Security Settings in the SAP Gateway 
SAP gateway is an interface between the application server and other SAP systems or programs. Usually application servers and database hosts are located in the same network segment. This network is secured from external access through a demilitarized zone (DMZ).
Communication that leads the SAP gateway as part of the application server to external systems beyond the DMZ is in principle insecure. System administrators have several options available to configure external communication of the SAP gateway securely.
Features
Configuring Network-Based Access Control Lists (ACL):
In this ACL file (Access Control List = security file) you can specify from which hosts the gateway is to accept connections at TCP/IP level.
Configuring Support of SNC Components:
With two profile parameters you can specify whether the SAP gateway is to support SNC, and whether connections to non-SNC programs are to be allowed. By setting up SNC or using SAP routers, you can make communication between SAP gateways of different SAP systems secure.
Configuring Connections between SAP Gateway and External Programs Securely:
With two ACL files (Access Control List = security file) you can specify which external programs are allowed to connect to the SAP gateway (security file reginfo), and which programs are allowed to be started from the SAP gateway (security file secinfo).
Setting Up Gateway Logging:
You can configure the SAP gateway so that actions executed by it, and requests it receives from external systems, are written to a log file. You can use this log file for analyzing security settings.
Further Security Parameters:
In addition to the measures described above, further parameters are provided for you to configure the SAP gateway securely.