on 03-12-2008 8:31 AM
Hi,
We are in process of developing a SAP Connector and .Net web application which will be hosted for access through internet. The solution involves two aspects
1. Querying the SAP for the Purchase order information based on some conditions
2. Update the SAP Database with minor changes to the PO.
We are using SAP Connector to communicate with the SAP database. While developing the POC a security concern was raised as to vulneraibiltiy of exposing the SAP R/3 details in the net.
Can anybody briefly explain as how we can overcome this security risk? Is there something available in .net platform that would protect the security risk of exposing the SAP information available in the SAP connector?
Please do advise.
Thanks,
Anees.
Hi,
The .NET Connector is run on a IIS web server which must be in your Company internal Network and absolutely not be visible on the Internet.
You should use a Reverse Proxy in a DMZ to give access from the Internet to your .Net connector.
If you want very strict security you can even use 2 reverse proxies.
I have a case in my company where we have :
Internet --> Firewall1 --> Apache Reverse proxy --> Firewall 2 --> SAP Web Dispatcher --> Firewall 3 -->
SAP server with BSP application usable from the Internet
Regards,
Olivier
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks Olivier,
I now have fairly got the concept about these web hostings.
If possible can you briefly explain as to how does this reverse proxy help in concealing the R/3 details? Also, do you have some docs that could help me convincing our ISQ team regarding the security vulnerability they have been highlighting?
Thanks,
Regards,
Anees.
User | Count |
---|---|
84 | |
10 | |
10 | |
10 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.