It’s all about continuous improvement.
2020 was no normal year like other years. Yet, it brought many opportunities and improvements for Protect4S, our flagship SAP Security solution.
We’d like to sum up some of the important improvements as we are proud of all the achievements made, and confident that 2021 will bring even more great innovations and improvements for our customers. This blog is by no means meant to list all improvements, but we’d like to sum up some of the biggest improvements made throughout 2020:
1. Number of checks from 1500 up to 1750
As mentioned before, SAP Security is not a static item, it is a moving target that changes continuously and therefore requires to be embedded in a process. It is therefore important to keep adding the latest vulnerabilities to Protect4S and include new checks where risk is found. We do this by releasing Support Packages frequently and by continuously adding new checks and functionality to Protect4S, as can be seen in the changelog. Last year alone we added 250 new checks to Protect4S.
2. Support for SAP Web Dispatcher
More and more customers open up their SAP systems for Fiori-based scenarios or other internet-exposed services. Because of that, we see a growing number of SAP Web Dispatcher deployments. This introduces new risks, especially since these SAP Web Dispatchers are often internet-facing. To give customers insight into these risks, we added support for the SAP Web Dispatcher in Protect4S. A first 30 checks are created specifically to scan your SAP Web Dispatcher for vulnerabilities.
3. Connection map
An average SAP landscape consists of multiple SAP systems with many interconnections. These connections between SAP systems may pose risks when they are not secured properly. Typically, RFC users with SAP_ALL and connections from NON-PRD to PRD systems are found and they can pose big risks as less secure configured SAP system (for example a Sandbox) can be used as a “stepping-stone” to Productive SAP systems. That is why we introduced a new feature, the Protect4S Connection Map, that gives insight in which connections there are in the SAP landscape and what risks they contain.
4. SAP Security baseline
Earlier this year, SAP released an updated and revised version of its SAP Security Baseline version 2.0 and later in the year also a 2.1 and 2.2 version. This new SAP Security Baseline document helps customers in defining a minimum set of requirements to keep their business-critical SAP systems secure with regards to SAP parameters, specific settings, users and their access rights. It also contains checks if components like the kernel, application layer, database layer and operating system layer are on a current version. Details on the new SAP Security Baseline can be found in this blog post. Protect4S support both the SAP Security baseline 2.0 and 2.2, but keep in mind that this is a template and does not cover SAP Security in its full extend (yet).
5. Renewed SAP Certification
In 2020 we renewed and received new SAP certificates showing SAP’s recognition that Protect4S seamlessly integrates with SAP S/4HANA and SAP NetWeaver. Previously, Protect4S was only certified for SAP NetWeaver and now for both NetWeaver and S/4HANA.
6. Fiori Launchpad
Last year, we added support for the Fiori Launchpad, next to our traditional Protect4S Launchpad. This new Fiori Launchpad is developed especially for our SAP users who work a lot with SAP Fiori apps. Protect4S now also offers a Protect4S Fiori Launchpad, which allows our customers to choose between the Protect4S Launchpad and the Fiori variant. We just want to make SAP Security as simple as possible and provide flexibility in terms of the used SAP User-interface.
Summing up the above improvements (leaving out even the tons of smaller improvements), we are happy to show that Protect4S is under constant development and improvement and we are energized to continue doing so in 2021!