The global and independent platform for the SAP community.

Profit from Linux security

The silo security of a traditional SAP environment is reaching its limits in an era of increasing interconnection between SAP and non-SAP systems. Does this lead to sacrifices for the security of a process landscape?
Peter Körner, Red Hat
August 16, 2023
avatar
This text has been automatically translated from German to English.

The answer is no. The established security layers from the open source and Linux world are also available certified for SAP environments. Supported by an automation solution, they can even simplify and increase IT security. In the Linux area, many proven features are available that sustainably improve IT security. In the meantime, they can also be used in the SAP area in an increasingly curated and certified manner.

One example is the SELinux security architecture, which defines access controls for a system's applications, processes, and files based on security policies. Since the end of last year, SELinux in Red Hat Enterprise Linux has also been certified for SAP production environments by SAP. Linux operating systems for SAP solutions can also provide other security features. These include preventing the use of undesired applications or protecting business-critical data with network-based hard disk encryption - for SAP Hana data at rest, for example.

SAP users also benefit in particular from the Red Hat Insights managed service, which includes proprietary rule sets for use in SAP. The service provides risk analysis, proactive infrastructure management, and automatic remediation of potential software security and configuration issues. With a focus on operations, security, and business, the service analyzes platforms and applications for security and performance risks, enabling better management of SAP landscapes. 

The Linux operating system for SAP solutions can also have several security-related certifications and validations. These include FIPS (Federal Information Processing Standard) in the area of cryptography or the Common Criteria for Information Technology Security Evaluation. Regular validations regarding applicable hardware and software versions offer users more flexibility. With a certified operating system for SAP solutions, the basis for high security of the digital core is thus available. But the topic of security must be viewed more holistically.

For example, SAP users face the challenge of patching their IT landscapes quickly and securely, proactively monitoring business-critical systems, and resolving problems immediately. It should also be possible to perform maintenance activities with virtually no downtime, for example for SAP Hana. This is where the automation tool Ansible comes into play, which provides automated support for security and incident management processes - for example, with the creation of playbooks for the execution of patches, even specifically adapted to the operation of SAP.

The automation of IT security offers companies the opportunity to integrate isolated solutions, standardize processes and thus improve IT security in general. After all, companies generally use a large number of individual security tools. A company can overcome the associated management challenges by introducing automated workflows based on a security automation solution.

An automation solution such as Red Hat Ansible Automation Platform can be integrated into existing tools and processes using RESTful APIs and a self-service portal. For example, the following elementary security solutions can be integrated and orchestrated: SIEM (Security Information and Event Management), IDS (Intrusion Detection System) and IPS (Intrusion Prevention System), enterprise firewalls, PAM (Privileged Access Management) or endpoint protection platforms. This comprehensive integration and automation can simplify and enhance IT security.

The examples from the non-SAP and open source world, such as SELinux, Red Hat Insights or Red Hat Ansible Automation Platform, show how higher security can be enabled in IT.

avatar
Peter Körner, Red Hat

Peter Körner is Principal Business Development Manager Red Hat SAP Solutions at Red Hat


Write a comment

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork.

Venue

More information will follow shortly.

Event date

Wednesday, May 21, and
Thursday, May 22, 2025

Early Bird Ticket

Available until Friday, January 24, 2025
EUR 390 excl. VAT

Regular ticket

EUR 590 excl. VAT

Venue

Hotel Hilton Heidelberg
Kurfürstenanlage 1
D-69115 Heidelberg

Event date

Wednesday, March 5, and
Thursday, March 6, 2025

Tickets

Regular ticket
EUR 590 excl. VAT
Early Bird Ticket

Available until December 24, 2024

EUR 390 excl. VAT
The event is organized by the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes attendance at all presentations of the Steampunk and BTP Summit 2025, a visit to the exhibition area, participation in the evening event and catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due course.