01-08-2007 2:43 AM
Hi all,
Is there anybody out there who would be willing to share his Virsa implementation experience. I am moving to a new employer who is soon going to implement Virsa and wants me to take part in the implementation process. I am not new to using it but would like to know the process and the ground work involved. Thank you.
Joe
03-07-2007 4:37 PM
Hello, I have performed quite a few implementations of this nature. The methodology that I typically follow consists of the following main tasks:
Review/Implement an Internal Controls Framework covering all risks associated with the applicable Business Processes and all mitigating controls.
Extrapolate the SOD type controls, and critical access from the Internal Controls Framework
Implement the controls from scratch into Compliance Calibrator (I do not use the default rule-set as quite frankly, it's more wrong than it is right and provides false assurance + false positives)
If it's a global roll-out, I then work on regional-specific controls based on local regulatory compliance requirements, and repeat the process, implementing them as rule-sets.
I then implement Role Expert, and perform a security redesign (if applicable) based on the CC faciliated Internal Controls Framework.
I then review/implement the Security Governance Framework and Security Procedures
i implement Access Enforcer to support the above frameworks.
This methodology has never been documented as part of the Virsa documentation (as far as I can tell), but it is the typical methodology for the implementation of a Security Framework (Governance, Design, Procedures), which is what Virsa is really supporting.
01-08-2007 10:54 AM
Hi Joe,
We also have a requirement of upgrading our VRAT 2.0 to CC 4.0.We are still in the process of doing that,but can share some ideas.
If you are also upgrading,download all the SOD Rules (SOD TCodes and SOD Objects) from Virsa Tool box.I believe the existing rules will get overwritten once you import the newer versions.
I suppose the installer of CC have come in a bundle of transport requests.If yes,then importing them will install it.
Thanks,
s<i><b>A</b></i>mik.
01-09-2007 2:33 AM
Samik,
Thanks for your response. This company does not appear to be upgrading its CC, because there is no CC in place. It is going to be a first time implementation. If you have been exposed to Virsa implementation, could you please tell me more in details about the work and process involved. Can you please put it for me say, in steps. Thank you.
Joe
01-09-2007 8:06 PM
Hi,
If you have suser id you can view the following documents from service market place. which are more helpful.
<a href="https://websmp202.sap-ag.de/~form/sapnet?_FRAME=OBJECT&_HIER_KEY=501100035870000015092&_HIER_KEY=601100035870000206624&_HIER_KEY=701100035871000499139&_SCENARIO=01100035870000000202&#HOME">Installation, configuration, user Guides</a>
<a href="https://websmp202.sap-ag.de/~form/sapnet?_FRAME=CONTAINER&_HIER_KEY=501100035870000015092&_HIER_KEY=601100035870000206624&_HIER_KEY=701100035871000499139&_OBJECT=011000358700004383042006E&_SCENARIO=01100035870000000202&">Firefighter 4.0 / 5.1 for SAP User Guide</a>
If you have any problem regarding access or if you need the doucments I can send it you.
Cheers
Soma
01-10-2007 4:17 AM
01-10-2007 2:15 PM
Hi,
suserid is used to access to service.sap.com.
I hope its clear
Cheers
Soma
01-11-2007 1:51 PM
Hi,
What version of CC are you going to implement ? If it is CC 5.1,then the Installation Guide is available in Marketplace.
If CC 4.0,the guide is unavailable there.Normally,the guide comes with the Installation package itself.Check with the package,you will find some necessary documents.I suppose,there will be some transport requests that need to be imported in a proper sequence.The sequence will be mentioned in a Word doc within the package.Then,you can assign appropriate VRAT auth profiles to users.
Hope this helps.
Thanks,
s<i><b>A</b></i>mik.
08-24-2007 10:59 PM
Hello Pradeep,
This is Sridhar. I also badly need the below documents. Could you please email them to me at <removed_by_moderator> as I am not able to access them.Thanks a lot!!!
Installation, configuration, user Guides
Firefighter 4.0 / 5.1 for SAP User Guide
08-25-2007 8:26 AM
Sridhar,
The docs in the links need an OSS ID. Ask your basis team to give you one or to download the docs. All projects ir implementations will have an ID to use.
01-09-2008 12:35 PM
Hi Pradeep,
Can you provide link to Virsa Role Expert 3.2 version Abap user guide.
The link you have provided consists of 5.2 versions of virsa components.
Thanks & Regards,
Selva Prasath
01-17-2007 4:33 AM
Hi all,
We are currently implementing fire fighter, in initial phase, as per my experience i would like to share, to limit the action by the super user and log the every action of each individual from the security point of view this implementation comes in picture.
Within Firefighter, there are three roles that need to be fulfilled and three SAP roles supplied for this purpose. They are:
Firefighter Administrator (/VIRSA/Z_VFAT_ADMINISTRATOR)
Role Owner or Firefighter ID (/VIRSA/Z_FAT_ID_OWNER)
Firefighter (VIRSA/Z_FAT_FIREFIGHTER)
Firstly we are idetifying the different role possible which are not conflicting each other, means have separate activities.
hope this will help,
03-03-2007 5:30 AM
03-05-2007 9:05 AM
03-06-2007 9:13 PM
Hi Joe,
CC there are 2 flavours. One is CC4.0 which is totally ABAP based product. Another one is CC5.1 which runs on top of Netweaver Environment and this is JAVA based product but talks to SAP to get the data.
Hope this helps.
Ravi Subbarayan
03-07-2007 4:37 PM
Hello, I have performed quite a few implementations of this nature. The methodology that I typically follow consists of the following main tasks:
Review/Implement an Internal Controls Framework covering all risks associated with the applicable Business Processes and all mitigating controls.
Extrapolate the SOD type controls, and critical access from the Internal Controls Framework
Implement the controls from scratch into Compliance Calibrator (I do not use the default rule-set as quite frankly, it's more wrong than it is right and provides false assurance + false positives)
If it's a global roll-out, I then work on regional-specific controls based on local regulatory compliance requirements, and repeat the process, implementing them as rule-sets.
I then implement Role Expert, and perform a security redesign (if applicable) based on the CC faciliated Internal Controls Framework.
I then review/implement the Security Governance Framework and Security Procedures
i implement Access Enforcer to support the above frameworks.
This methodology has never been documented as part of the Virsa documentation (as far as I can tell), but it is the typical methodology for the implementation of a Security Framework (Governance, Design, Procedures), which is what Virsa is really supporting.
03-07-2007 5:13 PM
Hi Justin
Can you publish this as a WIKI in SDN? Would be great...
Thanks
Kristian
03-08-2007 9:43 AM
Yep. No worries. It may take me a while as I'm a little busy at the moment, but I'll write something a little more comprehensive as soon as I can.
03-08-2007 11:41 AM
Hi Justin,
Currently we are upgrading VRAT2.0 to CC4.0.My system is 4.6C,simple landscape - Dev,Qua and Prd.I have the Non HR Transports.Can you tell me the process of implementing CC4.0 ?
I have downloaded the SOD tables from VRAT toolbox.Does importing the transports and then the tables implement CC4.0 automatically ? Are there any extra steps involved ?
Thanks,
s<i><b>A</b></i>mik.
01-09-2008 12:31 PM
Can you please provide link for VIRSA Role Expert 3.2 version Abap user guide.
The link you have mentioned consists of 5.2 Versions of Virsa tools....
Thanks & regards,
Prasath