Page tree
Skip to end of metadata
Go to start of metadata

 

This page provides guidance on various security settings and options of the BI Platform Support Tool.  


Persistance of data on client

Run the BI Platform Support Tool using your Windows user id and not a shared user account

When defining a landscape configuration, this data is stored on the client in the file preferences.xml under your user account Windows profile.  For example:

C:\Users\UserID\AppData\Roaming\BISupportTool\preferences.xml

it is recommended to run the BIPST client using your specific user account and not a shared user account.  

 

Any sensitive landscape configuration data stored in the preferences.xml is encrypted.  However, it is recommended not to share the preferences.xml file.

Set a data retention setting if your organization requires it

In BIPST version 2.1, you have the option of how long to retain either Landscape Analysis Report data and Landscape Configuration data.  Once the retention timeout has expired, this data will be deleted from the client where it is stored.  To access retention settings, click on PreferencesGeneralData Retention settings.


 

Do not persist any data on the client

To configure the client to never persist and cache either Landscape Analysis Report data and/or Landscape Configuration data, set the Data Retention setting to When application is closed.

 

Data retention audit log

Anytime a data retention setting is enforced, an audit log will be generated under the directory <BIPST_INSTALL>/bin/logging.  Landscape configuration data that has been deleted will have an audit log entry in landscape_data_retention_audit.log and Landscape Analysis Report data will have an audit log entry in analysis_data_retention_audit.log

Securing Communications

The BIPST is a client application which communicates to remote server hosts via several different data sources / protocols.  This section links to documentation that explains how to secure this communication using secure socket layer configuration (SSL).

Corba SSL 

The SAP BusinessObjects BI Platform provides the ability to secure Corba communications (for example connections to the Central Management Server) using SSL.  Refer to the following documentation to enable Corba SSL for the BI Platform.

Configuring Servers for SSL
https://help.sap.com/viewer/2e167338c1b24da9b2a94e68efd79c42/4.2.4/en-US/46925adf6e041014910aba7db0e91070.html

 

JMX SSL

For connections to Apache Tomcat via JMX, you can secure the communications using JMX SSL.  Refer to:

How to configure JMX for Apache Tomcat (Windows)#ConfiguringJMXSSLforApacheTomcat

SAP Host Agent SSL

For connections to the SAP Host Agent, you can secure the communications using SSL.  Refer to:

Enabling Host Agent SSL

 

Disabling Twitter / Blog Feeds

In the event that you do not want the BIPST client to automatically connect to the SAP Community Network or Twitter to fetch RSS feeds to display on the Home Dashboard then you can disable this in the following ways.

Option 1: Disable feeds prior to starting client
  1. Edit the file <BIPST_INSTALL>/BISupportTool64.bat

  2. Locate the section containing :standard then add the following java property: -Dbipst.enableInternetFeeds=false after the text start BISupportTool.exe.

    For example:

       

Option 2: Disable feeds via preferences UI
  1.  Open the BIPST client, then click on PreferencesGeneral

  2.  Un-check "Enable Internet Feeds"



  3. Restart the client
  • No labels