Start of Content Area

Background documentation Network and Communication Security  Locate the document in its SAP Library structure

Your network infrastructure is extremely important in protecting your system. Your network needs to support the communication necessary for your business needs without allowing unauthorized access. A well-defined network topology can eliminate many security threats based on software flaws (at both the operating system and application level) or network attacks such as eavesdropping. If users cannot log on to your application or database servers at the operating system or database layer, then there is no way for intruders to compromise the machines and gain access to the backend system’s database or files. Additionally, if users are not able to connect to the server LAN (local area network), they cannot exploit well-known bugs and security holes in network services on the server machines.

The network topology for XBRL Reporting (FIN-FB-XR) is based on the topology used by the SAP NetWeaver platform. Therefore, the security guidelines and recommendations described in the security guide for SAP NetWeaver also apply to XBRL Reporting. Details that specifically apply to XBRL Reporting are described in the following sections:

      Network Security:

This section describes the network topology recommended for XBRL Reporting. It shows the appropriate network segments for the various client and server components and where to use firewalls for access protection. It also includes a list of the ports needed to operate XBRL Reporting.

      Communication Destination

Special Considerations for the System Landscape of XBRL Reporting

As described in the Technical System Landscape section, XBRL Reporting works almost exclusively with aggregated data, which is attained by first uploading data into SAP NetWeaver BI and then aggregating that data. For the functions of XBRL Reporting it is insignificant whether XBRL Reporting and SAP NetWeaver BI run on the same system or separate systems. However, from a communication security standpoint, which system landscape you decide upon has different consequences:

      If you opt for separate systems (for example, to assign entire user groups to different systems), for each application in XBRL Reporting you need to set up a separate RFC destination, which is used to communicate between the XBRL Reporting system and the SAP NetWeaver BI system. You need to secure these additional RFC destinations as you normally would.

      However, if you run XBRL Reporting and SAP NetWeaver BI on the same system, there is no need to set up and secure these RFC destinations.

For more information, see the following sections in the SAP NetWeaver Security Guide:

      Network and Communication Security

      Security Aspects for Connectivity and Interoperability

 

End of Content Area