The security requirements for RCF and ICF communications can be split into four basic scenarios:
RFC communication between SAP systems (ABAP)
RFC communication with external (non-SAP) systems
ICF communication between SAP systems (ABAP)
ICF communication with external (non-SAP) systems
The additional security recommendations for the RFC scenario Communication with External Systems in this guide make particular reference to cases where an external system is used as a server (SAP calls the external system). If you use an external system as a client (the external system calls SAP), the appropriate SAP-specific security mechanisms are implemented on the SAP side.
Remember that the required security settings may vary according to which scenario you use.