High-Security Remote Maintenance for SAP Systems
The genua Advanced Secure Connect high security remote maintenance solution ensures the frictionless operation of your central SAP applications and allows the maximum efficiency of your company’s processes. This solution is an important component of SAP Advanced Secure Support. It accesses your SAP system remotely when required, carries out maintenance sessions, analyzes and recommends steps necessary for the prevention and solution of problems before they result in downtime. The genua Advanced Secure Connect solution, developed in cooperation with SAP, guarantees a very high level of security when accessing your sensitive SAP systems.
Your Benefits from genua Advanced Secure Connect:
- Developed in cooperation with SAP
- High security remote maintenance of SAP Systems
- Frictionless communication through connection protocol developed by SAP
- Encryption of the maintenance connection using high-security VPN technology developed in Germany
- Protected maintenance area with no access to other systems in your network
- Tamper-proof recording of all actions
- Regular security updates from the manufacturer
- Easy to operate using a Windows app
- Central administration via management station
- 24/7 expert support from genua and SAP
Seamless Integration in SAP Environments
SAP has developed a new type of connection to ensure that this remote maintenance solution fits seamlessly into your SAP environment, guaranteeing frictionless interaction between genua and SAP solutions.
Remote Maintenance with a DMZ Rendezvous
Our concept for maximum security remote maintenance: the maintenance connection is established via a rendezvous server on the Secure Connector. The rendezvous server is installed as a central component in your demilitarized zone (DMZ). Through this you do not have to grant the manufacturer’s support staff direct access to the SAP system in your network.
Maintenance Access Only with Your Clearance
You connect to the Secure Connector from inside your network at the same time as the manufacturer’s support staff. Once this rendezvous on the server has taken place, the maintenance connection to your network can be established. The support staff can access your SAP systems using VNC, RDP or SSH but only with your explicit clearance.
Full Control Over Encrypted Maintenance Connections
A further component is the Service Box providing additional security at the end point of your SAP system maintenance connection. It achieves this by protecting the SAP system from the rest of your network while the maintenance is being carried out. This ensures that the connection can only lead to the object being maintained and that access to other systems in your network is not possible. In addition, a VPN gateway (Virtual Private Network) is also installed in the SAP support computing center for each customer. The customer has administrative control over this device and therefore over the starting point for the encrypted connection at SAP.
Complete Control, Comprehensive Monitoring and Recording
Follow live all the steps the SAP support carries out live on the user interface: if required, all steps can be recorded on video and archived. In addition, all log information is recorded, meeting the security requirements of the German Federal Office for Information Security (Bundesamtes für Sicherheit in der Informationstechnik, BSI). This means that you are always able to keep track of external access and can reconstruct any changes made to your SAP systems.
The rendezvous solution ensures that you have absolute control over maintenance access.
Complete Solution with High Security Components
All the components of our Advanced Secure Connect remote maintenance solution meet the highest security requirements.
The central Secure Connector component runs on a microkernel operating system. The low complexity of this system means that code errors and therefore potential vulnerabilities are avoided. In addition, the Secure Connector operating system creates two strictly separated areas: one for the system used to establish the VPN connection, the other for the SAP router protocol. Each of these areas has its own operating system and hardware resources, also this internal separation provides a strong barrier against attackers. Even if an attacker manages to break into one area, the way into the other will remain blocked.
Unprecedented Level of Security
The VPN Gateway and the Service Box run on hardened operating systems, which have been reduced to providing only the functions that are absolutely necessary and therefore do not present potential starting points to attackers. We use high security procedures to encrypt the maintenance connection. These have been approved for use for the protection of classified government information and are guaranteed to be free of backdoors. This careful combination of components making up our complete solution means that your SAP remote maintenance achieves a unique level of security.
User-Friendly Administration and Operation
All Advanced Secure Connect components are administered using the genucenter Management Station, which is also designed to meet the requirements of handling classified information. Our remote maintenance solution is operated with a Windows app: you can establish the maintenance connection with a mouse-click and easily implement and administer the complete solution.
Support Direct from the Manufacturer
Support for the remote maintenance solution comes directly from the manufacturer. Our Advanced Secure Connect experts are available 24/7 to answer your questions and assist you with problems, and we provide regular updates. We provide a next business day replacement service for customers throughout Germany: If a system should fail, you will receive an identical replacement on the next working day. We ship out replacement devices to customers located outside of Germany as quickly as possible.
Our sales department will be happy to answer any questions: