Page 1 of 3 • solution brief • TREND MICRO DEEP SECURITY FOR SAP® SYSTEMS

solution brief

trend Micro

DEEP SECURITY FOR SAP® SYSTEMS

PROTECTING SAP® SYSTEMS It’s absolutely critical to safeguard the highly sensitive financial, HR, customer, and supply-chain data stored in SAP systems. With businesses commonly accessing these systems via the web, attackers can more readily target and exploit vulnerabilities in operating systems, web servers, and the actual business applications. With Internet threats and targeted attacks constantly growing in number and complexity, it can seem tough to keep your valuable data safe. In addition, the transformation of the data center by virtualization and cloud computing has brought a need for security built for these environments that will not impact performance or introduce security gaps.

COMMITTED TO SECURITY Information security is a top priority for SAP, and the company strives to continuously improve security through native enhancements and third-party solutions. Together with SAP partners and companies with SAP-certified integration such as Trend Micro, SAP delivers secure enterprise solutions that are better able to defend against malware, denial-of-service attacks, cross-site scripting, and other advanced and targeted attacks.

TREND MICRO DEEP SECURITY FOR SAP SYSTEMS trend Micro Deep security for sAP systems provides advanced server security for physical, virtual, and cloud servers. Capabilities include:

• Anti-malware with web reputation. Get timely protection against the constant malware attacks on your systems and data. Powered by the Trend Micro™ Smart Protection Network™, Deep Security deployments leverage the latest in global threat intelligence.

• Intrusion detection and prevention. Shield unpatched vulnerabilities like Shellshock and Heartbleed from attack with security policies that update automatically to ensure the right protection is applied to the right cloud servers at the right time.

”

”

With Deep Security, we can offer our customers the best possible solution to protect their infrastructures, including specific rules for SAP and similar systems, while also incorporating SAP VSI 2.0 functionality.

Markus Stretz Managing Director, Q-Partners

Page 2 of 3 • solution brief • TREND MICRO DEEP SECURITY FOR SAP® SYSTEMS

• Advanced host firewall. Create a firewall perimeter around each cloud server to block attacks and limit communication to only the ports and protocols necessary, with the ability to log and audit traffic for compliance reporting at the instance level.

• Integrity monitoring. Meet your compliance file and system monitoring requirements while ensuring unauthorized or out-of-policy changes—across files, ports, registries, and more—are detected and reported.

• Log inspection. Use the centralized security console to identify important security events buried in multiple log entries; and, forward suspicious events to SIEM system or centralized logging server for correlation, reporting, and archiving.

• SAP database and MIME repository protection. Protect your SAP assets from cross-site scripting and malware attacks with the Deep Security for SAP module.

Deep Security also helps simplify security operations while enabling regulatory compliance with PCI DSS 2.0, HIPAA, FISMA/NIST, NERC, and SSAE-16, and accelerates the ROI of virtualization and cloud projects.

SAP customers also benefit from Deep Security’s seamless integration with Amazon Web Services (AWS), VMware, Microsoft Azure, and other leading cloud and virtualization providers to automate cloud deployment and virtualized systems without compromising performance.

SAP CERTIFIED—INTEGRATION WITH SAP NETWEAVER™ Trend Micro is proud to have achieved SAP-certified integration with the SAP NetWeaver platform. It protects SAP deployments, helping to secure critical information from a wide variety of threats such as malware, cross-site scripting, and SQL injection.

”

”

We made the right choice with Deep Security and benefit in many ways.

Urs Villa sourcing Manager, upc cablecom

Page 3 of 3 • solution brief • TREND MICRO DEEP SECURITY FOR SAP® SYSTEMS

HOW IT WORKS 1. SAP customer environments are secured through the SAP Virus Scan Interface (VSI), the

security component of the SAP NetWeaver platform. The VSI is used to secure all forms of customer content including documents, embedded images, and active content including javascript and scripts in PDF and Office documents. Deep Security for SAP systems works seamlessly with SAP NetWeaver technology and the SAP HANA® platform.

2. Deep Security for SAP systems scans the content uploaded to the SAP NetWeaver technology platform to determine its true type and reports this to SAP systems via the NetWeaver VSI interface. Content scanning protects against possible malicious script content that might be embedded or disguised inside documents.

3. SAP administrators can then set policy according to which actual document types should be allowed.

The Deep Security SAP module is part of the RedHat Enterprise Linux and SUSE Enterprise Linux builds and can now be licensed directly through Deep Security Manager.

Currently supported platforms:

• SUSE Enterprise Linux 11 Service Pack1, 64-bit

• SUSE Linux Enterprise Server for SAP applications, 64-bit

• Red Hat Enterprise Linux 6.3, 64-bit

1

2

3• Documents

• Emails • Embedded images

• Active content

Content

trend Micro Deep security

for sAP systems

trend Micro smart

Protection network

SAP VirusScan Interface

SAP NetWeaversAP user

sAP ADMin

©2015 by Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro t-ball logo, and Smart Protection Network are trademarks or registered trademarks of Trend Micro Incorporated. All other company and/or product names may be trademarks or registered trademarks of their owners. Information contained in this document is subject to change without notice. [SB01_DS_for_SAP_150720US]