I have a site (ASP.net) and SAP on the company's server should I connect them (LAN or WAN ?) and what is the most secure method ? I need it for real time transactions
2007-01-08 21:29:12 · 1 answers · asked by raflawy 3 in Computers & Internet ➔ Computer Networking
Check the SAP help portal:
http://help.sap.com/saphelp_nw2004s/helpdata/en/ba/88ca41edc1c317e10000000a155106/frameset.htm
Portal Development Kit for Microsoft. NET (PDK for .NET). is a set of tools that enable Microsoft Visual Studio .NET developers to build portal components for SAP NetWeaver Portal. Using PDK for .NET enables organizations with existing investments in Microsoft .NET technology to leverage their developers’ skills and take advantage of the SAP NetWeaver technology.
Why Is Security Necessary?
With the increasing use of distributed systems and the Internet for managing business data, the demands on security are also on the rise. When using a distributed system, you need to be sure that your data and processes support your business needs without allowing unauthorized access to critical information. User errors, negligence, or attempted manipulation on your system should not result in loss of information or processing time. These demands on security apply likewise to PDK for .NET.
To assist you in securing PDK for .NET, we provide this document.
About this Document
This guide provides an overview of the security aspects that apply to PDK for .NET, operating in conjunction with SAP NetWeaver Portal.The information in this guide applies to versions 2.0 and 2.5 of PDK for .NET.
Overview of the Main Sections
The Security Guide includes the following main sections:
· Before You Start
This section contains information about why security is necessary, how to use this document and references to other Security Guides that build the foundation for this Security Guide.
· Technical System Landscape
This section provides an overview of the technical components and communication paths that are used by PDK for .NET.
· Authorizations
This section provides an overview of the authorization concept that applies to PDK for .NET and explains how user authentication and authorization are accomplished when connecting to SAP NetWeaver Portal.
· Network and Communication Security
This section provides an overview of the communication paths used by PDK for .NET and the security mechanisms that apply. It also includes our recommendations for the network topology to restrict access at the network level.
· Trace and Log Files
This section provides an overview of the trace and log files that contain security-relevant information, for example, so you can reproduce activities if a security breach does occur.
http://help.sap.com/saphelp_nw2004s/helpdata/en/00/06830beb3d0248b6d468e07470cc07/frameset.htm
Security Guides for Connectivity and Interoperability Technologies Locate the document in its SAP Library structure
The SAP NetWeaver products are capable of communicating and exchanging data between systems based on various technologies. The security aspects pertaining to the connectivity and interoperability mechanisms used across the SAP NetWeaver platform are described in the following topics:
· Structure linkSecurity Guide RFC / ICF
This guide explains the security aspects that apply to the Internet Communication Framework (ICF) and when using Remote Function Calls (RFC) on the SAP Web Application Server’s ABAP Engine.
· Security Settings in the SAP Gateway
This section explains the security settings for the SAP Gateway, which is used for communication between SAP systems and non-SAP systems, including access control and authorizations.
· Structure linkSecurity Guide ALE (ALE Applications)
This guide explains the security aspects that apply when using Application Link Enabling (ALE), which uses RFC technology, to connect multiple SAP systems.
· Structure linkSecurity Guide for Connectivity with the J2EE Engine
This guide explains the security aspects involved when using the connectivity technologies with the SAP J2EE Engine, which include security when using the J2EE Connector Architecture (JCA) or the Remote Method Invocation (RMI) and P4 protocols.
Note
The SAP Java Connector (JCo) uses RFC for the communication between the connecting components. Therefore, for JCo security, the security guide for RFC.
· Structure linkWeb Services Security
This section provides an overview of the security aspects relevant when using Web services. It provides an overview of the authentication mechanisms supported, the authorization concepts that apply, data communication security using SSL and using digital signatures.
· Structure linkSecurity Guide Communication Interfaces
This section provides information on the security aspects of the Integrated Communication Interface (ICI), specifically the relevant security settings required for the Business Communication Broker (BCB) which is part of the ICI.
Leaving content frame
2007-01-09 20:33:22 · answer #1 · answered by roy_s_jones 6 · 0⤊ 0⤋