SNC is very often used by
SAP customers to secure the data exchange between SAP and external systems. Also
communication form SAP GUI to SAP backend by default is not
encrypted. To secure communication like these and SNC needs to be
implemented in SAP systems landscape.
The SNC or Secure Network Communication is an
interface securing communications between two secure SAP systems; it provides
application-level, end-to-end level of security. Protection is usually provided
by an external security product that is available to SAP system using SNC
interface. The interface complies with internet standard Generic Security Services
Application Programming Interface (GSS API) version 2. The default product
provided by SAP is the SAP
Cryptographic Library, which you can use for SNC between SAP System server
components.
Sometime there is a question form customers whether
they do have the SNC in place. How to quickly check this? There are couples of
ways…
1. By running Function Module SNC_CHECK_ACTIVE: The FM has no import parameters. Therefore just
open the tcode SE37 put the name of the FM and run it. In case the SNC is
enabled in particular SAP system there is export parameter ACTIVE set to X returned.
2. table USRACL:
it stored SNC Access Control List (ACL)for users. In case the SNC is enabled
every user recognized in field BNAME has field PNAME populated. In that field a
canonical name is stored in format:
p:CN=@company_domain
e.g.
p:CN=MMARUSKIN@MARUSKIN.EU
3. t-code SU01:
in case the SNC is enabled an particular user has following data in tab strip
called SNC:
SNC
Status: SNC is active on this application server
SNC
Data: SNC Name: p:CN=@company_domain
No comments:
Post a Comment