Auditing – audit all except the SAPService

As the SAP database is one of most important assets you have, it makes sense to monitor any access to the database, that is not driven by the SAP System itself. You can do this by setting up an extended event session, that monitors all accesses, except these from the SAPService<SID> and SYSTEM account.  Normally… Read more

How to enable SAP "enhanced monitoring" via Powershell

Update Sep 27 2012 bug fix in PS script. An issue showed up using the script on a Windows 2012 server. The script failed to remove an entry from the two local user groups due to case sensitivity regarding the VM name.   Status Quo    I published a blog beginning of the year which describes… Read more

SAP on SQL Server Security Whitepaper Released

 In response to requests from customers and partners we have documented a security procedure that has been successfully deployed at many customer sites over the last few years. This document also includes some very interesting comparisons between UNIX Security and Windows Security.  This Security Guide describes how to use Microsoft Active Directory and Windows tools… Read more

How to Setup a Dedicated SAP Application Server to DB Server Network

   What is a Dedicated SAP Application Server to DB Network & Do I Need One? A dedicated SAP Network is a network interface that is separated from the normal “Public” user network and carries only network traffic between the SAP application servers, the (A)SCS and the SQL Server database.  This blog discusses why and… Read more

SAP enhanced monitoring on Hyper-V

Why “enhanced monitoring” ?   SAP developed a very comprehensive and sophisticated monitoring framework over the years to monitor SAP, OS, Database and the hardware infrastructure. All the numbers and output can be seen via the SAP GUI using certain transactions ( e.g. OS07, ST06 ).With virtualization a new challenge arose. Let’s take root cause… Read more

SQL Server network encryption with SAP

Reason Defense, Security, Public Safety, Government and Financial customers sometimes require additional protection from Man-in-the-Middle and other threats.  SQL Server like other commercially available databases supports encrypting the communication channel between the SQL Server database and the client application.  The encryption mechanism is handled between the SQL Native Access Client (SNAC) and SQL Server and… Read more