Show TOC

Security Zones in Internet ExplorerLocate this document in the navigation structure

Use

Internet Explorer implements the Internet Explorer zone model. This security model helps protect your computer from unsafe operations by using security zones and levels. Internet Explorer uses security zones that let you control the level of access given to your computer by the Web pages that you open. Having the appropriate security settings in place reduces the risk of damage to your system.

You assign Web sites to different security zones. For example, Web sites are assigned to the Internet zone if they are not listed in the trusted and restricted zones. To prevent navigation to a Web site that may cause damage to your system, add it to the list of restricted Web sites. For each zone, you can maintain security levels (for example, medium or high) manually. You can select the default level for a zone and customize the settings based on your security requirements. For example, you can disable the option to allow ActiveX controls to run without prompt.

How Security Zones in Internet Explorer Apply to SAP Business Client

The Internet Explorer zone model applies to SAP Business Client in the following ways:

  • SAP Business Client for Desktop renders HTML content using the Internet Explorer and thus uses the Internet Explorer zone model. The Internet Explorer zone model is also used for navigation to SAP GUI transactions.

  • SAP NetWeaver Business Client 3.6 for HTML can only benefit from the Internet Explorer zone model when you run it in Internet Explorer.

The settings you or your administrator defines in Internet Explorer apply to any navigation to Web content from SAP Business Client as well. Your system administrator must ensure that security zones with appropriate security levels for each zone are defined for any Web content that your system accesses.

With this security model in place, no additional protection for your system is required. In addition, SAP Business Client provides a whitelist infrastructure with the same effect as Internet Explorer zone model to allow navigation only to safe Web sites once you have defined whitelist entries. You may still define the whitelist, though this is not required in case appropriate security settings have been made using the Internet Explorer zone model.

Caution

SAP Business Client navigates to a Web site regardless of the security zone defined for this site. If a Web site is listed in restricted zones only the trusted content is displayed on the site.

Activities

To maintain security settings in Internet Explorer, choose Start of the navigation path Tools Next navigation step Internet Options Next navigation step Security End of the navigation path.

More Information