RFC interfaces play a crucial role in many SAP implementations by enabling data exchange between SAP systems as well as between SAP and non-SAP systems. Unfortunately, many RFC interfaces are “over-authorized” and have more powerful roles than they need. This opens up critical vulnerabilities in your SAP landscape.
Our RFC cleanup service is performed according to SAP best practices with the help of the Xiting Authorizations Management Suite (XAMS).
Benefits at a glance
- Analysis of your RFC destinations and related system users, applying best practice recommendations
- Prevention of unauthorized accesses via RFC interfaces by adapting and optimizing your RFC destinations
- Cleanup in a short time without negatively impacting your business processes
Preparation and analysis of the current RFC interface status
- Determination of the scope of RFC destinations in both source and target systems as well as definition of related system users
- Analysis of recent user “activity” using XAMS tools
- Creation of new system users as defined during the analysis
- Building of new roles using the collected trace data
- Transport of new roles through the system landscape and assignment to the users
- Verification of updated RFC destinations
- Productive Test Simulation using XAMS of users to identify roles with potentially missing authorizations
- Go-live and monitoring of users with the help of XAMS agents to prevent disruptions in the event of missing authorizations
- Status review and subsequent final cleanup
Optionally, SAP gateways can also be secured, and UCON/RFC callbacks can be implemented or hardened to increase the security of your RFC interfaces further.