Independent transactions
Backing up and restoring data
To ensure audit-proof traceability, you should only allow software components and namespaces to be changed on a production system in exceptional cases and for a limited period of time. This should only be done restrictively to prevent manipulation at the production level.
The SAP NetWeaver Application Server Add-on for Code Vulnerability Analysis tool, also known as Code Vulnearability Analyzer (CVA), is a tool that performs a static analysis of user-defined ABAP source code to detect possible security risks. The tool is available in the NetWeaver ABAP stack and is based on versions from: 7.0 NetWeaver: in EHP2 SP 14 or higher / 7.0 NetWeaver: in EHP3 SP 09 or higher / 7.3 NetWeaver: in EHP1 SP 09 or higher / 7.4 NetWeaver: in SP05 or higher To use the CVA tool, the execution of system-wide security controls must be enabled with the RSLIN_SEC_LICENSE_SETUP report. Afterwards, the security checks are available in standard ABAP code checking tools such as ABAP Test Cockpit (ATC) or Code Inspector (SCI). The option of these checks is usually referred to as "security analysis in extended program check". Note that the use of the security check feature for custom code separation is licensed and incurs additional costs. The older program that has been around for years is Virtual Forge's "Code Profiler". It is one of the first products in this segment of SAP security and was used by SAP itself for many years. It is very comprehensive and is also able to track individual variables across the entire control flow. This leads to very precise statements and a reduction of false positives.
System Retirement
SAP recommends a role design for Fiori permissions based on the defined catalogues and groups in the launchpad. In such a catalogue there is usually a set of apps and services which is relevant for a specific user group. If a role for one or more catalogues in the launchpad has been authorised, the corresponding catalogues and groups will be displayed in the app finder only for eligible users when the launchpad is launched. This ensures that every user only sees what they are working with. Important: These Fiori permissions are maintained on the frontend server! Maintain catalogue permissions in the PFCG To add a Fiori permission to open a catalogue for a role, reopen this role in the PFCG in Change mode and follow the next steps: 1) Select Menu tab 2) Click on the small arrow to add an item 3) Select "SAP Fiori Tile Catalogue" Then select the corresponding Catalogue ID for which the selected role should be eligible. Now the role only has to be assigned to the corresponding users in the system. Once you have completed these steps, you will have the Fiori permissions you need to view individual tile catalogues on the launchpad.
"Shortcut for SAP Systems" is a PC application that simplifies or even facilitates many activities in the SAP basis.
The website "www.sap-corner.de" offers many useful information about SAP basis.
Every SAP system architecture is as individual as the company itself.