Entering content frame

Background documentation Measures Under UNIX Locate the document in its SAP Library structure

The following sections describe the measures that you need to take for the database system under UNIX:

·        General Security Measures for Software Installation

·        Security Measures for Operating System Users

·        Authorization Concept for Database-Related Resources

Caution

Since the communication path between a liveCache server and its application server has not yet been secured with encryption technology (SSL), it is very important that you run the liveCache server and the application server in the same (secure) subnetwork.

You must secure the communication path between a liveCache server and an application server using external tools. We recommend setting up a virtual private network tunnel (VPN tunnel) between the application server and liveCache server. There are various standard products available – ranging from pure software solutions to special hardware.

The solution you choose should be IPSec-compatible and work in accordance with a modern standard, such as Triple DES (3DES) or Advanced Encryption Standard (AES). The somewhat older Data Encryption Standard (DES) is now considered outdated.

You can now encrypt all other communication paths using SAP’s own tools so that there is no eavesdropping. However, for these communication paths too, you should consider using VPN instead of SNC or SSL technology. You can thus connect all communication paths with each other using a global VPN system.

In general, you should take a careful look at the entire installation and, in particular, the network technology. A VPN-based infrastructure is a recommendable option that can optimize the entire system when using additional hardware for encryption.

 

 

Leaving content frame