Secure Network Communications (SNC) integrates SAPNetWeaver Single Sign-On or an external security product with SAP systems. With SNC, you strengthen security by using additional security functions provided by a security product that are not directly available with SAPsystems.
SNC protects the data communication paths between the various client and server components of the SAP system that use the SAP protocols RFC or DIAG. There are well-known cryptographic algorithms that have been implemented by the various security products, and with SNC, you can apply these algorithms to your data for increased protection.
If you are using standard protocols such as HTTP, then you can use the Secure Sockets Layer (SSL) protocol to provide such protection.
There are regulations in various countries that restrict the use of encryption in software applications. Pay close attention to the regulations that apply to your area of application.
· SNC secures the data communication paths between the various SAP system client and server components. There are well-known cryptographic algorithms that have been implemented by security products supported and with SNC, you can apply these algorithms to your data for increased protection.
· With SNC, you receive application-level, end-to-end security. All communication that takes place between two SNC-protected components is secured (for example, between the SAP GUI for Windows and the application server).
● You can use additional security features that SAP does not directly provide (for example, the use of smart cards).
· You can change the security product at any time without affecting the SAP business applications.
There are three levels of security protection you can apply. They are:
● Authentication only
● Integrity protection
● Privacy protection
Authentication only
When using authentication only, the system verifies the identity of the communication partners. This is the minimum protection level offered by SNC.
No actual data protection is provided!
Integrity Protection
When using integrity protection, the system detects any changes or manipulation of the data, which may have occurred between the two end points of a communication.
Privacy Protection
When using privacy protection, the system encrypts the messages being transferred to make eavesdropping useless. Privacy protection also includes integrity protection of the data. This is the maximum level of protection provided by SNC.
The product that you use must meet the following requirements:
· The product must provide the entire functionality defined in the GSS-API V2 (Generic Security Services Application Programming Interface Version 2) standard interface. SNC uses this interface to communicate with the security product.
· The functions must be dynamically loadable.
· The product must be available on platforms supported by SAP.
· The product must be certified for use by SAP.
The SAP Cryptographic Library is a product that is available free-of-charge to customers to use for SNC connections between system components. For more information, see Using the SAP Cryptographic Library for SNC.