Protect4S - VM User Guide
  • Protect4S - VM User Guide
  • Introduction
    • Quick setup
    • Support
    • Protect4S VM place in SAP system landscape
  • Pre-conditions and installation
    • Supported operating system and database types
    • Software version requirements
    • Recommendations
    • Heterogeneous database connections
  • Protect4S VM Software Installation
    • Add-On Installation, import support packages and upgrade
    • Installation post-processing
  • Create Protect4S VM users and roles
    • Distribution of satellite roles
    • satellite system ABAP RFC user using wizard
    • satellite system ABAP RFC user MANUAL SETUP
    • satellite system JAVA user
    • satellite system database user
    • satellite system operating system user
    • Operating system user other than <sid>adm
    • Satellite system BusinessObjects user
  • Check and set Application settings
  • Protect4S VM Menu
  • Execute the Quick setup
    • Company
    • Systems
      • Creating an ABAP system
      • Creating a JAVA system
      • Creating a BusinessObjects BI system
      • Creating a HANA standalone system
      • Creating a SAP Web Dispatcher system
      • Creating a SAProuter system
      • Creating a SAP Cloud Connector system
      • SAPControl security settings
  • Create a project
    • New project
    • New Scan
  • Check Template
  • Contact persons and Scan subscription
    • Contact persons
    • Scan subscriptions
  • Reports
    • Scan result
    • Scan results information
    • System tab
    • Company tab
    • Scan statistics tab
    • Check overview
    • Risk history
    • Scan statistics
    • Scan export
    • Mitigation report
    • Scan comparison
    • Management overview
    • Connection map
  • Mitigation of Vulnerabilities
    • Mitigation menu
  • Check exemptions
  • SIEM Interface
  • Integration
    • Incident Management
  • Information and support
    • Welcome menu
    • Product information
    • Check information
    • Change log
    • User Guide
    • Report a software defect
    • Feature request
  • Deinstallation
  • Appendix A: Troubleshooting Satellite System connection issues
    • SAPControl connections
    • Database connection
    • JAVA connection
    • HTTPS certificate errors
  • Appendix B: Installation database libraries
    • IBM DB2
    • MSSQL
    • MaxDB
    • Oracle
    • SAP Sybase
    • SAP HANA
  • Appendix C: satellite system Communication Ports
  • Appendix D: Protect4S VM SICF Services
  • Appendix E: using a server group
  • Appendix F System context
  • Appendix G DNS resolving
  • Appendix H Dump in Scan subsciptions
  • Appendix I HTTPURLLOC table
  • Appendix J - Risk Matrix
  • Appendix K - Short dump function module "PFL_GET_SINGLE_PARAMETER" not found
  • FAQs
    • General
    • Installation
    • Configuration
    • Projects and scans
  • Contact us
Powered by GitBook
On this page
  • 1. Group your systems
  • 2. Schedule Projects (each Project containing a group)
  • Overview

Was this helpful?

  1. Reports

Management overview

PreviousScan comparisonNextConnection map

Last updated 2 years ago

Was this helpful?

The Management overview is an UI5 report (also suited for devices like iPad and mobile) that enables you to see the security status of all your SAP systems in your SAP landscape and zoom in to the result of an individual check executed in a SAP system.

Basically this report has 3 different levels: Project, System, Check.

To use this report, execute the following 2 steps first:

1. Group your systems

To use the report, you must think of the way that you want to group the SAP systems.

For instance, do you want to see all your SAP systems in one single overview, or do you only want to have separate views of groups of SAP systems, for example: Sandbox, Development, Test and Production. You could also group on different SAP system types: like BW, ERP, CRM and PO.

2. Schedule Projects (each Project containing a group)

To create a group, schedule a Project containing the systems you have chosen. Examples:

  • choose all SAP systems

  • choose all Development SAP systems

  • choose all ERP type SAP systems

It is important to create all SAP system Scans in this Project using the same template. We recommend using the default template #1 (“all checks with default value”), so the results can be compared evenly across all SAP systems.

Schedule the Project to run repeatedly with a fixed period, for example 1 month.

Overview

After selecting the Landscape overview report from the Protect4S VM Menu, you will see view containing a list of Projects and an SAP Landscape menu:

The bar graph represents the number of SAP systems and their Risk value based on the latest run of the Project selected. By default, the most recent project run is selected, but in principle every Project shown in the list on the left can be selected.

In this case, we see a Project containing 6 Development systems. 4 Systems are classified as Medium Risk and 2 systems as having a Low Risk value.

Overview of systems

By selecting the Systems Icon in the Landscape menu, you will see the different SAP systems ID’s, their calculated Risk percentage (which is the percentage of failed checks) and the amount of checks executed for this given system.

History of a Project

It is also possible to show the Risk values of the systems within a project established in earlier project runs by selecting the History icon in the landscape menu:

In this example you can see the initial amount of SAP systems was 8 and the Risk values of most of the Development systems in this project used to be much higher. The Project run is shown on the left and the one-but-latest recent one is shown on the right.

Project information

The Project information menu option shows when the Project was run and how many System Scans this run contained:

System Menu

It is possible to drill down deeper into the results per SAP system. To access the System menu, double-click on an SAP system shown in the Overview of systems:

You will now see the Scan result of the selected SAP system:

In this view you see the amount of checks executed during the last SAP system Scan and the distribution of Risk values. The green area represents the number of Checks that passed, and the other colors represent the failed Checks.

Check Menu

To see the individual Checks, that were executed and their result (pass or fail) plus Risk value, you select the Checks menu option:

By selecting the History icon, you can see the history of the Scan results for this SAP system:

Again, the oldest System Scan is shown on the left and the latest is shown on the right.

The System History view is used to see the development of Risk over time for a particular System. This example shows, that for this System, the total amount of Checks executed has increased and that the number of failed Checks has decreased slightly.

Scan information

The Scan information option shows the following information:

Checks menu

To enter the Checks menu, select the Check Menu for a given System and double-click on a Check:

You will then see a menu that provides more information on this Check:

The information shows whether the Check is client-dependent or independent, the Platform Layer, for which System type the check is valid and the type of vulnerability that the Check belongs to.

Check Description

Check Vulnerability

Check Solution

Using the Landscape overview as Mobile report

  1. To use the report on your Mobile, log in with your mobile to the company network that holds the Protect4S system.

  2. Connect to the following URL:

https://<Protect4S server>:<HTTPS port>/sap/bc/ui5_ui5/esec/sa_risk_ovrvw/index.html

SAP Landscape overview
Overview of SAP systems
Risk History of a Project
Project history
Doubleclick on a System
Scan result for a SAP system
Checks menu
Risk History for System
Scan information
Doubleclick on a Check
Check information
Check description
Check vulnerability