The global and independent platform for the SAP community.
The opinion of the SAP community, Linux column, MAG 15-07

OS infrastructure: Security functions for Hana

The topic of security is firmly anchored within Hana Datacenter Readiness. As an OS supplier, Suse provides sophisticated protection against attacks and threats during Hana deployment.
E-3 Magazine
23 July 2015
Content:
Linux column
avatar
This text has been automatically translated from German to English.

It is well known that there is a steadily increasing number of attacks from outside (and unfortunately also from inside) on internal IT systems. This has led to company and IT managers pushing protective measures against such attacks and threats.

In many places, holistic security architectures or concepts have been and are being developed and implemented to minimize IT security risks in the long term.

This usually includes policies (e.g., for password handling and data protection guidelines) for users and IT specialists, the protection of IT systems/components including the use of firewalls and attack detection software, VPN/network security, the use of encryption software and "hardened" servers, and the use of automated security reports.

Regular security checks are then also carried out to ensure the maximum possible protection of an IT system landscape at all times.

From the whole to individual elements

As part of the data center readiness of Hana, the topic of security is a given, so to speak. SAP has developed a comprehensive Hana Security Guide that describes in detail security protection and mechanisms from a database perspective. It also includes the interaction of the database and database-relevant components such as the operating system (OS), network and storage from a security perspective.

SAP also provides numerous security functions for Hana.

Security Package

As a Hana and non-Hana operating system supplier, Suse also provides SAP customers with a security package for Suse Linux Enterprise Server (SLES) for SAP Applications.

This package takes comprehensive account of security-relevant aspects of Hana Suse deployment. This includes a dedicated Hana Security Guide developed by Suse, which describes, for example, the specific hardening of the SAP in-memory database together with SLES.

In addition, Suse provides regular security updates and patches for SLES. And numerous security certificates (such as GCL, FIPS 140-2 Validation for Open SSL and Common Criteria Security Certifaction EAL4+) are met with SLES.

Special Hana Security Guide

The Hana Security Guide from Suse (with Security Hardening SLES for Hana Databases) offers two things. Namely, on the one hand, a concrete action guide for protection or threat prevention in Hana Suse deployment and, on the other hand, concrete software functionality.

This makes it possible, for example, to set SLES to define various security levels (settings) according to individual prioritization.

Reduce attack surfaces

But that is not all. A Suse Firewall for Hana is also provided for use, which protects against network attacks or the opening of certain ports (from outside).

The following can also be shown via software functionality: which OS packages should be used and which can be dispensed with under certain circumstances. After all, fewer packages offer a smaller attack surface against possible threats.

Summary: For Hana data center readiness, especially in terms of security, protection mechanisms or software functionality that go beyond the standard are available. The OS platform SLES with its diverse security features contributes significantly to a "secure" Hana usage.

avatar
E-3 Magazine

Information and educational outreach by and for the SAP community.


All articles of the author

Write a comment

FUE: Estimate for new Rise-with-SAP contracts

Security for the SAP landscape

SAP Cuckoo's Egg

Working on the SAP basis is crucial for successful S/4 conversion. 

This gives the Competence Center strategic importance for existing SAP customers. Regardless of the S/4 Hana operating model, topics such as Automation, Monitoring, Security, Application Lifecycle Management and Data Management the basis for S/4 operations.

For the second time, E3 magazine is organizing a summit for the SAP community in Salzburg to provide comprehensive information on all aspects of S/4 Hana groundwork. All information about the event can be found here:

SAP Competence Center Summit 2024

Venue

Event Room, FourSide Hotel Salzburg,
At the exhibition center 2,
A-5020 Salzburg

Event date

June 5 and 6, 2024

Regular ticket:

€ 590 excl. VAT

Venue

Event Room, Hotel Hilton Heidelberg,
Kurfürstenanlage 1,
69115 Heidelberg

Event date

28 and 29 February 2024

Tickets

Regular ticket
EUR 590 excl. VAT
The organizer is the E3 magazine of the publishing house B4Bmedia.net AG. The presentations will be accompanied by an exhibition of selected SAP partners. The ticket price includes the attendance of all lectures of the Steampunk and BTP Summit 2024, the visit of the exhibition area, the participation in the evening event as well as the catering during the official program. The lecture program and the list of exhibitors and sponsors (SAP partners) will be published on this website in due time.