Sharing The SAP Solution Manager Among Other Customers
My company is planning to tie-up with a hosting company to host all our existing SAP Systems,
The hosting company is offering the SAP Solman by sharing their existing solution manager system,
Is there any risk for the data security, if we use shared solution manager or give the control on Solution manager to the Hosting company?
(as solution manager can access all the Satellite Systems.)
Please let me know the advantages and disadvantages with the Shared Solution manager system.
Thanks and Regards
Lluis Salvador Suarez replied
I understand that you ask about how secure is the RFC connection from your solution manager to other systems.
you can make that connection in different ways, from solman to managed system:
1.- RFC LOGIN
( that option is as well secure as when you are allowed to acces to a remote system trough login screen; someone give you an user and a password, so here no problems in secure )
2.- RFC TRUSTED and SSO
( with trusted connection and SSO yo don't need to know user, and or password; for TRUSTED rfc connection there is an especial sao note that indicated that this option may not fulfil all secure conditions and can hava gap in vurnerability; the same for SSO but never see a confirmation fron SAP)
Found in SM100 course:
So, for managed system remote connection to solution manager, if you use RFC's with login screen all landscpae (solman and managed system) will be secure (as soon as a hacker read this ).
beside you can use trusted rfc connection trough saprouter vpn option, and that will give you more secure options trough saprouter -> vpn -> firewall -> dmz -> ba bla bla
hope that can help you,