Application Development Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Showing results for 
Search instead for 
Did you mean: 

How to correct Early watch report errors in different systems

former_member275658
Contributor
0 Kudos
194

Hello Gurus,

We get several emails regarding early watch report errors which says that our security in systems is red (critical).

Please let me know how should I analyse these errors and make EWR green or yellow.

Thanks in advance!

Regards,

Ma

1 ACCEPTED SOLUTION

Former Member
0 Kudos
134

could you please analyze them where it say it critical or in red.

Based on them report fix them ..

ir could you paste few of the details to help you.

Thanks,

Prasant K Paichha

7 REPLIES 7

Former Member
0 Kudos
135

could you please analyze them where it say it critical or in red.

Based on them report fix them ..

ir could you paste few of the details to help you.

Thanks,

Prasant K Paichha

0 Kudos
134

do you have the early watch report? you only have to read it and follow the advices.

regards, m.

0 Kudos
134

Hello Gurus,

This is the recommendation from SAP.

"Apply relevant security-related SAP HotNews and Notes. An overview about such notes is published on SAP Service Marketplace at /securitynotes .

To display a list of relevant security-related SAP Notes that can be implemented easily, run the tool RSECNOTE in transaction ST13. It provides a detailed list of the vulnerabilities discovered and the corresponding SAP Notes for correction. More security issues may exist.

For more information, refer to SAP Note 888889 ."

Please let me know if I need to implement the SNOTE 888889 and also do I need to directly implement this in Production or first I need to use it in test environment ?

Thanks in Advance

0 Kudos
134

Hello,

you need that tool in that system, where you normally implement corrections.

Generally this will be your DEV system, from where you transport it to your QAS,TST,PRD,.....

The tool itself only has the task to check the installation status of the security notes....

So if you don't want to install the tool (rsecnote), simply check the security notes form the SAP market place link and compare the implementation status manually in your system(s) (SNOTE, SE38,......).

b.rgds, Bernhard

0 Kudos
134

> This is the recommendation from SAP.

> "Apply relevant security-related SAP HotNews and Notes. An overview about such notes is published on SAP Service Marketplace at /securitynotes .

> To display a list of relevant security-related SAP Notes that can be implemented easily, run the tool RSECNOTE in transaction ST13. It provides a detailed list of the vulnerabilities discovered and the corresponding SAP Notes for correction. More security issues may exist.

> For more information, refer to SAP Note 888889 ."

>

>

> Please let me know if I need to implement the SNOTE 888889 and also do I need to directly implement this in Production or first I need to use it in test environment ?

>

I think there is nothing better explanation exist in simple English than the one you provided to us. Please follow one by one starting from the first line and let us know for any difficulty you face.

Regards,

Dipanjan

0 Kudos
134

Is there a way to set alerts / automatic notification for any new notes that may be required for our systems?

Thanks

Vijaya

0 Kudos
134

Hi,

Earlywatch reports is one of the kind. Also I have just posted a blog on how to use RSECTOOL and get latest note information required.

Here is the [link|http://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/19151] [original link is broken] [original link is broken] [original link is broken];

Regards,

Gowrinadh

Edited by: Gowrinadh Challagundla on May 21, 2010 1:07 PM