Version 5.0

28 October 2020

[FEATURE] Protect4S 5.0 is certified for Netweaver and S/4HANA

[FEATURE] System: The system type Web dispatcher is supported

[FEATURE] Check template: New SAP security baseline v2.0 (Feb 2020) - Note 2253549

[FEATURE] Check template: New SAP patch management

[FEATURE] Check: New CF-DC-0045-01: Prevent brute force of SAP HANA SYSTEM user

[FEATURE] Check: New CF-DC-0046-01: Prevent detailed error messages for authentication SAP HANA

[FEATURE] Check: New CF-WD-0001-01: Is HTTPS used for Web Dispatcher and backend(s)

[FEATURE] Check: New CF-WD-0002-01: Is HTTPS used for the Admin port

[FEATURE] Check: New CF-WD-0004-01: Does the Web Dispatcher provide public monitoring info

[FEATURE] Check: New CF-WD-0006-01: Is Web Dispatcher patch level recent

[FEATURE] Check: New CF-WD-0007-01: Are SICF public services filtered out

[FEATURE] Check: New CF-WD-0008-01: Is SSL correctly configured

[FEATURE] Check: New CF-WD-0013-01: Are ACL's configured for Web Dispatcher HTTP(S) ports

[FEATURE] Check: New CF-WD-0014-01: Have slowloris settings been set

[FEATURE] Check: New CF-WD-0015-01: Is access to the Admin interface limited

[FEATURE] Check: New CF-WD-0016-01: Are non-supported protocols configured

[FEATURE] Check: New CF-WD-0018-01: Web Dispatcher profile check

[FEATURE] Check: New CF-WD-0019-01: Are the SSL ciphersuites correct configured

[FEATURE] Check: New CF-WD-0020-01: Are the SSL client ciphersuites correct configured

[FEATURE] Check: New CF-WD-0021-01: Strictness of trusted reverse proxies

[FEATURE] Check: New CF-WD-0022-01: Is CommonCryptoLib patch level recent

[FEATURE] Check: New CF-WD-0024-01: Certificate mismatching must be prevented

[FEATURE] Check: New IN-LO-0022-01: Is Web Dispatcher HTTP logging switched on

[FEATURE] Check: New IN-LO-0023-01: Is Web Dispatcher TCP logging switched on

[FEATURE] Check: New CF-WI-0001-01: 2969828 - OS command injection in Wily Introscope EM

[FEATURE] Check: New CF-WI-0002-01: 2971638 - Hardcoded credentials in Wily Introscope EM

[FEATURE] Check: New CF-SM-0001-03: The MMC webmethods should be secured

[FEATURE] Check: New CF-SM-0003-03: MMC HTTP access should be restricted via an ACL

[FEATURE] Check: New CF-SM-0004-03: MMC HTTPS access should be restricted via an ACL

[FEATURE] Check: New CF-IC-0005-03: Is SSL encrypted data shown as clear text in ICM trace files

[FEATURE] Check: New CF-IC-0006-03: Is information being disclosed by showing error details

[FEATURE] Check: New CF-IC-0018-03: HTTP server header sending WEB AS version

[FEATURE] Check: New CF-IC-0019-03: Is encrypted HTTPS data written to trace file (1)

[FEATURE] Check: New CF-IC-0020-03: Is encrypted HTTPS data written to trace file (2)

[FEATURE] Check: New CF-IC-0022-03: SMTP server header sending WEB AS version

[FEATURE] Check: New CF-IC-0023-01: Certificate forwarding via HTTP should not be accepted

[FEATURE] Check: New security notes checks

[FIX] Security notes: Improved engine to automatically implement SAP security notes

[FIX] Project: Improved workflow with new and rearranged buttons

[FIX] Check: Update CF-CS-0003-01: Updated the Content Server version to 7.5

[FIX] Check: Update PM-DB-0001-01: Added MS SQL SERVER 2020

[FIX] Check: Update CF-MS-0001-15: Added recognition for access denied

[FIX] Launchpad: Some application are renamed so they are more clear

[FIX] Authorization: The Protect4S authorization roles have been improved