01-18-2013 1:33 PM
I have just been looking at v1.2 of SAP’s Secure Configuration of SAP NetWeaver® Application Server Using ABAP document. The password management section makes reference to a standard report that can be used to provide assurance that default passwords aren’t in operation. The report is RSUSR003. My question is where could I read up on any other reports that would be useful for security/audit purposes? Is there any sort of repository of reports document where I can see what default reports are available which may be useful security administrators or internal auditors? If you use these reports yourselves are there any that spring to mind as having value to security admins/security audits?
Thanks
Jeff
01-18-2013 6:04 PM
Instead of running the ABAP reports in your system manually, you could configure the following reports in Solution Manager for your system:
- Security Evaluation by SAP EarlyWatch Alert http://help.sap.com/saphelp_sm71_sp05/helpdata/en/f0/02a8d723e147aa92d3499bf5fa9eca/frameset.htm
- SAP Security Optimization (for PSLE Version) http://help.sap.com/saphelp_sm71_sp05/helpdata/en/f4/3cdb3d56a440cc8fe78c2d6d6db068/frameset.htm
In addition to the standard reports in Solution Manager, you have the Security Dashboard in the Technical Operations of the Solution Manager Admin Work Center.
http://help.sap.com/saphelp_sm71_sp05/helpdata/en/e0/13a4616ab44a2d910763aefa9d3b7c/frameset.htm