The new features of XAMS with Service Pack 18

News, SAP Security, XAMS Annika Braun

Simplified Fiori App Identification, SU24N Support, and Xiting Rule Engine – The presentation of the XAMS SP18 release!

Xiting is pleased to announce the latest release of Xiting Authorizations Management Suite (XAMS) SP18, which builds upon the success of its predecessor, SP17. Based on extensive feedback from our customers and experience in various projects, our team of Xiting developers has added several new features to enhance the product’s usability.

We would like to highlight the following developments:

  • Fiori App Tracker: Simplify identification of used Fiori apps with the Fiori App Tracker, users can now easily identify and track the usage of Fiori apps within their SAP environment. This feature streamlines the identification process and saves valuable time for users.
  • Consistent support of SU24 variants: The XAMS SP18 release offers consistent support for SU24 variants, providing users with a more seamless experience when using XAMS with SAP standard.
  • Xiting Rule Engine for the SIEM Connector: The Xiting Rule Engine for the SIEM Connector enables users to create and manage custom rules for their SIEM connectors. This feature provides users with enhanced control over their system’s security.

In summary, the XAMS SP18 release offers several exciting new features that improve the product’s usability and provide greater control over system security.

Simplified Fiori Administration

Xiting is proud to several new features to simplify Fiori administration and reduce complexity in S/4HANA projects.

One of the most significant developments is the Fiori App Tracker, which allows users to identify the Fiori App IDs being used and understand the forward navigation to related apps. This information is not available in any trace data in SAP standard, making the Fiori App Tracker a valuable tool for simplifying Fiori administration and improving transparency in projects. Figure 1 shows a section of the Fiori App Tracker results.

Figure 1: The Fiori apps used can be identified with the Fiori App Tracker

Existing Fiori concepts can also benefit from the Fiori App Tracker, enabling users to compare apps according to the principle of least privilege and track which apps are actually being used. The forward navigation within Fiori Apps to related apps is also transparently visible.

To learn more about the Fiori App Tracker, register for our use case webinar.

Register for Webinar: Fiori App Tracker

Xiting Times also includes many changes to improve usability, such as regrouping customizing switches to make configuration clearer and enabling session cloning for customers with a Fiori Hub scenario to use PGL or EAM in self-service. With the new release, a centralized approval of sessions via workflow can now take place on any central system, e.g. if a CUA is in use.

The Fiori UI in the Security Architect has also been further developed, enabling cross-system mitigations for exceptions and optional central management of CheckIDs to eliminate decentralized maintenance effort.

Other helpful functions for Fiori authorization concepts include the Role Replicator, which can manage and transport new technical catalogs of SAP in bulk, and the Role Profiler report for simplified analysis of spaces and pages contained in roles.

XAMS SP18 offers several new features to simplify Fiori administration and improve usability. Try it today and experience the difference for yourself.

Simplified Management of SU24 Variants

Xiting is excited to announce that XAMS SP18 includes support for SU24 variants in all tools, making the maintenance and assignment of these variants easier for users. With the introduction of default authorization proposal data variants by SAP via transaction SU24N, followed by S/4HANA 2021’s transfer into transaction SU24, the variants enable the assignment of authorizations for “enjoy transactions” such as BP or MIGO. This allows for different access scenarios to be mapped for an application, reducing the maintenance effort in the roles.

To ensure purely display access within the SU24 variants, the role profiler report can be used. This supports the authorization administration in adhering to the authorization concept and simplifies subsequent analysis (e.g., after SU25 upgrades).

In addition, XAMS SP18 offers bulk maintenance of SU24 variants in the Role Builder, allowing variants to be taken into account during SU24 optimization. The Role Replicator also enables mass management of SU24 variants using upload and download functions. The modeling of the content of the application variants can be done with just one click, as shown in Figure 2.

Figure 2: Modeling of SU24 application variants in the Role Replicator

To learn more about the simplified management of SU24 variants with XAMS SP18, register for our use case webinar.

Register for Webinar: Optimized Role Building with SU24 Variants

Xiting is excited to announce several new features with XAMS SP18, including improvements to the Role Replicator, CRAF integration in PFCG, and the Xiting Rule Engine for the SIEM Connector.

Further Improvements to Role Replicator

The Role Replicator enables the creation of a company-wide organization set from which roles can be derived for specific branches. XAMS SP18 includes improved performance for the Role Replicator, making a significant difference, especially with a large number of replication pairs. The option to show/hide status icons per user and the ability to organize replication pairs into folders for better organization also make the tool more user-friendly. Figure 3 shows a clear structuring of replications with groups for roles from the Sales area.

Figure 3: Clear structuring of the replicas with groups, here for example roles from the Sales area.

Craf Integration in PFCG

With CRAF integration in PFCG, authorization administrators can check whether company requirements are being met during role creation. The rule variant stored in Customizing is automatically checked when the profile is generated for the role, providing a quick overview of whether and with what risks the authorization profile of a role was designed. Errors can be corrected immediately, and exceptions can be mitigated if necessary.

Register for Webinar: CRAF Integration in PFCG

Xiting Rule Engine for SIEM Connector

The Xiting Rule Engine for the SIEM Connector, introduced in XAMS SP17, enables real-time detection of threats. With XAMS SP18, the Xiting Rule Engine has been further developed to deliver complex rules that combine different log sources. Users can adapt and expand the set of rules according to their needs, and generated alerts can be forwarded to the connected SIEM system. To learn more about these new features, register for our separate use case webinars.

Experience the Xiting Rule Engine in our live webinar. Please register under the following link:

Register for Webinar: Rule Engine im SIEM Connector

To learn more about these new features, register for our separate use case webinars!

XAMS SP18 offers a variety of new features and improvements to simplify administration and reduce complexity in S/4HANA projects. Check out our services and contact us for support or further insights.

Overview of all SP18 Webinars
Contact

Get in touch with us!

Do you have questions about our products?

+41 43 422 8803
[email protected]
+49 7656 8999 002
[email protected]
+1 855 594 84 64
[email protected]
+44 1454 838 785
[email protected]
Contact
Webinars

Attend our live webinars and learn more from our experts about SAP authorizations, XAMS, SAP IDM and many other topics in the context of SAP security.

Register now