Communication channels transfer your business data in all its different forms, therefore, you should protect these channels against unauthorized access. SAP offers general recommendations and technologies to protect your system landscape based on SAP NetWeaver.
For information about:
· Communication security for SAP NetWeaver, see the SAP NetWeaver Security Guide on the SAP Service Marketplace at service.sap.com/securityguide → SAP NetWeaver Network and Communication Security.
· Security aspects for the connectivity and interoperability of SAP NetWeaver, see the SAP NetWeaver Security Guide on the SAP Service Marketplace at service.sap.com/securityguide → SAP NetWeaver Connectivity Security Guide.
· Communcation channel security for SAP Exchange Infrastructure (SAP XI), consult the SAP Exchange Infrastructure (SAP XI) Security Guide on the SAP Service Marketplace at service.sap.com/securityguide → SAP NetWeaver Component Security Guides → SAP Exchange Infrastructure Security Guide.
The table below shows the communication channels used by the Quality Inspection Engine (QIE), the protocol used for the connection, and the type of data transferred.
Communication Paths
Communication Path |
Protocol Used |
Type of Data Transferred |
Data Requiring Special Protection |
Front-end client using SAP GUI for Windows to application server |
DIAG |
All customizing data |
Passwords |
Front-end client using a Web browser to application server (SAP GUI for HTML) |
HTTP |
All customizing data |
Passwords |
Application server to application server |
RFC, XI |
All application data |
Passwords and business data |
DIAG and RFC connections can be protected using Secure Network Communications (SNC). HTTP connections are protected using the Secure Sockets Layer (SSL) protocol. SOAP connections are protected with Web services security.
We strongly recommend using secure protocols (SSL, SNC) whenever possible.
For more information, see Transport Layer Security and Web Services Security in the SAP NetWeaver Security Guide.