SAP Thought Leadership Paper
Security
Securing Remote Function Calls (RFC)
SAP Security Recommendations
SAP Bee tenes rnTable of Contents
u
4
16
22
23
26
30
33
34
35
Introduction
‘Securing RFC Destination Configuration
Trusted System Security
Secure Network Communication
‘Securing RFC Communication on the Server
Limiting Access to RFC Function Modules
Authorization Maintenance for RFC Communication
Activating Switchable Authorization Checks
‘Securing RFC Communication on the Client
Securing RFC Callback
‘Securing the RFC Gateway
Access Control for External RFC Servers
Access Control for RFC Proxy Requests
Blocking RFC Communication
RFC Security Monitoring
Summary
Appendix
ft 420)Securing Remote Function Calls
Remote function call (RFC) is an SAP-proprietary communication
protocol used by computer systems, including those running
the ABAP*® version of the SAP NetW. r° Application Serve
»mponent. Most SAP customers run business-criti system
communication using RFC technology, with thousands of RFC
function modules ssible over the network. Keeping business
ata tk through RFC secure is as important to
SAP and its customers as ensuring uninterrupted
operations
sy
iS pro
USINESS