The following section describes the security measures you need to take when you use RFC for communication between an SAP system and an external system (a system that is not based on ABAP or SAPJ2EE):
When you use RFC for communication with an external (non-SAP) system, you can also implement the SAP Java Connector or the SAP .Net Connector for the conversion of data. However, there are no specific security requirements for these components, since they only perform internal system conversion functions.
The additional security recommendations for communication with external systems in this section make particular reference to cases where an external system is used as a server (SAP calls the external system). If you use an external system as a client (the external system calls SAP), the appropriate SAP-specific security mechanisms are implemented on the SAP side.
This section contains detailed information about the following topics: