As the gateway is an application server interface to other systems (to other SAP systems, to external programs, and so on), security conditions must be met, as appropriate. In particular, if external programs are started via the gateway, you should use the security options described below.
You should be aware of the following security issues for operating the gateway.
· Authorizations for the side info file. Set the file attributes as described in Side Information Tables, to ensure the file is protected from unauthorized access.
· Secure connections between gateways of different SAP Systems. To do this you have to set up SNC or use the SAProuter between the gateways, which de-encrypts and encrypts the data by SNC. For details see Configuring SNC Component Support
Options for implementing security measures regarding external programs are described below.
· You can prevent external programs from being started by unauthorized users. See Start Assigning Authorizations for External Programs
· You can prevent external programs from being registered in the SAP gateway without authorization. See Assigning Registration Authorization for External Programs in the SAP Gateway
· You cab regulate access from registered programs. See Access Controls for Registered Programs.
You can find details of the parameters relevant for security settings under Security Parameters.