Network and Transport Layer Security

Purpose

You can provide for security at the transport layer for securing connections between SAP NetWeaver system components. When using transport layer security, the data transfer not only protected against eavesdropping by using encryption, the communication partners can be authenticated as well.

Implementation Considerations

Protection is provided in two forms, depending on the type of communication that is being used. For connections that use Internet protocols such as HTTP, you can use the quasi-standard Secure Sockets Layer (SSL) protocol. For SAP protocols such as RFC or dialog, you can use Secure Network Communications (SNC). We also provide information about how to set up an intermediary server and configure it for using SSL.

See:

?     Using the Secure Sockets Layer Protocol with the SAP Web AS ABAP

?     Transport Layer Security on the SAP J2EE Engine

?     Using the SAP Web Dispatcher to Connect to the SAP Web AS ABAP

0     Configuring the SAP Web Dispatcher to Support SSL

?     Using an Intermediary Server to Connect to the J2EE Engine

?     Secure Network Communications (SNC)

?     Using the SAP Cryptographic Library for SNC

Features

Using transport layer security provides for the following protection:

?     Authentication

The communication partners can be authenticated. With SSL, you can set up the connections so that only the server component for the connection is authenticated or that both partners are authenticated. With SNC, both partners are always authenticated.

?     Data integrity

The data being transferred between the client and the server is protected so that any manipulation of the data is detected.

?     Data privacy

The data being transferred between the client and the server is also encrypted, which provides for privacy protection. An eavesdropper cannot access the data.

Constraints

We do provide encryption software that is necessary for using SSL and SNC, however, due to export regulations, this software is not delivered with the SAP systems directly and is not available to all customers. For more information and to see if you can obtain the corresponding software, see the download area on the SAP Service Marketplace at http://service.sap.com/download.