CENTRALIZED sECURITY mONITORING
Xiting’s centralized security monitoring solutions enable organizations to better defend SAP systems against internal and external threats and to mitigate common vulnerabilitie.
Centralized Security Monitoring
Protecting SAP systems from cyberthreats has become an increasingly difficult and complex task due to the networked nature of modern ERP platforms.
Xiting’s centralized security monitoring solutions enable organizations to better defend SAP systems against internal and external threats and to mitigate common vulnerabilities including dangerous RFCs, changes to security-relevant configuration and security parameters, critical authorizations assigned to your users (e.g. SAP_ALL), attempted commands on the operating system level on your SAP gateway, and many more.
Xiting’s solution at a glance…
Holisitic Security Monitoring
The SIEM Connector offers you the option of reading out various SAP logs and forwarding them to your SIEM system in a standardized format. In addition, it offers you the option of performing checks through the Security Architect and thus, to generate safety-critical events, which are not in the logs.
There are several options available for transferring the logs to a SIEM system, such as: the syslog protocol or the transfer via file. If the logs are sent directly to the SIEM system, they can be encrypted to prevent the logs from being accessed while they are being transferred. The desired line format can also be freely selected, e.g. JSON or CEF format.
In order to make the connection of a complex and distributed SAP landscape as simple as possible, the SIEM connector can be operated in a central mode. A SAP ABAP central system is defined, which connects all other SAP systems in the landscape via RFC, controls the log and event collection and communicates with the SIEM system. This can be used as a central entry and connection point between the SIEM and SAP world, instead of having to set up a separate log collector for each individual SAP system.
In conjunction with a SIEM system, the SIEM Connector manages to make even large SAP landscapes evaluable and transparent in real time. It is therefore a crucial component for the integration and the development of a holistic security monitoring system.
Why use our SIEM connector?