3.8 Configuring Secure Network Communications

Secure Network Communications (SNC) provides additional protection of stronger authentication methods and encryption for securing Remote Function Call (RFC) connections to SAP Advanced Business Application Programming (ABAP) systems.

SAP implements SNC as a layer between the SAP kernel and an external security library that implements the Generic Security Services API (GSS-API). SAP also provides the SAP Cryptographic Library, which is the default SAP security product for performing encryption functions in SAP systems. For more information, see the SAP documentation web site.

SNC protects the logical link between the end points of a communication. The link is initiated from one side and accepted by the other side. For example, when a SAP User Management driver starts communication with the SAP System, the SAP User Management driver is the initiator of the communication and the SAP system is the acceptor. Both sides of the communication link must specify SNC configuration. This section assumes that you have configured the SAP system for using SNC.

SNC is disabled by default in the driver configuration. To enable SNC, you must specify SNC configuration for the driver and point the driver to SAP Cryptographic Library. SNC configuration also requires you to configure Personal Security Environment (PSE) for the SAP system and the driver. PSE is used by both components to verify and authenticate each other, and to store public-private key pairs and public-key certificates. For more information, see Driver Parameters.