Security Measures – Overview (RFC)

To guarantee the security of your RFC connections, include the following points in your setup and take the appropriate measures:

General Measures

·        Restrict maintenance authorizations for RFC destinations (transaction SM59)

·        Store user information for system users only (not for dialog users)

·        Restrict access to the table RFCDES (information on RFC destinations)

·        Use authorization checks in (application) function modules if you want to call these modules using RFC.

·        Use secure network communications.

·        Deactivate remote monitoring of the SAP Gateways

Special Measures for External RFC Servers

·        Prevent misuse of the RFC Software Development Kit

·        Allow RFC connections from known and selected systems only

·        Restrict the use of external RFC server programs

·        Restrict access to the RFC server program RFCEXEC or RFCEXEC.EXE.

For a more detailed description of these measures, see the appropriate scenario.

Further Information

·        RFC Communication Between SAP Systems

·        RFC Communication Between SAP Systems and External (Non-SAP) Systems

Also read the following security information about the SAP Gateway:

Security Settings in the SAP Gateway

You can use the Security Audit Log to monitor RFC calls:

Security Audit Log