Protect4S - VM User Guide
  • Protect4S - VM User Guide
  • Introduction
    • Quick setup
    • Support
    • Protect4S VM place in SAP system landscape
  • Pre-conditions and installation
    • Supported operating system and database types
    • Software version requirements
    • Recommendations
    • Heterogeneous database connections
  • Protect4S VM Software Installation
    • Add-On Installation, import support packages and upgrade
    • Installation post-processing
  • Create Protect4S VM users and roles
    • Distribution of satellite roles
    • satellite system ABAP RFC user using wizard
    • satellite system ABAP RFC user MANUAL SETUP
    • satellite system JAVA user
    • satellite system database user
    • satellite system operating system user
    • Operating system user other than <sid>adm
    • Satellite system BusinessObjects user
  • Check and set Application settings
  • Protect4S VM Menu
  • Execute the Quick setup
    • Company
    • Systems
      • Creating an ABAP system
      • Creating a JAVA system
      • Creating a BusinessObjects BI system
      • Creating a HANA standalone system
      • Creating a SAP Web Dispatcher system
      • Creating a SAProuter system
      • Creating a SAP Cloud Connector system
      • SAPControl security settings
  • Create a project
    • New project
    • New Scan
  • Check Template
  • Contact persons and Scan subscription
    • Contact persons
    • Scan subscriptions
  • Reports
    • Scan result
    • Scan results information
    • System tab
    • Company tab
    • Scan statistics tab
    • Check overview
    • Risk history
    • Scan statistics
    • Scan export
    • Mitigation report
    • Scan comparison
    • Management overview
    • Connection map
  • Mitigation of Vulnerabilities
    • Mitigation menu
  • Check exemptions
  • SIEM Interface
  • Integration
    • Incident Management
  • Information and support
    • Welcome menu
    • Product information
    • Check information
    • Change log
    • User Guide
    • Report a software defect
    • Feature request
  • Deinstallation
  • Appendix A: Troubleshooting Satellite System connection issues
    • SAPControl connections
    • Database connection
    • JAVA connection
    • HTTPS certificate errors
  • Appendix B: Installation database libraries
    • IBM DB2
    • MSSQL
    • MaxDB
    • Oracle
    • SAP Sybase
    • SAP HANA
  • Appendix C: satellite system Communication Ports
  • Appendix D: Protect4S VM SICF Services
  • Appendix E: using a server group
  • Appendix F System context
  • Appendix G DNS resolving
  • Appendix H Dump in Scan subsciptions
  • Appendix I HTTPURLLOC table
  • Appendix J - Risk Matrix
  • Appendix K - Short dump function module "PFL_GET_SINGLE_PARAMETER" not found
  • FAQs
    • General
    • Installation
    • Configuration
    • Projects and scans
  • Contact us
Powered by GitBook
On this page
  • Scan comparison
  • Tracking mitigation & remediation work
  • Scan comparison export to Excel

Was this helpful?

  1. Reports

Scan comparison

PreviousMitigation reportNextManagement overview

Last updated 2 years ago

Was this helpful?

The Scan comparison report can be started by selecting it from the main menu:

The Scan comparison report provides an easy way to:

  • compare the results of scans for several different satellite systems side-by-side in a single overview.

  • compare the different scans for a single satellite system.

A selection of the different scans can be made by selecting the scans for a single satellite system ID first and then selecting multiple individual rows and pressing the "Display" button afterwards:

Scan comparison

The start screen of this report consists of a selection screen in which the latest 100 scans are presented. By selecting multiple scans (for different SAP systems each) and by pressing the display button while holding the <CTRL> button down, a vulnerability overview is presented with the results of each check presented for each system side-by-side in separate columns:

By pressing the button "Display only the differences" one can quickly see the differences in detailed check results.

All information about every check can be accessed by the information button at the start of each row. By pressing on the information button, the check -description, -parameters, -vulnerability, -solution and -references (to OSS notes or SAP Help) can be inspected:

Tracking mitigation & remediation work

It is possible to track the results of mitigation and remediation work executed for an SAP system. In that case you can select 2 different Scans of that SAP system for comparison: one before - and one after the mitigation/remediation work was executed:

By pressing the button "Display only the differences" you can see the differences in vulnerability between the two scans. In this case, an SAP system called DE2 was scanned on 20.06.2019 (column on the right) and also on 15.01.2021. The differences between both columns are due to the application of support packages. You can read the green entries (Pass) where there used to be a red entry (Fail) on the right as implemented OSS Notes as the result of applying patches. Green or Red entries in the left column that did not in the (earlier) on the right are newer checks in Protect4S VM.

By comparing the 2 columns it is easy to see exactly which Risks were remediated in the period between the 2 scans.

Scan comparison export to Excel

Using the "Overview export" button, this report can be exported to a spreadsheet. First a selection screen is presented for this export in which the various attributes can be selected for export:

After pushing the "Export" button, a local file is created that contains the report in Excel format:

This report is extremely useful for reporting on the vulnerabilities present in multiple SAP systems or even multiple SAP landscape. There is no limit for the amount of systems that can be presented.

Grouping of statistics per Run-ID

When during the export you select the "Group Statistics by Run-ID" option, the statistics on the second tab of the exported excel sheet will show the statistics per Run-ID instead of one aggregated view:

Selecting different scans for a single satellite system
Comparing the results of different scans for a single satellite system
Check information display from Scan comparison list
Checking the results of mitigation work (application of OSS Security Notes)