Fire Fighter in Virsa

Former Member · ‎09-07-2006

Can someone please describe me how fire fighter works

Thanks

Former Member · ‎09-07-2006

The way the firefighter tool works is it allows you to give special authorizations (ie SAP_ALL) to User ID which in turn can be used as required. When this ID is used the actions perfomed by this ID are record. In addition, emails are sent to predefined email accounts to inform the necessary people that an Firefighter ID has been used.

To initiate the use of a firefighter ID one would log into the required SAP system with your normal ID, then call the firefighter transaction and then log in using the firefighter ID in a separate session called by the firefighter tool. From that point on all actions are recorded. And can be viewed as required.

I have documentation for the earlier versions of firefighter and can forward those to you if you would like. I'm not sure how much the tool has changed as I have been away from it for some time. If any one can add to what I have provided please do so.

Former Member · ‎11-28-2006

My email id is xxx(at)xxx(dot)com

could you please email me the documents as well?

I thank you.

Niloufer

Can we PLEASE stop doing that? Thank you.

Message was edited by:

Frank Koehntopp

Former Member · ‎08-08-2007

Hi Mike I would really appreciate if you could send me documentation on VIRSA.My email is <email removed by moderator>

thanks,

Jim

Former Member · ‎09-07-2006

Hi Mike

Thanks for your response. Correct me if I'm wrong. Basically what firefighter ID does is just record user actions. Do you know when this firefighter ID comes in handy or whats the purpose of it?Also do we need to assign any particular roles to this user firefighter ID? I would appreciate it if you can send me the documents <email removed by moderator>

Former Member · ‎09-07-2006

The only actions that are recorded are those of the firefighter ID. The firefighter ID does not record any other actions for any other users.

A good example of what a fire fighter ID could be used for is Basis access. There are additonal tasks that a Basis person is allowed to perform in a non-Production system versus a Production system (as I am sure you are aware). There are times though that he/she may need elevated access to perform a critical task. At that point the firefighter ID is accessed and their actions recorded.

As far as the type of access that you would assign, keeping with the same Basis person example, take a look at what you have defined for your Basis person(s) in your Production environment. Compare that access to what he/she has in QA (and/or Dev). The delta identified is the elevated access that may be required as baseline authorization for the firefighter ID. Of course this is only an example and you would have to tailor it to suite your requirements.

Documents emailed.

Former Member · ‎09-08-2006

Mike,

Can you please email me the documents related to Firefigher to <email removed by moderator>?

Thanks in advance

Sudhan Shan

Former Member · ‎09-09-2006

I got the documents. Thanks a lot Mike

Former Member · ‎11-14-2006

Hi Mike,

This is Raj Bathula.Can you please email the documents regarding the firefighter to xxx@xxx.

Message was edited by:

Frank Koehntopp

Former Member · ‎09-07-2006

we do face many situations when we have to give SAP_ALL or equal access to a user to resolve an emergency issue.

these situations are hard moments for a security administrator. this firefighter ID allows security \

people not get blamed because all activities get traced.

and the user using it will be responsible for anything.

Multiple firefighterID's can be used seperating them by application to get rid of congestion in emergency situations.

If a Firefighter ID is getting used you can keep a message to get it opened for you immediately after its free. and remember trace/log files will be counted under

the user account who is using it.

Former Member · ‎09-07-2006

Hi,

In addition to the others comments, the fire fighter id may not necessarily have SAP ALL or SAP * in it. It can be an id with access greater than what the developers or individual people have on the system.

Cheers,

Kedar

Former Member · ‎09-07-2006

In addition to the above use of Firefighter ... it'll especially come handy to be SOX compliant while not limiting the job roles.

Eg. A certain company employes a single person to 'Update vendor master' & 'post vendor payments' and as per SOX there is a SOD violation here as that person can create a dummy vendor and post payment to it.

So ideally you segregate the jobs thus assign a different person to post the payments.

If the company does not want to change the business process however needs to be compliant .. FireFighter comes handy as the same person is given additional access with the firefighter and the actions (Payments posted to the vendors with firefighter) are emailed so the concerned body is aware of any risks/fraudulent payments... thus SOX compliant.

Former Member · ‎09-07-2006

I got the documents. Thanks Mike. I appreciate it.

Former Member · ‎09-07-2006

hi Prasant

Can you email me at <email removed by moderator> . I have few other questions that I want to ask if u dont mind. I would appreciate it.

Thanks

Former Member · ‎09-08-2006

Hello Mike,

Can you please send the documents at <email removed by moderator>as well. Thanks in advance.

regards.

Ruchit.

Message was edited by: Ruchit Khushu

Former Member · ‎09-09-2006

Hi Mike,

Many thanks for the documents.

With regards.

Ruchit.

Former Member · ‎09-09-2006

Hi Mike,

Can you please fwd the same to my ID as well.

Thanks in advance for the documents.

Br,

Sri

Former Member · ‎09-09-2006

Mike,

Can you please email me the documents related to Firefigher to <email removed by moderator> ?

Thanks in advance

Pritesh..

christian_wippermann · ‎09-10-2006

Dear all,

Please do not distribute copyright material. All material that is publicly available can be downloaded from:

www.sap.com

help.sap.com

service.sap.com

www.virsa.com

Please add the link to the resource so that everyone using the forum can access it. Therefore we do not need to create these long lists of email addresses in a thread.

Additionally, I would suggest that you consider removing your email address from the thread. As you may know, bots are crawling the net to find email addresses they can spam.

Best regards,

Christian

Former Member · ‎01-16-2007

Can someone please email the documents to my email ID xxx@xxx.com

Would you please check the links I provided?

Thank you.

Message was edited by:

Frank Koehntopp

Former Member · ‎01-30-2007

hi

can you please send me that document at xxx@xxx.com

thanks

Message was edited by:

Frank Koehntopp

Former Member · ‎10-11-2006

Hello Gurus,

Could somebody provide the link for FireFighter Documention in the resource available. Thanking you in advance.

Balu.

koehntopp · ‎10-12-2006

Here's a link to the GRC solutions page:

http://www.sap.com/solutions/grc/brochures/index.epx

Documentation should be available with the product downloads.

Frank.

Former Member · ‎11-23-2006

Can any one please send any documents realted to Virsa or any link .....to xxx@xxx...

Message was edited by:

Frank Koehntopp

Former Member · ‎11-27-2006

Hi All,

Can some send me the Documents on Fire Fighters..

Thanks in Advance .

koehntopp · ‎11-27-2006

Again:

Please do not distribute copyright material. All material that is publicly available can be downloaded from:

www.sap.com

help.sap.com

service.sap.com

www.virsa.com

Please add the link to the resource so that everyone using the forum can access it. Therefore we do not need to create these long lists of email addresses in a thread.

If we are to build a community here, we need to try and collect answers to questions in the forum, not via email.

Thank you & best regards,

Frank.

Former Member · ‎03-12-2007

Can somebody mail me Virsa security related docs to <email removed by moderator>?

Thanks in advance.