ERP systems play a big role in today’s largest IT environments in organizations. As security and compliance requirements increase and breaches and compromises happen more frequently, companies need to implement strong programs around secure communications. In the world of ERP systems, and especially SAP, this means that large distributed environments need to have their components connected in a secure way.
SAP provides a cryptographic layer for securing communications of some of their proprietary network protocols. This layer is called SNC (Secure Network Connections) and is built upon two main components: the network protocol that implements and supports the secure connections and the libraries providing the cryptographic primitives. Implementing SNC has two main challenges. The first is how administrators can configure it in a way that effectively secures communications from active and passive attackers. This involves setting the SAP server profile parameters, choosing the right cipher suites, configuring the clients and many more tasks. The second challenge is how security staff can test and assess the security level of their company’ systems and identify potential abuses against them.
In our upcoming talk at Troopers 2017, we’ll try to shed some light on how to make those challenges easier for administrators and security practitioners. On one hand, we’ll show some of the SNC protocol details, in order to better understand and be able to properly assess it. On the other, we’ll demonstrate some practical attacks against common insecure scenarios. This will come with new releases of tools that can be used to analyze and play with SNC-protected traffic, as well as some general recommendations of how to better configure and setup the protocol.
Join us in the beautiful Heidelberg on March 22nd and feel free to reach out speaker, Martin Gallo around the conference. After the conference, you can get a copy of the slides from this presentation here.