central Management Server) using SSL. Refer to the following documentation to enable Corba SSL for the BI Platform.
Configuring Servers for SSL
For connections to Apache Tomcat via JMX, you can secure the communications using JMX SSL. Refer to:
How to configure JMX for Apache Tomcat (Windows)#ConfiguringJMXSSLforApacheTomcat
SAP Host Agent SSL
For connections to the SAP Host Agent, you can secure the communications using SSL. Refer to:
Disabling Twitter / Blog Feeds
In the event that you do not want the BIPST client to automatically connect to the SAP Community Network or Twitter to fetch RSS feeds to display on the Home Dashboard then you can disable this in the following ways.
Option 1: Disable feeds prior to starting client
- Edit the file <BIPST_INSTALL>/BISupportTool64.bat
- Locate the section containing :standard then add the following java property: -Dbipst.enableInternetFeeds=false after the text start BISupportTool.exe.
Option 2: Disable feeds via preferences UI
- Open the BIPST client, then click on Preferences→General
- Un-check "Enable Internet Feeds"
- Restart the client
- No labels