xCon for SAP
Transcript of xCon for SAP
xCon for SAP Access Control & User Monitoring for SAP
1 Why do we need xCon
2 What can we do with xCon
3 Compare with similar solutions
4 Details of xCon
5 Features & Advantages of xCon
6 Introduction Manufacturer
3
Why do we need xCon 01
Data Leakage is a Major Risk for IT Security
[범주
이름]
[백분율]
[범주
이름]
[백분율]
[범주
이름]
[백분율]
4
What can we do with xCon 02
Solution Overview
Provides usage status and upgrade
recommendations
• Provides statistical data for current system usage status : Provides statistical data for current program usage status and response time by organization and user
• Records system errors by type : unauthorized task performance, dumps in system, program execution failures, etc.
User Activity Monitoring
• SAP access control according to SAP user ID, IP address, and Period
• Prohibits access in cases of violation of security policy according to user-defined event
Access Control for SAP
• Stores input/modification activity logs for user tasks • Stores activity logs by IP for common SAP users • Monitors SAP operation activities
: master user changes, program/table meta information modifications, and login failures (including online and RFC)
1
2
3
xCon for SAP provides user activity monitoring, current usage status of its contents-based system, and upgrade recommendations using an SAP protocol-based audit log.
5
Compare with similar solutions 03
xCon SAP GRC A/C SAP UI Logging DBMS A/C
Segregation of Duty (SoD)
Unit of Access Control
Interrupt Access
Transaction Data Monitoring
Monitoring Data
Monitoring Method
Special Feature
Details of xCon
04
7
Principle of Operation 04
Network Traffic Mirror Method
SAP DB
Server
User
Audit Log
SAP AP
Server
Switch TAP
xCon for SAP
① Mirror
Network
② SPAN
8
Solution Composition 04
Diagram
O/S
DB
xCon Dispatcher
xCon Analyzer
xCon Analyzer
xCon Analyzer
…
xCon Console
xCon Audit Logger xCon Audit Indexer
Specification
Software Hardware
• OS : Ubuntu 12.04 LTS • DBMS : MySQL 5.5 • WAS : Apache Tomcat 6.0
• CPU : Intel(R) Xeon(R) CPU E5-2670 0 @ 2.60GHz * 4 • MEMORY : 48GB • HDD : 600G(10000 rpm) * 8 • NIC : Inter I350 Chipset Series (1G Network)
Intel 82599 Chipset Series (10G Network)
9
Access Control 04
System Login Control
Task Access Shutoff
10
User Activity Monitoring 04
Type of event
11
Statistical Report 04
12
Features & Advantages of xCon 05
Provides audit convenience
• Provides auditing-related conveniences from the perspective of the administrator based on years of SAP consulting experience and know-how
• Various event tracking functions using flexible rule engine
Outstanding protocol analysis
• Reduces storage space by extracting important data in the packet using outstanding SAP protocol analysis technology
• For audit inquiries, provides an intuitive inquiry function and evidential data by reconfiguring the SAP GUI screen
Supporting SAP protocol
• SAP User Monitoring Solution supporting SAP DIAG/RFC Protocol • Collects and saves all data related to user activities (IP, UserID, Tcode,
Input/Output Value) • Searches with diverse key words and provides evidential data
User-oriented monitoring
• Provides current system usage data from the perspective of the actual user
• Provides user-oriented data which can be used for system improvement and upgrade
No impacts to existing system
• No performance degradation of SAP and resulting malfunctions thanks to the Network Traffic Mirror Method
• No impact on operating SAP when installing xCon for SAP
13
Introduction of Manufacturer 06
INSPIEN
Company INSPIEN CEO Choi, Jeong-gyu
Business Area
Address
Contact
Foundation
No. of Employees
Product Contents Clients
RTIMS (2010.10)
SecureDB for SAP
(2011.07)
xCon for SAP
(2013.07)
End of Document
Contact Information Representative of Sales Division: Director Shin, Dong-Ha ( E: [email protected] M: +82-10-8148-7137 ) Representative of Sales Division: Sales & Marketing Manager Lee, Dong-Ha ( E: [email protected] M: +82-10-2812-7177 ) www.inspien.co.kr