Your network infrastructure is extremely important in protecting your system. Your network needs to support the communication necessary for your business needs without allowing unauthorized access. A well-defined network topology can eliminate many security threats based on software flaws (at both the operating system and application level), or network attacks such as eavesdropping. If users cannot log on to your application or database servers at the operating system or database layer, then there is no way for intruders to compromise the machines and gain access to the backend system’s database or files. Additionally, if users cannot connect to the server LAN (local area network), they cannot exploit well-known bugs and security holes in network services on the server machines.
The network topology for the Quality Inspection Engine (QIE) is based on the topology used by the SAP NetWeaver platform. Therefore, the security guidelines and recommendations described in the SAP NetWeaver Security Guide also apply to QIE. Details that specifically apply to QIE are described in the following topics:
This topic describes the communication paths and protocols used by QIE.
This topic describes the recommended network topology for QIE. It shows the appropriate network segments for the various client and server components and where to use firewalls for access protection. It also includes a list of the ports needed to operate QIE.
This topic describes the information needed for the various communication paths, for example, which users are required for which communication paths.
For more information, see the following sections in the SAP NetWeaver Security Guide: