In the second type of installation, one content server is added to the network environment.
· For cFolders, the addition of a content server does not affect the security of the SAP Web AS server because they are located in different subnets. This scenario is even more secure than the SAP Web AS itself, because the content server is also placed in its own subnet and the gateway between the SAP Web AS subnet and the content server subnet can be controlled using a separate proxy, possibly with embedded firewall technology.
If you do not want to use two subnets with a proxy between them, the content server can also be placed inside the SAP Web AS subnet. As already explained, the SAP Web AS can communicate without any restrictions with other servers inside its subnet, on the same security level. This configuration is easier to maintain and almost as secure as the extended configuration. A proper firewall configuration between the extranet and DMZ must then allow access only to the SAP Web AS, and not to the content server.
· For cProjects, the SAP Web AS and the content server are both located in the intranet.
Scenario B: cFolders
Scenario B: cProjects