Security Measures –Overview (RFC) - SAP Documentation

Security Measures –Overview (RFC)

To guarantee the security of your RFC connections, include the following points in your setup and take the appropriate measures:

General Measures

Restricting Maintenance Authorizations for RFC Destinations (Transaction SM59)
Storing User Information for System Users Only (Not for Dialog Users)
Restrict access to the table RFCDES (information on RFC destinations)
Use authorization checks in (application) function modules if you want to call these modules using RFC.
Use secure network communications.
Deactivate remote monitoring of the SAP Gateways
Granting Authorizations for RFC Traces and Debugging Restrictively
Using a Low Trace Level

Special Measures for External RFC Servers

Prevent misuse of the RFC Software Development Kit
Allow RFC connections from known and selected systems only
Restrict the use of external RFC server programs
Restrict access to RFC server program RFCEXEC or RFCEXEC.EXE (only relevant for classic RFC API).

Note

For a more detailed description of these measures, see the appropriate scenario.

End of the note.

More Information

RFC Communication Between SAP Systems
RFC Communication Between SAP Systems and External (Non-SAP) Systems

Note

Also read the following security information about the SAP Gateway:

Security Settings in the SAP Gateway

End of the note.

Note

You can use the Security Audit Log to monitor RFC calls:

Security Audit Log

End of the note.