Course announcements

  • This course is meant for security professionals who are responsible for implementing, managing and monitoring system security in their SAP environment. In the course, we deep dive into the network and infrastructure security in an SAP system landscape. Various aspects of the authentication and encryption mechanisms on SAP NetWeaver Application Servers are discussed. Course participants will get a lot of hands-on experience from this training.

Goals

  • This course will prepare you to:
    • Describe and analyze the security threats
    • Explain the basic security for SAP systems
    • Install and configure SAProuter and SAP Web Dispatcher
    • Apply cryptography in SAP systems
    • Configure Secure Network Communications (SNC)
    • Configure Secure Socket Layer (SSL)
    • Configure authentication and Single Sign-On (SSO) mechanisms in SAP systems

Audience

  • System Administrator
  • Technology Consultant
  • Infrastructure Security Administrator

Prerequisites

Essential

  • ADM100 - System Administration I for SAP S/4HANA and SAP Business Suite
  • ADM800 - AS Java Administration
  • Windows or Linux administration skills with some basic knowledge of networking and encryption concepts

Recommended

  • ADM110 - Installing and Updating SAP S/4HANA and SAP Business Suite Systems
  • ADM900 - SAP System Security Fundamentals

Course based on software release

  • SAP NetWeaver 7.51

Content

  • Security Overview
    • Evaluating Security Concepts
    • Outlining the Security Roadmap
  • NetWeaver AS Components and Communication Mechanisms
    • Determining the Key Points of Network Security
    • Installing and Configuring SAProuter
    • Installing and Configuring SAP Web Dispatcher
  • NetWeaver AS Security Operations
    • Explaining the Secure Store
    • Secure Storage in File System
    • Outlining Authorizations and Security Policies
    • Managing Users in SAP Systems
    • Securing the Message Server and the Internet Communication Manager (ICM)
    • Securing the SAP GUI
    • Monitoring SAP System Security
    • Describing Application Lifecycle Management
    • Segregating System Administration Duties
    • Managing Transport Management System Users
    • Monitoring Security with SAP Solution Manager
  • Basics of Authentication and Single Sign-On
    • Discussing Authentication for SAP NetWeaver AS
    • Discussing Authentication for SAP Netweaver AS Java
    • Discussing Single Sign On with Active Directory
    • Discussing Single Sign on with SAP Logon Tickets
  • RFC Security
    • Securing the RFC Gateway
    • Enabling SNC for SAP NetWeaver AS ABAP
    • Reducing the Attack Surface: RFC Communication and Unified Connectivity
  • Secure Sockets Layer (SSL)
    • Discussing Secure Sockets Layer (SSL) for SAP
    • Discussing SSL for SAP Management Console
    • Discussing SSL for SAP NetWeaver AS ABAP
    • Discussing SSL for SAP NetWeaver AS Java
  • Integration B2B
    • Discussing Process Integration and Orchestration
    • Discussing Web Services Security in ABAP
  • Infrastructure
    • Protecting the Operating System Security
    • Protecting Database Security