Function documentationSecurity Functions for Output Devices

 

If you implement Secure Network Communications (SNC), you can activate security functions for your output devices.

Prerequisites

The security functions are only available for output devices with the access method S. Only if access method S is chosen in the device definition does the Security tab page appear, in which you can set the security functions for output described below for this device.

Activities

If you want to activate security functions for an output device, select the functions that you want to activate for the communication between the SAP system and this device on the Security tab page. The system displays either one or two selection lists on the Security tab page, depending on the level of security.

Level of Security Selection List

The system always displays this selection list with the SNC functions. It contains the following options:

  • Unsecure Data Transfer: Output data is transmitted from the spool server to the PC across the network without encryption. No SNC authentication is used.

    This is the default setting.

  • Encode Data: The spool server and the SAPlpd program use a converted output data stream. Output data is protected from "accidental" viewing, but the conversion encoding is not secure as it is relatively easy to decode.

    You do not have to implement Secure Network Communications (SNC) to use this security option.

  • Authentication only: it must be possible to prove the identity of the communication partner beyond doubt.

  • Integrity Protection: Data that is sent over the network cannot be changed during the transfer.

  • Privacy Protection: Exchanged information is not readable for third parties; that is, secure encryption of output data.

The last three options (Authentication Only, Integrity Protection, and Privacy Protection) activate functions of the SAP Secure Network Communication. Both the SAP server and the target PC (SAPlpd program) must be SNC-enabled. All three options require the host printer to verify its identify. Privacy Protection also contains the secure encryption of the output data.

For more information, see the Documentation for Secure Network Communications or SAP Note 66687 Use of Network Security Products.

Security Mode Selection List

This selection list also appears on the screen as soon as you choose a security function other than Unsecure Data Transfer from the Level of Security selection list explained above. The options of the Level of Security selection list specify how the SAP spool server should behave. In the Security Mode selection list, you specify whether the PC (SAPlpd program) must meet your security requirement or not. The options of the Security Mode selection list allow you to specify what the spool server should do if the target PC (SAPlpd program) is not able to respond with the same level of security. This can cover, for example, a situation when a server demands authentication, but a PC is not SNC-enabled.

The Security Mode selection list contains the following options:

  • Unsecure Data Transfer

  • Optional Data Transfer Security: printing is permissible, even if the PC cannot meet the requirements.

  • Use Only Secure Transfer: Printing is terminated immediately if the PC cannot meet the security requirements.

More Information

SAP Printing Guide start page