Security and Identity Management
Page tree
Skip to end of metadata
Go to start of metadata

System Security

For an overview about system security for SAP NetWeaver Application Server, see the following documentation on SAP Help Portal:

Logging and Monitoring – AS ABAP

Security Audit Log

  • Monitoring of security relevant events in the system like logon, access control violations and more
  • Target Audience: Security Administrator

Documentation on SAP Help Portal

Audit Information System (AIS)

  • Used to ensure secure and compliant operations of business functions
  • Target Audience: Auditor

Documentation on SAP Help Portal

Read Access Logging (RAL)

  • Used to ensure compliant access to sensitive or classified data
  • Allows to track who did access which data when and via which interface
  • Target Audience: Data Protection Officer
  • New functionality in SAP NetWeaver Application Server ABAP 7.40

For more information, see Read Access Logging (RAL).

Logging and Monitoring – AS Java

Security Audit Log

The security audit log of the SAP NetWeaver Application Server (AS) Java contains a log of important security events, such as successful and failed user logons, and creation or modification of users, groups and roles. This information is used by auditors to track changes made in the system.

Documentation on SAP Help Portal

Tracing and Logging

Security tracing and logging are important elements for securing your application server systems. Therefore, the AS Java includes monitoring and administration functions for the early detection and investigation of deviations from established security policies.

Documentation on SAP Help Portal

Virus Scan Interface

You can use the virus scan interface to include external virus scanners in the SAP system to increase the security of your system. In this way, you can use a high-performance integration solution to scan documents that are being processed by applications for viruses. This applies both to applications delivered by SAP and to your own customer developments, such as for data transfers across networks or when exchanging documents using interfaces.

Documentation on SAP Help Portal

Secure Storage (ABAP)

SAP applications use the secure storage to store the passwords used for connecting to other systems. The passwords are stored encrypted so that they cannot be accessed by unauthorized users.

Documentation on SAP Help Portal

For legal reasons, only SAP applications may use the secure storage. We therefore use technical measures to prevent the secure storage being used in customer developments. SAP provides the Secure Store & Forward interface for external products for your own developments.

SAP NetWeaver Security Guide

The SAP NetWeaver Security Guide provides an overview of the security-relevant information that applies to SAP NetWeaver. It contains an overall overview of security with SAP NetWeaver as well as links to the individual guides for each of the functional areas.

For more information, see:

Security Patch Process

Security Patch Process FAQ

 

  • No labels