Start of Content Area

Component documentation RFC/ICF Security Guide  Locate the document in its SAP Library structure

Use

SAP systems can communicate with other SAP systems or external systems through two different channels: Remote Function Call (RFC) can be used to call functions in a system directly (through an ABAP interface or using RFC API). Internet Communication Framework (ICF) enables you to use HTTP, HTTPS or SMTP to communicate from an SAP system with other systems. 

This guide provides you with important information and advice for the secure use of RFC and ICF when communicating between SAP systems and other SAP systems or external systems.

Target Groups

This guide is aimed at technical consultants and system administrators.

Important Notes

Read the following SAP Notes about RFC and ICF security topics:

      43417      (RFC Software Development Kit)

      618516    (Restricting Access to the RFC Server Program RFCEXEC or

                            RFCEXEC.EXE).

Note

This Note is only relevant for the classic RFC API.

      128447    (Trusted Systems Network for RFC Communication)

      532918    (RFC Trace Generation)

      668252    (Authorizations for Remote Debugging in ICF)

      110612          (Configuration of SAP Gateway)

      64016           (Gateway Monitoring)

Further Information

      For more detailed information, see the following topics:

      Technical Scenarios - Overview

      RFC Scenarios

      ICF Scenarios

 

Note

This section of the documentation refers to scenarios for the ABAP environment. You can find information about security requirements in SAP J2EE systems in:

SAP NetWeaver Application Server Java Security Guide

 

 

 

 

End of Content Area