XCON Framework Overview & Issues Editors: Mary Barnes ( mary.barnes@nortelnetworks )
xCon for SAP
Transcript of xCon for SAP
![Page 1: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/1.jpg)
xCon for SAP Access Control & User Monitoring for SAP
![Page 2: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/2.jpg)
1 Why do we need xCon
2 What can we do with xCon
3 Compare with similar solutions
4 Details of xCon
5 Features & Advantages of xCon
6 Introduction Manufacturer
![Page 3: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/3.jpg)
3
Why do we need xCon 01
Data Leakage is a Major Risk for IT Security
[범주
이름]
[백분율]
[범주
이름]
[백분율]
[범주
이름]
[백분율]
![Page 4: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/4.jpg)
4
What can we do with xCon 02
Solution Overview
Provides usage status and upgrade
recommendations
• Provides statistical data for current system usage status : Provides statistical data for current program usage status and response time by organization and user
• Records system errors by type : unauthorized task performance, dumps in system, program execution failures, etc.
User Activity Monitoring
• SAP access control according to SAP user ID, IP address, and Period
• Prohibits access in cases of violation of security policy according to user-defined event
Access Control for SAP
• Stores input/modification activity logs for user tasks • Stores activity logs by IP for common SAP users • Monitors SAP operation activities
: master user changes, program/table meta information modifications, and login failures (including online and RFC)
1
2
3
xCon for SAP provides user activity monitoring, current usage status of its contents-based system, and upgrade recommendations using an SAP protocol-based audit log.
![Page 5: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/5.jpg)
5
Compare with similar solutions 03
xCon SAP GRC A/C SAP UI Logging DBMS A/C
Segregation of Duty (SoD)
Unit of Access Control
Interrupt Access
Transaction Data Monitoring
Monitoring Data
Monitoring Method
Special Feature
![Page 6: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/6.jpg)
Details of xCon
04
![Page 7: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/7.jpg)
7
Principle of Operation 04
Network Traffic Mirror Method
SAP DB
Server
User
Audit Log
SAP AP
Server
Switch TAP
xCon for SAP
① Mirror
Network
② SPAN
![Page 8: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/8.jpg)
8
Solution Composition 04
Diagram
O/S
DB
xCon Dispatcher
xCon Analyzer
xCon Analyzer
xCon Analyzer
…
xCon Console
xCon Audit Logger xCon Audit Indexer
Specification
Software Hardware
• OS : Ubuntu 12.04 LTS • DBMS : MySQL 5.5 • WAS : Apache Tomcat 6.0
• CPU : Intel(R) Xeon(R) CPU E5-2670 0 @ 2.60GHz * 4 • MEMORY : 48GB • HDD : 600G(10000 rpm) * 8 • NIC : Inter I350 Chipset Series (1G Network)
Intel 82599 Chipset Series (10G Network)
![Page 9: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/9.jpg)
9
Access Control 04
System Login Control
Task Access Shutoff
![Page 10: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/10.jpg)
10
User Activity Monitoring 04
Type of event
![Page 11: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/11.jpg)
11
Statistical Report 04
![Page 12: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/12.jpg)
12
Features & Advantages of xCon 05
Provides audit convenience
• Provides auditing-related conveniences from the perspective of the administrator based on years of SAP consulting experience and know-how
• Various event tracking functions using flexible rule engine
Outstanding protocol analysis
• Reduces storage space by extracting important data in the packet using outstanding SAP protocol analysis technology
• For audit inquiries, provides an intuitive inquiry function and evidential data by reconfiguring the SAP GUI screen
Supporting SAP protocol
• SAP User Monitoring Solution supporting SAP DIAG/RFC Protocol • Collects and saves all data related to user activities (IP, UserID, Tcode,
Input/Output Value) • Searches with diverse key words and provides evidential data
User-oriented monitoring
• Provides current system usage data from the perspective of the actual user
• Provides user-oriented data which can be used for system improvement and upgrade
No impacts to existing system
• No performance degradation of SAP and resulting malfunctions thanks to the Network Traffic Mirror Method
• No impact on operating SAP when installing xCon for SAP
![Page 13: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/13.jpg)
13
Introduction of Manufacturer 06
INSPIEN
Company INSPIEN CEO Choi, Jeong-gyu
Business Area
Address
Contact
Foundation
No. of Employees
Product Contents Clients
RTIMS (2010.10)
SecureDB for SAP
(2011.07)
xCon for SAP
(2013.07)
![Page 14: xCon for SAP](https://reader030.fdocuments.in/reader030/viewer/2022012408/616a2ddb11a7b741a34fac3d/html5/thumbnails/14.jpg)
End of Document
Contact Information Representative of Sales Division: Director Shin, Dong-Ha ( E: [email protected] M: +82-10-8148-7137 ) Representative of Sales Division: Sales & Marketing Manager Lee, Dong-Ha ( E: [email protected] M: +82-10-2812-7177 ) www.inspien.co.kr