The global and independent platform for the SAP community.
Linux column, Mag 23-07

Profit from Linux security

The silo security of a traditional SAP environment is reaching its limits in an era of increasing interconnection between SAP and non-SAP systems. Does this lead to sacrifices for the security of a process landscape?
Peter Körner, Red Hat
August 16, 2023
Content:
avatar
This text has been automatically translated from German to English.

The answer is no. The established security layers from the open source and Linux world are also available certified for SAP environments. Supported by an automation solution, they can even simplify and increase IT security. In the Linux area, many proven features are available that sustainably improve IT security. In the meantime, they can also be used in the SAP area in an increasingly curated and certified manner.

One example is the SELinux security architecture, which defines access controls for a system's applications, processes, and files based on security policies. Since the end of last year, SELinux in Red Hat Enterprise Linux has also been certified for SAP production environments by SAP. Linux operating systems for SAP solutions can also provide other security features. These include preventing the use of undesired applications or protecting business-critical data with network-based hard disk encryption - for SAP Hana data at rest, for example.

SAP users also benefit in particular from the Red Hat Insights managed service, which includes proprietary rule sets for use in SAP. The service provides risk analysis, proactive infrastructure management, and automatic remediation of potential software security and configuration issues. With a focus on operations, security, and business, the service analyzes platforms and applications for security and performance risks, enabling better management of SAP landscapes. 

The Linux operating system for SAP solutions can also have several security-related certifications and validations. These include FIPS (Federal Information Processing Standard) in the area of cryptography or the Common Criteria for Information Technology Security Evaluation. Regular validations regarding applicable hardware and software versions offer users more flexibility. With a certified operating system for SAP solutions, the basis for high security of the digital core is thus available. But the topic of security must be viewed more holistically.

For example, SAP users face the challenge of patching their IT landscapes quickly and securely, proactively monitoring business-critical systems, and resolving problems immediately. It should also be possible to perform maintenance activities with virtually no downtime, for example for SAP Hana. This is where the automation tool Ansible comes into play, which provides automated support for security and incident management processes - for example, with the creation of playbooks for the execution of patches, even specifically adapted to the operation of SAP.

The automation of IT security offers companies the opportunity to integrate isolated solutions, standardize processes and thus improve IT security in general. After all, companies generally use a large number of individual security tools. A company can overcome the associated management challenges by introducing automated workflows based on a security automation solution.

An automation solution such as Red Hat Ansible Automation Platform can be integrated into existing tools and processes using RESTful APIs and a self-service portal. For example, the following elementary security solutions can be integrated and orchestrated: SIEM (Security Information and Event Management), IDS (Intrusion Detection System) and IPS (Intrusion Prevention System), enterprise firewalls, PAM (Privileged Access Management) or endpoint protection platforms. This comprehensive integration and automation can simplify and enhance IT security.

The examples from the non-SAP and open source world, such as SELinux, Red Hat Insights or Red Hat Ansible Automation Platform, show how higher security can be enabled in IT.

avatar
Peter Körner, Red Hat

Peter Körner is Principal Business Development Manager Red Hat SAP Solutions at Red Hat


All articles of the author

Write a comment

The Hackett Group has recognized Esker in the area of C2C Receivables

Rackspace Technology launches UK Sovereign Services

August-Wilhelm Scheer Institute and BAD Gesundheitsvorsorge und Sicherheitstechnik: The future of healthcare

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024

Venue

Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT

Venue

Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024

Tickets

Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.