NewyorkSys is one of the leading top IT Training and Consulting Company in US, with a good placement track record. We have certified trainers. We will provide Online Training, Fast Track online training, with job assistance Courses : SAP Technologies,Dataware housing Tools , OralceTechnologies,SAS,JAVA,.NET,BA .. etc.
ATTEND FREE DEMO CLASS
NewyorkSys Inc
USA: +1- 718- 313-0499
USA: +1-718-305-1757
E-mail ID: enquiry@newyorksys.us
Visit:www.NewyorkSys.com
2. Introduction
Entire companies have been built up around highly
guarded intellectual property and process secrets ... and
could easily fall if this was breached. Therefore, keeping
the security of the organization intact is one of the vital
aspects of any SAP implementation.
SAP BASIS addresses all security issues by incorporating an
authorization module. With increased potential for
security breaches in the computer systems around the
world, BASIS consultants face a tough task of maintaining
the integrity and administering the security of SAP
systems. Interoperability features of a SAP system makes
this task a bit more difficult.
Call : +1-718-305-1757, +1-718-313-0499
E – Mail : training@newyorksys.com www.newyorksys.com
3. SAP Security in Open Environment
Call : +1-718-305-1757, +1-718-313-0499
E – Mail : training@newyorksys.com www.newyorksys.com
4. SAP Security Components
Call : +1-718-305-1757, +1-718-313-0499
E – Mail : training@newyorksys.com www.newyorksys.com
5. Network Security
Encryption
• Password sniffing
• No traffic encryption by default
Potocol vulnerabilities
• RFC protocol vulnerabilities
• Getting information
• Executing remote commands
• Registering External server
Improper components implementation
• Improper SAP firewall rules implementation (allow all)
• Network segmentation between users, administrators &
servers
Call : +1-718-305-1757, +1-718-313-0499
E – Mail : training@newyorksys.com www.newyorksys.com
6. OS Security
OS and application vulnerabilities
Any critical vulnerability in OS or applications installed on SAP
server can be used to get access to OS and business DATA.
Examples of OS vulnerabilities are everywhere
(securityfocus, milw0rm,exploit-db)
OS specific security options NFS access. SAP data and binaries
can be accessed by an anonymous user with NFS OS access
rights.
Critical SAP files and Oracle data files may have insecure
rights such as 755 or even 777 Insecure rhosts. Remote access
can be managed by rlogin from trusted servers thus getting
access to one of SAP servers an attacker can access to
others
Call : +1-718-305-1757, +1-718-313-0499
E – Mail : training@newyorksys.com www.newyorksys.com
7. Database Security
• Database vulnerabilities
• Many default passwords + Default SAP passwords
• Password policies such as password length and
locking are not installed by default
• Security properties such as
REMOTE_OS_AUTHENT
• Listener security (for example latest buffer overflows
that give remote access to OS)
• Many many others
8. Application Security
• There are many different Web servers installed in SAP
landscape such as: WEB AS, ITS, IGS
• SAP usually installs with many different web
applications that use different technologies:
JSP servlets, Web services, Webdynpro, EJB, Portal
iviews, BSP
• All SAP implementations have internally developed
stuff so every company may have their own
vulnerabilities
9. Internal Security
The most known area of SAP security
It is about roles, privileges and segregation of duties
Every SAP security consultant or administrator knows
this aria (maybe :)
Unfortunately, it is ALL that they know about SAP
security
10. ABOUT NEWYORKSYS – IT SOLUTIONS
NewyorkSys is one of the leading top IT Training and
Consulting Company in US, with a good placement track
record. We have certified trainers. We will provide Online
Training, Fast Track online training, with job assistance
We are providing excellent Training in all courses. Faculty
from top MNC’s with highly skilled domain expertsaise will
train & guide you with real time examples , project
explanation . We also help you in resume preparation and
provide job assistance till you get job.
For more details visit our website :
www.newyorksys.com
Call : +1-718-305-1757, +1-718-313-0499
E – Mail : training@newyorksys.com www.newyorksys.com
11. NEWYORKSYS OFFER ONLINE COURSES
SAP ERP TECHNOLOGIES : SAP Basis, SAP ABAP, SAP
Security, SAP Net Weaver, SAP XI, SAP FICO, SAP MM, SAP PP,
SAP WM, SAP SRM, SAP BPC, SAP EP ADMIN, SAP SCM, SAP
SD, SAP CRM, SAP HR, SAP MDM, SAP Is Retail, SAP ABAP HR.
SAP ADVANCED TECHNOLOGIES :SAP HANA, SAP BPC,
SAP ABAP Workflow, SAP Business Object, SAP APO, SAP PLM,
SAP SEM.
FOR MORE DETAILS VISIT :
http://www.Newyorksys.com
12. CONTACT US
For Additional Assistance , Course Details, Batch
Scheduling Information , you may contact to below
address
NewyorkSys Inc.,
15 Roaring Brook Rd,
Chappaqua,
NY 10514.
USA : +1-718-313-0499
USA : +1-178-305-1757
E-Mail ID : training@NewyorkSys.com
Visit : www.NewyorkSys.com