Version 5.0
28 October 2020
[FEATURE] Protect4S 5.0 is certified for Netweaver and S/4HANA
[FEATURE] System: The system type Web dispatcher is supported
[FEATURE] Check template: New SAP security baseline v2.0 (Feb 2020) - Note 2253549
[FEATURE] Check template: New SAP patch management
[FEATURE] Check: New CF-DC-0045-01: Prevent brute force of SAP HANA SYSTEM user
[FEATURE] Check: New CF-DC-0046-01: Prevent detailed error messages for authentication SAP HANA
[FEATURE] Check: New CF-WD-0001-01: Is HTTPS used for Web Dispatcher and backend(s)
[FEATURE] Check: New CF-WD-0002-01: Is HTTPS used for the Admin port
[FEATURE] Check: New CF-WD-0004-01: Does the Web Dispatcher provide public monitoring info
[FEATURE] Check: New CF-WD-0006-01: Is Web Dispatcher patch level recent
[FEATURE] Check: New CF-WD-0007-01: Are SICF public services filtered out
[FEATURE] Check: New CF-WD-0008-01: Is SSL correctly configured
[FEATURE] Check: New CF-WD-0013-01: Are ACL's configured for Web Dispatcher HTTP(S) ports
[FEATURE] Check: New CF-WD-0014-01: Have slowloris settings been set
[FEATURE] Check: New CF-WD-0015-01: Is access to the Admin interface limited
[FEATURE] Check: New CF-WD-0016-01: Are non-supported protocols configured
[FEATURE] Check: New CF-WD-0018-01: Web Dispatcher profile check
[FEATURE] Check: New CF-WD-0019-01: Are the SSL ciphersuites correct configured
[FEATURE] Check: New CF-WD-0020-01: Are the SSL client ciphersuites correct configured
[FEATURE] Check: New CF-WD-0021-01: Strictness of trusted reverse proxies
[FEATURE] Check: New CF-WD-0022-01: Is CommonCryptoLib patch level recent
[FEATURE] Check: New CF-WD-0024-01: Certificate mismatching must be prevented
[FEATURE] Check: New IN-LO-0022-01: Is Web Dispatcher HTTP logging switched on
[FEATURE] Check: New IN-LO-0023-01: Is Web Dispatcher TCP logging switched on
[FEATURE] Check: New CF-WI-0001-01: 2969828 - OS command injection in Wily Introscope EM
[FEATURE] Check: New CF-WI-0002-01: 2971638 - Hardcoded credentials in Wily Introscope EM
[FEATURE] Check: New CF-SM-0001-03: The MMC webmethods should be secured
[FEATURE] Check: New CF-SM-0003-03: MMC HTTP access should be restricted via an ACL
[FEATURE] Check: New CF-SM-0004-03: MMC HTTPS access should be restricted via an ACL
[FEATURE] Check: New CF-IC-0005-03: Is SSL encrypted data shown as clear text in ICM trace files
[FEATURE] Check: New CF-IC-0006-03: Is information being disclosed by showing error details
[FEATURE] Check: New CF-IC-0018-03: HTTP server header sending WEB AS version
[FEATURE] Check: New CF-IC-0019-03: Is encrypted HTTPS data written to trace file (1)
[FEATURE] Check: New CF-IC-0020-03: Is encrypted HTTPS data written to trace file (2)
[FEATURE] Check: New CF-IC-0022-03: SMTP server header sending WEB AS version
[FEATURE] Check: New CF-IC-0023-01: Certificate forwarding via HTTP should not be accepted
[FEATURE] Check: New security notes checks
[FIX] Security notes: Improved engine to automatically implement SAP security notes
[FIX] Project: Improved workflow with new and rearranged buttons
[FIX] Check: Update CF-CS-0003-01: Updated the Content Server version to 7.5
[FIX] Check: Update PM-DB-0001-01: Added MS SQL SERVER 2020
[FIX] Check: Update CF-MS-0001-15: Added recognition for access denied
[FIX] Launchpad: Some application are renamed so they are more clear
[FIX] Authorization: The Protect4S authorization roles have been improved
Last modified 7mo ago