SAP Connector .Net webpage security

Kunjan_Anees · ‎03-12-2008

Hi,

We are in process of developing a SAP Connector and .Net web application which will be hosted for access through internet. The solution involves two aspects

1. Querying the SAP for the Purchase order information based on some conditions

2. Update the SAP Database with minor changes to the PO.

We are using SAP Connector to communicate with the SAP database. While developing the POC a security concern was raised as to vulneraibiltiy of exposing the SAP R/3 details in the net.

Can anybody briefly explain as how we can overcome this security risk? Is there something available in .net platform that would protect the security risk of exposing the SAP information available in the SAP connector?

Please do advise.

Thanks,

Anees.

Former Member · ‎03-12-2008

Hi,

The .NET Connector is run on a IIS web server which must be in your Company internal Network and absolutely not be visible on the Internet.

You should use a Reverse Proxy in a DMZ to give access from the Internet to your .Net connector.

If you want very strict security you can even use 2 reverse proxies.

I have a case in my company where we have :

Internet --> Firewall1 --> Apache Reverse proxy --> Firewall 2 --> SAP Web Dispatcher --> Firewall 3 -->

SAP server with BSP application usable from the Internet

Regards,

Olivier

SAP Connector .Net webpage security

Accepted Solutions (0)

Answers (1)

Answers (1)

For application 'Training': Routes cannot be mappe...

How can we use a odata connection of datasphere to...

Re: SQL query is not written completely in framewo...

SQL query is not written completely in framework.t...

Copy from the property of one dimension to the mem...