SAP NetWeaver Visual Composer Security Guide

With the increasing use of distributed systems and the Internet for managing business data, the demands on security are also on the rise. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation on your system should not result in loss of information or processing time. These demands on security apply likewise to SAP NetWeaver Visual Composer. To assist you in securing Visual Composer, we provide this Security Guide.

Target Audience

·        Technology consultants

·        System administrators

This document is not included as part of the Installation Guides, Configuration Guides, Technical Operation Manuals, or Upgrade Guides. Such guides are only relevant for a certain phase of the software life cycle, whereas the Security Guides provide information that is relevant for all life cycle phases.

About this Document

The Security Guide provides an overview of the security-relevant information that applies to SAP NetWeaver Visual Composer. This manual contains the following main sections:

·        Before You Start

This section contains information about how to use this document, with references to other Security Guides and Visual Composer documentation.

·        Technical System Landscape

This section provides an overview of the technical components and communication paths that are used by Visual Composer.

·        User Administration and Authentication

This section describe the user management and authentication mechanisms relevant for running Visual Composer.

·        Network and Communication Security

This section provides an overview of the communication paths used by Visual Composer and the security mechanisms that apply. It also includes our recommendations for the network topology to restrict access at the network level.

·        Data Store Security

This section provides an overview of critical data used by Visual Composer and the security mechanisms that apply.

·        Other Security Relevant Information

This section discusses creating trusted sites for J2EE in Internet Explorer and configuring custom security for Microsoft XML and Adobe SVG Viewer.

·        Trace and Log Files

This section provides a link to information about the trace and log files that contain security-relevant information.