WIXLIB

SAP HANA Security Guide - Trigger-Based Data ReplicationUsing SAP LT (Landscape Transformation) Replication Server for SAP HANA SAP HANA Appliance Software SPS04Target Audience Consultants Administrators SAP Hardware Partner OthersPublicDocument version 1.1 – 01/10/2012

Copyright Copyright 2012 SAP AG. All rights reserved.No part of this publication may be reproduced or transmitted in any form or for any purposewithout the express permission of SAP AG. The information contained herein may bechanged without prior notice.Some software products marketed by SAP AG and its distributors contain proprietarysoftware components of other software vendors.Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of MicrosoftCorporation.IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x,System z, System z10, System z9, z10, z9, iSeries, pSeries, xSeries, zSeries, eServer, z/VM,z/OS, i5/OS, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM,Power Architecture, POWER6 , POWER6, POWER5 , POWER5, POWER, OpenPower,PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX, Intelligent Miner,WebSphere, Netfinity, Tivoli and Informix are trademarks or registered trademarks of IBMCorporation.Linux is the registered trademark of Linus Torvalds in the U.S. and other countries.Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registeredtrademarks of Adobe Systems Incorporated in the United States and/or other countries.Oracle is a registered trademark of Oracle Corporation.UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group.Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin aretrademarks or registered trademarks of Citrix Systems, Inc.HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C , WorldWide Web Consortium, Massachusetts Institute of Technology.Java is a registered trademark of Sun Microsystems, Inc.JavaScript is a registered trademark of Sun Microsystems, Inc., used under license fortechnology invented and implemented by Netscape.SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP Business ByDesign, andother SAP products and services mentioned herein as well as their respective logos aretrademarks or registered trademarks of SAP AG in Germany and other countries.Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, CrystalDecisions, Web Intelligence, Xcelsius, and other Business Objects products and servicesmentioned herein as well as their respective logos are trademarks or registered trademarks ofBusiness Objects S.A. in the United States and in other countries. Business Objects is anSAP company.All other product and service names mentioned are the trademarks of their respectivecompanies. Data contained in this document serves informational purposes only. Nationalproduct specifications may vary.These materials are subject to change without notice. These materials are provided by SAPAG and its affiliated companies ("SAP Group") for informational purposes only, withoutrepresentation or warranty of any kind, and SAP Group shall not be liable for errors oromissions with respect to the materials. The only warranties for SAP Group products and

SAP HANA Security Guide – Trigger-Based Replication (SLT)services are those that are set forth in the express warranty statements accompanying suchproducts and services, if any. Nothing herein should be construed as constituting anadditional warranty.Icons in Body taxAdditional icons are used in SAP Library documentation to help you identify different types ofinformation at a glance. For more information, see Help on Help General InformationClasses and Information Classes for Business Information Warehouse on the first page of anyversion of SAP Library.Typographic ConventionsType StyleDescriptionExample textWords or characters quoted from the screen. These include fieldnames, screen titles, pushbuttons labels, menu names, menu paths,and menu options.Cross-references to other documentation.Example textEmphasized words or phrases in body text, graphic titles, and tabletitles.EXAMPLE TEXTTechnical names of system objects. These include report names,program names, transaction codes, table names, and key concepts of aprogramming language when they are surrounded by body text, forexample, SELECT and INCLUDE.Example textOutput on the screen. This includes file and directory names and theirpaths, messages, names of variables and parameters, source text, andnames of installation, upgrade and database tools.Example textExact user entry. These are words or characters that you enter in thesystem exactly as they appear in the documentation. Example text Variable user entry. Angle brackets indicate that you replace thesewords and characters with appropriate entries to make entries in thesystem.EXAMPLE TEXTKeys on the keyboard, for example, F2 or ENTER.SAP HANA Appliance Software2

SAP HANA Security Guide – Trigger-Based Replication (SLT)Introduction . 4Before You Start. 6Technical System Landscape . 8User Administration and Authentication . 11Authorizations . 12Network and Communication Security . 17Network Security . 17Communication Destinations. 17SAP HANA Appliance Software3

