The answer is no. The established security layers from the open source and Linux world are also available certified for SAP environments. Supported by an automation solution, they can even simplify and increase IT security. In the Linux area, many proven features are available that sustainably improve IT security. In the meantime, they can also be used in the SAP area in an increasingly curated and certified manner.
One example is the SELinux security architecture, which defines access controls for a system's applications, processes, and files based on security policies. Since the end of last year, SELinux in Red Hat Enterprise Linux has also been certified for SAP production environments by SAP. Linux operating systems for SAP solutions can also provide other security features. These include preventing the use of undesired applications or protecting business-critical data with network-based hard disk encryption - for SAP Hana data at rest, for example.
SAP users also benefit in particular from the Red Hat Insights managed service, which includes proprietary rule sets for use in SAP. The service provides risk analysis, proactive infrastructure management, and automatic remediation of potential software security and configuration issues. With a focus on operations, security, and business, the service analyzes platforms and applications for security and performance risks, enabling better management of SAP landscapes.
The Linux operating system for SAP solutions can also have several security-related certifications and validations. These include FIPS (Federal Information Processing Standard) in the area of cryptography or the Common Criteria for Information Technology Security Evaluation. Regular validations regarding applicable hardware and software versions offer users more flexibility. With a certified operating system for SAP solutions, the basis for high security of the digital core is thus available. But the topic of security must be viewed more holistically.
For example, SAP users face the challenge of patching their IT landscapes quickly and securely, proactively monitoring business-critical systems, and resolving problems immediately. It should also be possible to perform maintenance activities with virtually no downtime, for example for SAP Hana. This is where the automation tool Ansible comes into play, which provides automated support for security and incident management processes - for example, with the creation of playbooks for the execution of patches, even specifically adapted to the operation of SAP.
The automation of IT security offers companies the opportunity to integrate isolated solutions, standardize processes and thus improve IT security in general. After all, companies generally use a large number of individual security tools. A company can overcome the associated management challenges by introducing automated workflows based on a security automation solution.
An automation solution such as Red Hat Ansible Automation Platform can be integrated into existing tools and processes using RESTful APIs and a self-service portal. For example, the following elementary security solutions can be integrated and orchestrated: SIEM (Security Information and Event Management), IDS (Intrusion Detection System) and IPS (Intrusion Prevention System), enterprise firewalls, PAM (Privileged Access Management) or endpoint protection platforms. This comprehensive integration and automation can simplify and enhance IT security.
The examples from the non-SAP and open source world, such as SELinux, Red Hat Insights or Red Hat Ansible Automation Platform, show how higher security can be enabled in IT.