Solution : https://service.sap.com/sap/support/notes/821875 (SAP Service marketplace login required)
Summary :
SAP Note addresses enhancing the security of message servers. It provides guidelines for configuring external monitors, differentiating internal and external communication, and utilizing ACLs for secure access. Three configurations are crucial: 1) Adjusting 'ms/monitor' parameter settings to restrict or allow external monitoring operations. 2) Specifying 'rdisp/msserv_internal' to segregate internal and external data channels effectively. 3) Setting 'ms/acl_info' to manage access with a focus on specifying allowed IPs or domains. These configurations help safeguard systems from unauthorized access and ensure communication integrity within application servers. Additionally, adjustments in sapevt program connections are highlighted to prevent unauthorized event triggers.
Key words :
/usr/sap/<sid>/sys/global/ms_acl_info, external communicationto prevent unwanted clients appearing, terms securitymessage serversapevtmssloginclientmseaccessdeniedmssclienthandleaccess denied, additional operating system rights, normal sapms<sid> port, smms -> goto -> security settings, access deniedthe port number, prevents unwanted modifications, access denied [msxxserv, affect external clients
Related Notes :
| 1421005 | Secure configuration of the message server |
| 1394093 | Collective Security Note |
| 826779 | sapevt (Version 5): Security settings in the Msg. |
| 822296 | Additional info: Upgrade to SAP NW 2004s AS ABAP (iSeries) |
| 642464 | Profile file for the program sapevt |