Identified as HotNews SAP Note #2934135 (CVE-2020-6287) in the July 2020 SAP Security Notes mentioned in our earlier blog SAP Security Patch Day, the RECON (Remotely Exploitable Code On NetWeaver) vulnerability has a CVSS score of 10 out of 10 (the most severe) and can potentially be exploited impacting the confidentiality, integrity and availability of mission-critical SAP applications.
Earlier this week, we wrote about the importance of Best Practices for Remote Teams and remote management platform. As you likely already know, on March 11, 2020, The WHO (World Health Organization) officially declared the COVID-19 a Pandemic.
Monitoring SAP Application Locks and Enqueue
The restriction on data modification, while a data record is being changed by another user, is to ensure data consistency within an SAP system. This is achieved through the use of enqueue service/lock management mechanism which handles locks in the lock table. This locking concept prevents concurrent access to data records by multiple users which may lead to data inconsistency.
DB Performance Analysis
Top down service management involves App, DB, OS and other infrastructure components, performed in a correlated fashion. Identifying performance bottlenecks promptly within the database is very critical for enterprise applications which heavily depend on OLTP or OLAP transactions. Proactive database performance monitoring will prevent incidences that can threaten the stability of your systems. It's imperative therefore to have an effective tool and automated process for monitoring the health of your systems to ensure the continuous availability and performance of mission-critical enterprise applications.
SAP Workload Monitoring
Good application and system design incorporates both high availability and performance. A best practice in monitoring performance is managing workloads as KPIs against system bandwidth/capacity utilization. Establishing performance baselines and constantly monitoring workload KPIs against it as a way of managing service levels.
SAP OS Monitoring
Most organizations have IT teams responsible for monitoring and managing the infrastructure (OS, Storage, Network), however for SAP Basis teams, it's still very critical to monitor and manage the OS as part of the overall top down/bottom up approach in availability and performance management. It's hard to analyze application or database performance and not have capacity/utilization/bottlenecks of the dependent infrastructure OS/VM/Physical systems.
SAP Backup Monitoring
It's best-practice to regularly back up your operating system and database to restore the SAP system should the need arise. Hence one of the chief responsibilities of an SAP Administrator and/or DBA/SysAdmin is to have an appropriate method for performing this set of duties, preferably through some automation.
SAP Job Monitoring & Management
Most SAP systems today are heavily dependent on critical background jobs to power the business processes. As much as there are focus on the latest UX/UI and user interactions, the facts are more than 60% of SAP business suite systems are consumed by background processing. So much so that some of IT-Conductor's customers want to focus our monitoring primarily on background processing and related alerts and performance.
SAP Output (Spool) Management
Printing from SAP is an important function of the business application. It is a specialized area of focus due to the critical dependency of most business processes such as invoicing, bill of materials, packing slips, pay checks, etc. We have experience with customers whose manufacturing production line literally stops when the print jobs from SAP fails. Even with today's electronic output format such as Adobe PDF, the delivery of these documents to the recipient stops when the Adobe Document Services (ADS) fails.