English | Deutsch | Español

Secure SAP Interfaces with the new Virtual Forge InterfaceProfiler

July 17, 2018 | From Lars Kehrel

Virtual Forge, the leading provider of cyber security solutions for SAP®, is pleased to announce a major addition to the Virtual Forge Security Suite: The InterfaceProfiler. The new InterfaceProfiler solution is designed to automate the analysis of the wide-ranging risks of interfaces and provides a comprehensive overview of system landscapes continuously growing in complexity.

VF_SecSuiteFor SAP customers, new trends toward digitalization like cloud or Industry 4.0 will complicate existing system landscapes. Due to that, SAP customers face several challenges

  • Constantly changing communication relations
  • a continuously growing number of SAP systems and connected non-SAP systems
  • All changes have to be documented comprehensively at all times
  • All existing interfaces should adhere to the newest technology and security standards
  • interfaces can utilize different technology, e.g. HTTP, RFC (Remote Function Call), JCo (Java Connector), SMTP, etc.

All these challenges requires a continuous analysis of existing interfaces and their usage as a central aspect of the security of a company. Most companies are completely aware of this but do not have an efficient answer to this problem today.

This is where the Virtual Forge InterfaceProfiler comes in. The new solution helps companies keep track of system landscapes continuously growing in complexity. Originating from a central SAP system, InterfaceProfiler analyzes all communication relations of the entire system landscape. In doing so, InterfaceProfiler also examines interfaces that many users are not even aware of, like unauthorized downloads of lists via SAPGUI or direct access on the database. Communication with external systems is also an essential component of the analysis.

InterfaceProfiler also comes with a monitoring component built in. This provides information about interfaces which are technically still functioning but have not been used for a longer time. The inspection of utilization intervals of interfaces still in use enables the identification of unauthorized unscheduled interface activities. Within the scope of active monitoring, all events are extensively logged.

InterfaceProfiler clearly prepares the results graphically and creates significant logs of all identified vulnerabilities. For this, InterfaceProfiler creates a graphic representation of the entire system landscape and external communication partners. Various and flexible filtering and classification options provide a clear overview even of large amounts of data and help focus on critical data flows.

“The complexity of today’s SAP system landscapes means that it’s very difficult companies to obtain a comprehensive overview of their system interfaces, let alone protect them against unwanted threats.” said Thomas Kastner, Managing Director and Chief Technology Officer at Virtual Forge GmbH.“ InterfaceProfiler enables that comprehensive understanding and helps organizations ensure the right level of proactive protection across the entire enterprise.”