Use of network security products
[authentication] [cards] [data] [DCE] [encryption] [network security] [pc security 2009] [privacy] [Secure] [security] [Sign-On] [Single] [smart] [spring security]
Related:
- SPNego WizardSymptom You are configuring Kerberos Authentication mechanism on SAP AS...
- Security Troubleshooting Guide For NetWeaver J2EE 640/700Symptom This note contains a troubleshooting guide which can be...
- Single Sign-On for Runtime WorkbenchSymptom Repeated logon in the Runtime Workbench. Other terms Single...
Symptom
Inquiries:
Preconditions when using network security productsSecure authentication and confidentiality
Other terms
Security, Secure Single Sign-On, encryption, data security, DCE, smart cards, secure authentication, privacy
Reason and Prerequisites
The SNC functions are officially available in SAP Systems as of Release 3.1G.
Solution
The SNC (Secure Network Communications) functions allow you to use an external security product to secure the communications between SAP System components (for example, between application servers and frontend clients).
1. What is the aim of the SNC functions? =====================================
With SNC, you can use encryption to provide:
Secure user authenticationIntegrity and privacy protection for data transferEnd-to-end security at the application level
The SNC functions can be used by security products that have implemented the standardized interface GSS-AP1 v2 and whose services are available to the SAP System in the form of a shared library or DLL (see Internet RFC 2078).
2. Certification of external security products with GSS-API ========================================================
Products need to be certified by the SAP Software Program.
“Certified” means that the security product has been tested for interoperability with SAP Systems by the SAP Software Partner Program. The requirements are based on the standardized interface GSS-API v2.
For more information on the Software Partner Programm, see:
http://www.sap.com/softwarepartner
For more information on existing security software partners, see:
https://www.sdn.sap.com/irj/sdn/security
under Partners -> Certified Security Partners
For the search criteria, select the Certification Category “Secure network communication” and choose “Search”.
Products to be certified should generally be supported by all SAP System platforms.
Note also that SNC support is only available for 32-bit frontends (not Windows 3.1).
The network security products can be purchased from any manufacturer. It is the customer’s responsibility to make sure to what extent local laws may restrict the use of cryptography.
a) Documentation: SNC User’s Guide ===============================
The SNC User’s Guide is available on the SAP Help Portal at http://help.sap.com/saphelp_nw70ehp1/helpdata/en/e6/ 56f466e99a11d1a5b00000e835363f/frameset.htm (Release 7.01).
This documentation describes how to set up SNC for each of the various SAP system components.
![[del.icio.us]](http://images.del.icio.us/static/img/delicious.small.gif){kind=small}