Network Security 

Your network infrastructure is of great importance for the security of your system. It has to allow your application to communicate, while at the same time preventing unauthorized access.

A well thought out network topology is a basic requirement for using effective security mechanisms. It may be difficult to revert some fundamental decisions, so you must include security aspects in your planning right from the start, even if they are not of immediate importance.

When you plan your security mechanisms, it is important that you have a clear picture of the resources you want to protect, and can estimate the possible risks. When you think out your security strategy you need to weigh the possible damage that unauthorized access could cause to your system against the expense of avoiding this danger. You must be fully aware of your own security strategy and make sure that it exists in written form.

Your security strategy must cover all layers of your system:

The security of the SAP servers is usually part of a comprehensive strategy for securing resources in the network. The section Controlling Access tells you how to integrate the protection of SAP servers into this strategy, and which tools are provided by SAP.

The network connection between the SAP frontends and the application servers transmits all the data that the user enters or displays. This data clear text, however it can be extracted. There are several different methods of encrypting this data if you want it to remain secret. The same applies to other SAP communication connections, such as CPI-C, RFC and the Internet Transaction Server.

Encryption is usually mandatory for connections across open networks, such as the Internet. However, it may also be necessary to use encryption in internal networks for authenticating users and protecting sensitive data.

The section
Encrypting SAP Network Connections describes the ways in which you can make sure that your communication connections are secure.