Show TOC Start of Content Area

Background documentation Scenario D (cFolders)  Locate the document in its SAP Library structure

Scenario D can be split into two main sub-scenarios, depending on the number of Internet gateways between the intranet/demilitarized zone (DMZ) and the extranet. In terms of security, D1 and D2 are identical.

This graphic is explained in the accompanying text

Scenario D1

This graphic is explained in the accompanying text

Scenario D2

The security problem in this scenario (D1 and D2) is caused by placing the internal content/cache servers in the intranet. Instead of doing this, you might consider the configuration shown for location two in the figures above.

Note

If you have a DMZ at a location, this does not necessarily mean that you also have an Internet gateway. In general, DMZ only implies that you cannot reach intranet addresses from DMZ servers, but the other way around (Intranet DMZ) does not cause any problems.

If you really need to put the content server inside the intranet, make sure that you introduce subnets and control the IP routing by using the appropriate proxies. For information on configuring proxies, see SAP Note 216419.

End of Content Area