A SAP system communicates with SAP clients, browsers, applications and other SAP systems via the local network. Data is also exchanged between SAP system components. In all cases, data which needs to be protected is transferred. This includes not only the data used to authenticate users (e.g. user name and password, cookies, certificates, etc.), but also business data processed as part of the activated functions.
SAP SNC
Secure Network Communications (SNC) is a software layer developed by SAP which provides end-to-end protection for data communication channels between SAP system components that use SAP protocols such as RFC or DIAG.
The security layers of SNC
With SNC the following security layers are presented for communication:
The SNC itself does not contain a security mechanism, but provides an interface for external security products such as smart cards with the “GSS-API V2” (Generic Security Services Application Programming Interface Version 2).
Only identities of communication partners are checked. Data is sent unencrypted.
all undesired data changes can be detected during transmission. Data is sent unencrypted.
data is transmitted between the partners via cable in encrypted form.