on 02-11-2008 12:49 PM
Hi,
I have configured the saprouter so that people can remotely access the SAP ECC Servers outside the local area network. The saprouttab file contains the following entry:
P * * *
The parameter login/no_automatic_user_sapstar has also been set to a value 1.
The user DDIC and SAP* can only be accessed using the master password, which is provided at installation time.
Is my network secure enough? Or do I need to take into account some more steps / measures?
Regards.
Hello,
Generally its not recommended to open up your network in the manner you have mentioned, however if its a requirement you cannot deny here is what first comes to my mind:
Use the 'S * * *' instead of 'P * * *' (unless you are using ITS/J2EE and letting people access using HTTP(S)) , this will ensure that people are able to access only SAP protocol and not any other protocol
Use the following link to understand options of saprouter table.
http://help.sap.com/saphelp_47x200/helpdata/en/4f/992dfe446d11d189700000e8322d00/frameset.htm
Also,
It will be a good idea to allow access only to a particular IP Address i.e. the SAP Application Server instead of the entire IP range.
instead of
S * * *
something like:
S * <sap server ip address> *
Regards,
Siddhesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.