SAP HANA Security Guide – Trigger-Based Replication (SLT)IntroductionThis guide does not replace the administration or operation guides that areavailable for productive operations.Target Audience Technology consultants Security consultants System administratorsThis document is not included as part of the Installation Guides, Configuration Guides,Technical Operation Manuals, or Upgrade Guides. Such guides are only relevant for a certainphase of the software life cycle, whereas the Security Guides provide information that isrelevant for all life cycle phases.Why Is Security Necessary?With the increasing use of distributed systems and the Internet for managing business data,the demands on security are also on the rise. When using a distributed system, you need tobe sure that your data and processes support your business needs without allowingunauthorized access to critical information. User errors, negligence, or attemptedmanipulation of your system should not result in loss of information or processing time. Thesedemands on security apply likewise to the Trigger-Based Data Replication Using SAP LT(Landscape Transformation) Replication Server. To assist you in securing the Trigger-BasedData Replication Using SAP LT Replication Server, we provide this Security Guide.About this DocumentThe Security Guide provides an overview of the security-relevant information that applies tothe Trigger-Based Data Replication Using SAP LT Replication Server.Overview of the Main SectionsThe Security Guide comprises the following main sections: Before You StartThis section contains information about why security is necessary, how to use thisdocument, and references to other Security Guides that build the foundation for thisSecurity Guide. Technical System LandscapeThis section provides an overview of the technical components and communicationpaths that are used by the Trigger-Based Data Replication Using SAP LT ReplicationServer. User Administration and AuthenticationThis section provides an overview of the user administration and authentication. AuthorizationsThis section provides an overview of the authorization concept that applies to theTrigger-Based Data Replication Using SAP LT Replication Server.SAP HANA Appliance Software4

SAP HANA Security Guide – Trigger-Based Replication (SLT) Network and Communication SecurityThis section provides an overview of the communication paths used by the TriggerBased Data Replication Using SAP LT Replication Server and the security mechanismsthat apply.SAP HANA Appliance Software5

SAP HANA Security Guide – Trigger-Based Replication (SLT)Before You StartRelated GuidesPay particular attention to the most relevant sections or specific restrictions as indicated in thetable below.SAP LT (Landscape Transformation) Replication Server GuidesFor more information about SAP LT Replication Server for SAP HANA, see the resourceslisted in the table below.TopicGuide/ToolQuick Link to the SAP Service MarketplaceTrigger-basedReplicationInstallation Guidehttps://service.sap.com/hanaSAP HANA Installation Guide –Trigger Based Replication (SLT)SAP HANA GuidesFor more information about SAP HANA landscape, security, installation and administration,see the resources listed in the table below.TopicGuide/ToolQuick LinkSAP HANALandscape,Deployment &InstallationSAP HANA KnowledgeCenter on SAP ServiceMarketplacehttps://service.sap.com/hanaSAP HANAAdministration& SecuritySAP HANA KnowledgeCenter on SAP Help Portal SAP HANA Master Guide SAP HANA Installation ana appliance SAP HANA Technical OperationsManual SAP HANA Security GuideFor a complete list of the available SAP Security Guides, see SAP Service Marketplace athttp://service.sap.com/securityguide.Important SAP NotesSAP NoteLinkSAP Note 1514967 SAP HANA: Central NoteCentral SAP Note about SAP HANAappliance softwareSAP Note 1598623 SAP HANA appliancesoftware: Central Security NoteCurrent information about SAP HANAsecurity topicsFor a list of additional security-relevant SAP Hot News and SAP Notes, see SAP ServiceMarketplace at http://service.sap.com/securitynotes.Additional InformationFor more information about specific topics, see the Quick Links as shown in the table below.ContentQuick Link on SAP Service Marketplace or SDNSecurityhttp://sdn.sap.com/irj/sdn/securitySAP HANA Appliance Software6

SAP HANA Security Guide – Trigger-Based Replication (SLT)Security Guideshttp://service.sap.com/securityguideRelated SAP p.com/securitynotesReleased platformshttp://service.sap.com/pamNetwork securityhttp://service.sap.com/securityguideSAP Solution Managerhttp://service.sap.com/solutionmanagerSAP NetWeaverhttp://sdn.sap.com/irj/sdn/netweaverSAP HANA Appliance Software7