Start of Content Area

Component documentation RFC/ICF Security Guide  Locate the document in its SAP Library structure

Use

SAP systems can communication with another SAP, or a non-SAP system, in two basic ways: With a Remote Function Call (RFC) you can call functions directly in a system (using an ABAP interface or RFC API). Internet Communication Framework (ICF) enables you to use HTTP, HTTPS or SMTP to communicate from an SAP system with other systems. 

This guide provides you with important information and advice for the secure use of RFC and ICF when communicating between SAP systems and other SAP systems or external systems.

Target Groups

This guide is aimed at technical consultants and system administrators.

Important Notes

Read the following SAP Notes about RFC and ICF security topics:

      43417      (RFC Software Development Kit)

      618516    (Restricting Access to the RFC Server Program RFCEXEC or

                            RFCEXEC.EXE).

      128447    (Trusted Systems Network for RFC Communication)

      532918    (RFC Trace Generation)

      1148023 (Data Security for RFC Traces and Debugging)

      668252    (Authorizations for Remote Debugging in ICF)

      110612          (Configuration of SAP Gateway)

      64016           (Gateway Monitoring)

More Information

      For more detailed information, see the following topics:

      Technical Scenarios - Overview

      RFC Scenarios

      ICF Scenarios

 

Note

This section of the documentation refers to scenarios for the ABAP environment. You can find information about security requirements in SAP J2EE systems in:

SAP NetWeaver Application Server Java Security Guide

 

 

 

 

End of Content Area