Your network infrastructure is extremely important in protecting your system. Your network needs to support the communication necessary for your business and your needs without allowing unauthorized access. A well-defined network topology can eliminate many security threats based on software flaws (at both the operating system and application level) or network attacks such as eavesdropping. If users cannot log on to your application or database servers at the operating system or database layer, then there is no way for intruders to compromise the devices and gain access to the backend system’s database or files. Additionally, if users are not able to connect to the server LAN (local area network), they cannot exploit known bugs and security holes in network services on the server machines.
The network topology for
SAP ERP Central Component
is based on the topology used by the SAP NetWeaver platform. Therefore, the security guidelines and recommendations described in the
SAP NetWeaver
Security Guide also apply to
SAP ERP Central Component
. Details that relate directly to
SAP ERP Central Component
are described in the following sections:
Communication Channel Security
This section contains a description of the communication channels and protocols that are used by subcomponents of SAP ERP Central Component.
This section contains information on the network topology recommended for the subcomponents of SAP ERP Central Component. It shows the appropriate network segments for the various client and server components and where to use firewalls for access protection. It also contains a list of the ports required for operating the subcomponents of
SAP ERP Central Component
.
This section describes the data needed for the various communication channels, for example, which users are used for which communications.
For more information, see the following sections in the
SAP NetWeaver S
ecurity Guide: