Analyze the RFC interfaces of your SAP Systems.
SAP interfaces are often not considered when SAP systems are protected. Therefore, they remain unprotected and provide attractive targets for attackers.
Experience from numerous SAP security audits and penetration tests for SAP systems shows repeatedly that, in almost every SAP system checked, unprotected interfaces exist that could allow attackers direct access to your SAP Systems.
How to keep the overview:
1. Analysis
Complex system environments and SAP systems that have a large number of interfaces, such as SAP Solution Manager, as appropriate for operational scenarios quickly become confusing with regards to their communication requirements with other upstream or downstream systems. This situation tends to become even less transparent over the course of a system life cycle.
For a comprehensive analysis, it is necessary to carry out a fundamental baseline inventory of the current interface relationships within a customer’s system landscape. In the results, there is a list of interfaces that must be evaluated according to various considerations regarding their actual operational necessity and security.
2. Inventory
Are the determined interfaces actually relevant for operations and do they work properly? In this case, it may be necessary to remove incorrect connections and legacy systems that came to exist via test scenarios, upgrades, and so on.
3. Configuration
The remaining interfaces must be analyzed with regard to their completion and security aspects (such as user/authorization assignments and trust).
4. System hardening
The determined vulnerabilities must be removed, and the documentation concerned (for example, an authorization concept) must be adjusted. Settings of dependent components, such as RFC Gateway, also must be adjusted.
Take advantage of our experience and let us advise you: knowhow@akquinet.de